$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/2t9z-mAVBAfPPjta5cdq-xdY6FY.roa File: 2t9z-mAVBAfPPjta5cdq-xdY6FY.roa (raw, json) Hash identifier: NB7QEK3n7SM2IFPIg3WvdnreNxTMHdZ7cexpOwaBXGw= Subject key identifier: DA:DF:73:FA:60:15:04:07:CF:3E:3B:5A:E5:C7:6A:FB:17:58:E8:56 Certificate issuer: /CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Certificate serial: 15E8 Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/2t9z-mAVBAfPPjta5cdq-xdY6FY.roa Signing time: Wed 13 Mar 2024 01:22:26 +0000 ROA not before: Wed 13 Mar 2024 01:22:26 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 23650 IP address blocks: 118.184.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5608 (0x15e8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Validity Not Before: Mar 13 01:22:26 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=DADF73FA60150407CF3E3B5AE5C76AFB1758E856 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:e3:62:8e:7b:c0:d3:28:6d:30:5d:4a:0e:a0: 1e:2b:41:31:f0:c5:e6:9a:68:6f:ee:9d:19:46:bc: d4:03:0e:36:c1:af:35:43:0c:c4:1e:3b:86:37:d8: a7:85:61:f1:88:6f:7f:24:e2:32:2f:ab:d2:d6:7d: 41:8f:f3:a3:d8:ba:6d:76:70:88:02:2a:e4:84:71: 36:53:bd:52:6e:fc:10:ff:ed:3c:e4:76:07:74:65: 68:ef:60:3f:65:d4:9d:fc:e0:84:80:9f:f2:7a:eb: 10:2d:77:26:d2:86:a0:ad:10:4e:97:69:3e:2a:4b: d7:b8:dd:1b:ec:a1:2a:55:dc:57:51:3a:3f:17:46: c3:1b:05:17:64:22:e1:55:e7:bf:ea:a5:24:33:de: d7:3e:49:09:92:a3:c9:60:6e:69:0a:e6:5f:c9:37: f7:b7:22:21:a1:ce:d4:b5:7a:fa:10:83:89:47:96: 7e:00:85:7a:74:47:c1:c4:7d:7e:19:2a:a6:f9:04: 40:25:4b:df:fb:8b:68:04:01:8a:f8:b6:e9:23:3d: 79:38:21:16:49:d4:b3:b2:3c:c0:79:3a:d5:d6:0f: fa:6d:d8:cc:a2:de:19:77:6f:b0:a5:21:ee:3d:de: 4c:63:0b:f4:c0:e8:13:fe:32:58:1a:b3:20:ac:6c: 6a:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:DF:73:FA:60:15:04:07:CF:3E:3B:5A:E5:C7:6A:FB:17:58:E8:56 X509v3 Authority Key Identifier: keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/2t9z-mAVBAfPPjta5cdq-xdY6FY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.184.128.0/17 Signature Algorithm: sha256WithRSAEncryption b1:49:f5:db:0e:77:fe:3e:fb:77:8e:93:fb:da:97:d7:fe:52: e0:d3:71:7e:1f:cc:f0:e8:5e:41:93:39:bf:c4:bd:04:72:79: ea:3f:b1:92:89:b3:d1:5d:a5:5a:6c:0e:80:2a:98:b2:62:b3: 72:b7:4c:45:3d:e1:e4:12:06:74:ee:80:35:fd:6c:b0:1f:9b: 73:14:1f:0d:04:9d:21:70:22:8d:4d:0e:b1:77:e7:1a:9a:2b: e5:b0:db:c8:dc:f0:6a:15:c7:8d:a5:a8:42:4f:c8:37:4b:bc: 2f:4c:da:3d:7b:d3:46:75:3e:58:52:b8:34:6d:29:64:27:d1: e3:ae:a8:90:1c:d5:08:24:a2:c7:27:fe:62:94:72:ce:2b:c0: a4:51:83:c5:39:84:da:c2:e5:52:ae:03:af:e6:76:ed:70:5b: 69:5f:69:7a:cc:40:2e:fe:30:b7:8d:cd:62:8a:f1:20:de:b0: e5:c6:92:3c:ca:99:73:fd:d9:47:fb:8e:cb:52:5a:6b:03:5f: bd:6e:9f:58:a7:75:5e:5c:ef:7a:40:98:79:42:5d:13:1b:41: 55:a2:38:4b:56:76:3c:c2:57:3d:8f:df:23:5f:59:4e:a2:a3: a8:48:32:67:9e:05:20:b6:21:86:39:a4:06:79:a4:29:7c:39: e2:75:a2:d1 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFegwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNDAzMTMw MTIyMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBREY3M0ZBNjAxNTA0 MDdDRjNFM0I1QUU1Qzc2QUZCMTc1OEU4NTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJ42KOe8DTKG0wXUoOoB4rQTHwxeaaaG/unRlGvNQDDjbBrzVD DMQeO4Y32KeFYfGIb38k4jIvq9LWfUGP86PYum12cIgCKuSEcTZTvVJu/BD/7Tzk dgd0ZWjvYD9l1J384ISAn/J66xAtdybShqCtEE6XaT4qS9e43RvsoSpV3FdROj8X RsMbBRdkIuFV57/qpSQz3tc+SQmSo8lgbmkK5l/JN/e3IiGhztS1evoQg4lHln4A hXp0R8HEfX4ZKqb5BEAlS9/7i2gEAYr4tukjPXk4IRZJ1LOyPMB5OtXWD/pt2Myi 3hl3b7ClIe493kxjC/TA6BP+MlgasyCsbGrPAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU2t9z+mAVBAfPPjta5cdq+xdY6FYwHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ +wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvMnQ5ei1tQVZCQWZQ UGp0YTVjZHEteGRZNkZZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEB3a4gDANBgkqhkiG9w0BAQsFAAOCAQEAsUn12w53/j77d46T+9qX1/5S4NNx fh/M8OheQZM5v8S9BHJ56j+xkomz0V2lWmwOgCqYsmKzcrdMRT3h5BIGdO6ANf1s sB+bcxQfDQSdIXAijU0OsXfnGpor5bDbyNzwahXHjaWoQk/IN0u8L0zaPXvTRnU+ WFK4NG0pZCfR466okBzVCCSixyf+YpRyzivApFGDxTmE2sLlUq4Dr+Z27XBbaV9p esxALv4wt43NYorxIN6w5caSPMqZc/3ZR/uOy1JaawNfvW6fWKd1XlzvekCYeUJd ExtBVaI4S1Z2PMJXPY/fI19ZTqKjqEgyZ54FILYhhjmkBnmkKXw54nWi0Q== -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:44 2024 by rpki-client on console-ams.rpki-client.org