$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/7hLQo2jX9sCx4Fq0JltJVYxjOow.roa File: 7hLQo2jX9sCx4Fq0JltJVYxjOow.roa (raw, json) Hash identifier: nMwzMYWulxDRuoPlh6XOhLF1yaoXwBU9a7MPEggAXU0= Subject key identifier: EE:12:D0:A3:68:D7:F6:C0:B1:E0:5A:B4:26:5B:49:55:8C:63:3A:8C Certificate issuer: /CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Certificate serial: 15EA Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7hLQo2jX9sCx4Fq0JltJVYxjOow.roa Signing time: Wed 13 Mar 2024 01:22:27 +0000 ROA not before: Wed 13 Mar 2024 01:22:27 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 4837 IP address blocks: 118.184.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5610 (0x15ea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Validity Not Before: Mar 13 01:22:27 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=EE12D0A368D7F6C0B1E05AB4265B49558C633A8C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:19:c3:49:8c:8e:40:4d:0f:c0:36:76:87:ee: 60:a2:e2:cd:7e:6e:2b:09:d8:f8:03:56:5e:b6:dc: 1d:1f:30:3e:0f:3b:01:22:ff:0f:b8:52:99:5b:d9: c2:30:30:fd:fa:ba:57:67:b7:33:1d:d5:e1:5f:2b: 9f:88:02:f0:15:b8:61:01:cd:31:37:48:e3:8c:31: d6:21:03:77:16:c2:d2:73:8a:d6:6c:44:7f:6a:8b: 10:ed:7b:5d:8d:91:82:b6:91:b9:ac:99:31:10:d5: 2e:5f:c3:17:2a:fc:bd:f9:f7:f8:c2:22:e5:d8:57: 6f:8c:56:35:6d:38:11:ba:75:af:f7:93:d4:64:e4: 0f:79:57:7a:3a:be:80:02:55:9d:65:32:c1:5b:65: a5:e0:48:19:70:55:4e:19:d3:ff:90:d4:0d:f7:be: f2:ba:e6:7b:34:06:dc:7f:f0:49:c3:06:1d:5e:c8: 17:72:88:5a:15:50:6d:e2:77:69:61:83:bd:66:f2: 7e:0e:2d:fb:bb:83:76:35:d6:f2:96:51:25:6d:94: c1:a2:76:08:3c:77:cb:5a:3d:f8:67:65:5d:b7:de: d1:56:48:41:17:ed:e1:62:86:e8:02:9c:8e:3c:c4: 23:48:2d:d9:8d:b7:c7:c5:88:dd:da:89:6e:24:0e: e7:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:12:D0:A3:68:D7:F6:C0:B1:E0:5A:B4:26:5B:49:55:8C:63:3A:8C X509v3 Authority Key Identifier: keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7hLQo2jX9sCx4Fq0JltJVYxjOow.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.184.128.0/17 Signature Algorithm: sha256WithRSAEncryption a0:aa:58:4f:be:90:b4:60:d0:f9:db:53:56:22:78:56:75:dd: 9d:3b:40:1f:8f:c9:07:da:05:88:e5:cf:cb:60:b9:3a:73:3e: fe:ff:02:b8:49:24:7a:92:c5:7f:c9:dc:f5:b0:32:ff:62:e2: e5:7f:60:8d:2b:43:d3:43:20:87:64:02:88:56:a9:72:55:95: a8:00:da:bd:6f:d0:d4:ca:2e:32:62:8c:86:f6:de:0d:59:9f: 3b:6c:08:12:b0:20:1a:22:ee:40:44:8e:e3:76:81:13:eb:c5: 0d:76:ce:19:81:86:4b:b3:c4:8f:ad:48:4b:ee:7e:9b:dd:fc: 43:32:be:7c:39:80:b2:b1:30:ed:fe:28:73:ab:c9:f9:e2:4e: bb:ce:ec:1e:52:33:88:a9:dc:78:fe:54:25:cd:81:1c:d3:63: f4:49:da:2d:47:f0:ba:32:9b:67:2a:26:0e:6f:39:6b:2e:9b: 9b:78:72:a9:ab:a0:b5:1b:1a:6f:75:34:54:18:62:89:ab:7d: 56:76:44:60:cc:18:79:ef:14:e5:68:6b:22:44:93:9a:2f:b2: 46:9b:f8:65:6c:e7:b1:3f:a9:58:17:1d:a8:5f:ef:3a:45:73: 9a:c2:70:f1:e8:17:8a:fb:34:32:3e:96:7c:a2:be:c3:87:7f: 92:a3:f8:f3 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFeowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNDAzMTMw MTIyMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVFMTJEMEEzNjhEN0Y2 QzBCMUUwNUFCNDI2NUI0OTU1OEM2MzNBOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8GcNJjI5ATQ/ANnaH7mCi4s1+bisJ2PgDVl623B0fMD4POwEi /w+4Uplb2cIwMP36uldntzMd1eFfK5+IAvAVuGEBzTE3SOOMMdYhA3cWwtJzitZs RH9qixDte12NkYK2kbmsmTEQ1S5fwxcq/L359/jCIuXYV2+MVjVtOBG6da/3k9Rk 5A95V3o6voACVZ1lMsFbZaXgSBlwVU4Z0/+Q1A33vvK65ns0Btx/8EnDBh1eyBdy iFoVUG3id2lhg71m8n4OLfu7g3Y11vKWUSVtlMGidgg8d8taPfhnZV233tFWSEEX 7eFihugCnI48xCNILdmNt8fFiN3aiW4kDuehAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU7hLQo2jX9sCx4Fq0JltJVYxjOowwHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ +wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvN2hMUW8yalg5c0N4 NEZxMEpsdEpWWXhqT293LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEB3a4gDANBgkqhkiG9w0BAQsFAAOCAQEAoKpYT76QtGDQ+dtTViJ4VnXdnTtA H4/JB9oFiOXPy2C5OnM+/v8CuEkkepLFf8nc9bAy/2Li5X9gjStD00Mgh2QCiFap clWVqADavW/Q1MouMmKMhvbeDVmfO2wIErAgGiLuQESO43aBE+vFDXbOGYGGS7PE j61IS+5+m938QzK+fDmAsrEw7f4oc6vJ+eJOu87sHlIziKnceP5UJc2BHNNj9Ena LUfwujKbZyomDm85ay6bm3hyqaugtRsab3U0VBhiiat9VnZEYMwYee8U5WhrIkST mi+yRpv4ZWznsT+pWBcdqF/vOkVzmsJw8egXivs0Mj6WfKK+w4d/kqP48w== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:09 2024 by rpki-client on console-fra.rpki-client.org