$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/242/DD4NE2o3nWzM1DjDE8YHPbe6DCg.roa File: DD4NE2o3nWzM1DjDE8YHPbe6DCg.roa (raw, json) Hash identifier: 6J+PrhQaHylTx+oaD6shsiwJp4cgZ5zsIRZKavwyvOo= Subject key identifier: 0C:3E:0D:13:6A:37:9D:6C:CC:D4:38:C3:13:C6:07:3D:B7:BA:0C:28 Certificate issuer: /CN=0A6F972D24078F89088ED110A26DCDF90A9EBCEA Certificate serial: 0CCA Authority key identifier: 0A:6F:97:2D:24:07:8F:89:08:8E:D1:10:A2:6D:CD:F9:0A:9E:BC:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Cm-XLSQHj4kIjtEQom3N-QqevOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/DD4NE2o3nWzM1DjDE8YHPbe6DCg.roa Signing time: Fri 22 Mar 2024 03:04:00 +0000 ROA not before: Fri 22 Mar 2024 03:04:00 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 37963 IP address blocks: 59.82.136.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/Cm-XLSQHj4kIjtEQom3N-QqevOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/Cm-XLSQHj4kIjtEQom3N-QqevOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Cm-XLSQHj4kIjtEQom3N-QqevOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 01 Jul 2024 15:17:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3274 (0xcca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0A6F972D24078F89088ED110A26DCDF90A9EBCEA Validity Not Before: Mar 22 03:04:00 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=0C3E0D136A379D6CCCD438C313C6073DB7BA0C28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:26:12:d9:a3:31:5a:21:4e:a0:a1:1f:8c:85: 18:b7:fb:66:02:32:3c:ca:4d:c0:e0:0f:da:6b:1d: 35:f8:4f:a8:b6:d3:c8:39:5e:56:d7:f1:3a:c8:5c: f6:9d:0b:1a:8f:79:5c:19:40:18:bd:10:fb:99:a0: cb:e7:e1:36:78:7b:14:e2:d6:66:75:c5:15:ab:18: e1:37:eb:91:6b:0d:39:3f:d5:c3:b2:e7:38:09:1a: cd:bd:92:64:cb:c5:87:96:82:4f:38:8e:f7:02:e7: 7a:9d:b6:63:58:3a:fb:e6:ee:8e:8f:93:75:28:d4: 0d:20:8a:2f:20:ed:a0:ad:16:77:0d:b7:00:08:98: c1:63:69:2b:d4:39:d2:a8:a9:a4:05:d1:6b:f7:76: 4e:28:3b:2c:f0:5d:61:10:e4:b4:03:7f:28:a7:f4: 78:cc:db:7f:b7:62:e3:85:47:af:0e:83:1b:13:e9: 73:3d:15:b7:cb:0d:fa:96:61:15:8f:bf:1b:e9:6f: 0b:97:29:0b:82:08:f6:aa:bb:ce:ef:2f:8b:79:5b: ad:77:b9:71:ab:66:9e:77:43:16:cf:fe:64:9d:47: 9e:b9:b5:ed:2b:f9:5b:40:ce:29:7f:74:f0:2d:e8: 30:94:fc:55:27:ed:91:aa:43:2a:cd:ad:25:54:82: f9:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:3E:0D:13:6A:37:9D:6C:CC:D4:38:C3:13:C6:07:3D:B7:BA:0C:28 X509v3 Authority Key Identifier: keyid:0A:6F:97:2D:24:07:8F:89:08:8E:D1:10:A2:6D:CD:F9:0A:9E:BC:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/Cm-XLSQHj4kIjtEQom3N-QqevOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Cm-XLSQHj4kIjtEQom3N-QqevOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/DD4NE2o3nWzM1DjDE8YHPbe6DCg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 59.82.136.0/21 Signature Algorithm: sha256WithRSAEncryption 8a:3d:d0:63:56:bd:34:23:1a:21:1e:ee:94:14:48:7b:1d:03: c1:53:cb:82:7c:fa:45:8b:a9:39:15:7a:2d:1b:30:ff:0e:34: 44:11:c9:7d:4a:c0:f8:70:05:12:c8:79:fc:7e:88:df:cf:9d: 6c:29:62:83:b7:17:fb:ff:2a:40:4d:8b:08:1b:2a:af:43:49: 95:30:95:fd:f6:68:4f:85:89:fb:63:bc:3b:35:ba:d7:f2:fb: 6b:cd:61:e5:5c:ed:ae:fc:52:4e:a5:ac:e6:fb:6a:0b:6d:d1: 1d:03:d3:1f:7f:8f:96:d4:cc:9f:a7:1d:29:07:0a:13:31:da: ec:61:20:24:ce:a2:47:49:e1:92:23:dc:85:60:cb:f0:4b:65: 6c:d8:47:b0:6e:61:32:8d:0b:6c:a4:49:6b:fe:d2:b1:42:9e: 2d:f9:e6:72:19:08:7b:57:58:d8:21:15:00:a0:06:6b:83:46: fd:eb:fa:59:5c:30:55:b7:e5:68:f1:ca:3e:63:71:63:62:5c: ee:ee:97:1c:f1:33:dc:6e:d1:28:fb:93:da:14:a0:07:60:33: ea:80:c6:0b:f2:1a:d3:b7:e3:1b:14:1d:c8:18:4b:99:f5:24: 0e:e7:58:15:92:d3:16:cc:43:81:05:ca:b2:8c:87:21:0b:22: ee:b1:28:6b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDMowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEE2 Rjk3MkQyNDA3OEY4OTA4OEVEMTEwQTI2RENERjkwQTlFQkNFQTAeFw0yNDAzMjIw MzA0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBDM0UwRDEzNkEzNzlE NkNDQ0Q0MzhDMzEzQzYwNzNEQjdCQTBDMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHJhLZozFaIU6goR+MhRi3+2YCMjzKTcDgD9prHTX4T6i208g5 XlbX8TrIXPadCxqPeVwZQBi9EPuZoMvn4TZ4exTi1mZ1xRWrGOE365FrDTk/1cOy 5zgJGs29kmTLxYeWgk84jvcC53qdtmNYOvvm7o6Pk3Uo1A0gii8g7aCtFncNtwAI mMFjaSvUOdKoqaQF0Wv3dk4oOyzwXWEQ5LQDfyin9HjM23+3YuOFR68OgxsT6XM9 FbfLDfqWYRWPvxvpbwuXKQuCCPaqu87vL4t5W613uXGrZp53QxbP/mSdR565te0r +VtAzil/dPAt6DCU/FUn7ZGqQyrNrSVUgvlNAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUDD4NE2o3nWzM1DjDE8YHPbe6DCgwHwYDVR0jBBgwFoAUCm+XLSQHj4kIjtEQ om3N+QqevOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQy L0NtLVhMU1FIajRrSWp0RVFvbTNOLVFxZXZPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvQ20tWExTUUhqNGtJanRFUW9tM04tUXFldk9vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQyL0RENE5FMm8zbld6TTFE akRFOFlIUGJlNkRDZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAM7UogwDQYJKoZIhvcNAQELBQADggEBAIo90GNWvTQjGiEe7pQUSHsdA8FTy4J8 +kWLqTkVei0bMP8ONEQRyX1KwPhwBRLIefx+iN/PnWwpYoO3F/v/KkBNiwgbKq9D SZUwlf32aE+FiftjvDs1utfy+2vNYeVc7a78Uk6lrOb7agtt0R0D0x9/j5bUzJ+n HSkHChMx2uxhICTOokdJ4ZIj3IVgy/BLZWzYR7BuYTKNC2ykSWv+0rFCni355nIZ CHtXWNghFQCgBmuDRv3r+llcMFW35Wjxyj5jcWNiXO7ulxzxM9xu0Sj7k9oUoAdg M+qAxgvyGtO34xsUHcgYS5n1JA7nWBWS0xbMQ4EFyrKMhyELIu6xKGs= -----END CERTIFICATE-----Generated at Mon Jul 1 11:16:15 2024 by rpki-client on console-fra.rpki-client.org