$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/247/X4pYNSPJeXNKBqvcrBnAcLKoIaw.roa File: X4pYNSPJeXNKBqvcrBnAcLKoIaw.roa (raw, json) Hash identifier: O0PQ+gk9UDE/Gvwvy0bV4DHIQ7RX9GTWMViTdZfSQCY= Subject key identifier: 5F:8A:58:35:23:C9:79:73:4A:06:AB:DC:AC:19:C0:70:B2:A8:21:AC Certificate issuer: /CN=23320A4BAF0AF9313530EC99D3686433703E071F Certificate serial: 18E4 Authority key identifier: 23:32:0A:4B:AF:0A:F9:31:35:30:EC:99:D3:68:64:33:70:3E:07:1F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IzIKS68K-TE1MOyZ02hkM3A-Bx8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/247/X4pYNSPJeXNKBqvcrBnAcLKoIaw.roa Signing time: Wed 13 Mar 2024 01:21:49 +0000 ROA not before: Wed 13 Mar 2024 01:21:49 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 54994 IP address blocks: 203.130.50.0/24 maxlen: 24 203.130.52.0/24 maxlen: 24 203.130.63.0/24 maxlen: 24 220.243.248.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/247/IzIKS68K-TE1MOyZ02hkM3A-Bx8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/247/IzIKS68K-TE1MOyZ02hkM3A-Bx8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IzIKS68K-TE1MOyZ02hkM3A-Bx8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 22:22:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6372 (0x18e4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23320A4BAF0AF9313530EC99D3686433703E071F Validity Not Before: Mar 13 01:21:49 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=5F8A583523C979734A06ABDCAC19C070B2A821AC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:78:35:89:0c:12:77:f3:16:81:42:d4:25:07: 40:f8:23:23:fb:b5:54:d5:6b:3c:c0:9b:4b:71:71: d2:0f:7a:45:92:f5:23:d0:cd:82:e6:7c:14:b9:eb: e4:ec:35:b9:c4:7b:29:f8:c8:9b:4d:91:d8:7e:28: a3:b4:e1:4e:58:39:86:24:15:3c:df:f0:9a:a3:ac: 76:01:ad:9c:32:32:3a:5c:57:0e:9d:9a:82:01:16: 0f:30:b1:dc:47:dc:42:92:d7:72:e5:58:13:8f:78: 1b:3e:db:e1:30:49:a8:45:5d:3a:cf:fe:d2:1e:c5: 10:5e:b1:17:cc:4d:22:b7:e7:fe:a9:4c:c5:0f:ef: a8:54:e7:db:9d:4b:da:be:85:75:9b:9e:f0:57:0d: 98:5c:a2:39:8f:37:73:cb:86:1b:70:11:b7:e3:f1: 3a:94:f2:f0:eb:4a:cd:56:a2:59:15:fe:a9:52:f8: 38:9b:26:3a:12:c1:c6:82:c2:c6:a8:68:9f:83:aa: d6:73:9a:d0:86:21:0a:02:a8:00:03:e8:5c:7f:b6: 38:23:26:ac:5d:c2:f8:07:3d:91:c8:eb:ee:28:4c: b8:78:c3:75:74:b3:3f:32:17:03:a8:01:a4:1d:59: 02:aa:ac:42:63:bb:8e:b2:76:ee:d7:7f:0d:4b:74: f3:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:8A:58:35:23:C9:79:73:4A:06:AB:DC:AC:19:C0:70:B2:A8:21:AC X509v3 Authority Key Identifier: keyid:23:32:0A:4B:AF:0A:F9:31:35:30:EC:99:D3:68:64:33:70:3E:07:1F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/247/IzIKS68K-TE1MOyZ02hkM3A-Bx8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IzIKS68K-TE1MOyZ02hkM3A-Bx8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/247/X4pYNSPJeXNKBqvcrBnAcLKoIaw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.130.50.0/24 203.130.52.0/24 203.130.63.0/24 220.243.248.0/24 Signature Algorithm: sha256WithRSAEncryption a9:ab:89:de:a4:38:ae:03:06:52:dc:c6:10:a6:85:03:55:7d: 79:4a:5d:16:63:5d:73:37:77:06:87:4d:47:e1:8c:20:ec:a3: 68:48:3a:78:24:50:a2:ff:78:73:e2:0d:66:fc:d3:d2:42:d8: 82:a6:e3:4c:3e:27:d4:56:59:46:b9:f5:dc:94:31:81:b4:80: ba:7e:04:db:68:54:0a:6d:82:61:f5:a4:48:de:65:c3:1d:2f: 6c:97:e9:fc:6d:14:76:4b:57:22:5d:00:78:b3:ba:15:5f:e7: b9:dd:c7:ce:d3:54:78:7c:3e:71:af:b7:35:4d:e0:52:e3:0b: ae:5b:90:fa:2d:41:71:e4:e1:f9:87:74:cf:37:00:26:fc:6a: 4e:a2:1a:35:d9:ba:14:63:dc:1e:68:d6:26:3e:ec:a3:1d:9c: 64:b3:d6:a9:14:a9:83:11:2d:ce:21:98:f6:7b:7b:39:b7:bb: 81:7f:16:90:86:a4:cd:0e:a3:25:f0:c6:94:bd:40:3d:c5:9f: 4d:40:02:f7:d4:8e:09:60:57:fa:a3:f1:53:bf:ba:7c:59:2a: 2e:4a:18:b2:10:17:d4:70:ab:b6:2b:ad:30:14:3f:31:67:8b: 64:2c:b1:1d:f0:0d:fb:8d:a0:7d:29:8a:5f:ef:0d:ed:a0:ec: da:af:3d:7f -----BEGIN CERTIFICATE----- MIIE5zCCA8+gAwIBAgICGOQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjMz MjBBNEJBRjBBRjkzMTM1MzBFQzk5RDM2ODY0MzM3MDNFMDcxRjAeFw0yNDAzMTMw MTIxNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVGOEE1ODM1MjNDOTc5 NzM0QTA2QUJEQ0FDMTlDMDcwQjJBODIxQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCReDWJDBJ38xaBQtQlB0D4IyP7tVTVazzAm0txcdIPekWS9SPQ zYLmfBS56+TsNbnEeyn4yJtNkdh+KKO04U5YOYYkFTzf8JqjrHYBrZwyMjpcVw6d moIBFg8wsdxH3EKS13LlWBOPeBs+2+EwSahFXTrP/tIexRBesRfMTSK35/6pTMUP 76hU59udS9q+hXWbnvBXDZhcojmPN3PLhhtwEbfj8TqU8vDrSs1WolkV/qlS+Dib JjoSwcaCwsaoaJ+DqtZzmtCGIQoCqAAD6Fx/tjgjJqxdwvgHPZHI6+4oTLh4w3V0 sz8yFwOoAaQdWQKqrEJju46ydu7Xfw1LdPN3AgMBAAGjggIDMIIB/zAdBgNVHQ4E FgQUX4pYNSPJeXNKBqvcrBnAcLKoIawwHwYDVR0jBBgwFoAUIzIKS68K+TE1MOyZ 02hkM3A+Bx8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQ3 L0l6SUtTNjhLLVRFMU1PeVowMmhrTTNBLUJ4OC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvSXpJS1M2OEstVEUxTU95WjAyaGtNM0EtQng4LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQ3L1g0cFlOU1BKZVhOS0Jx dmNyQm5BY0xLb0lhdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgD BADLgjIDBADLgjQDBADLgj8DBADc8/gwDQYJKoZIhvcNAQELBQADggEBAKmrid6k OK4DBlLcxhCmhQNVfXlKXRZjXXM3dwaHTUfhjCDso2hIOngkUKL/eHPiDWb809JC 2IKm40w+J9RWWUa59dyUMYG0gLp+BNtoVAptgmH1pEjeZcMdL2yX6fxtFHZLVyJd AHizuhVf57ndx87TVHh8PnGvtzVN4FLjC65bkPotQXHk4fmHdM83ACb8ak6iGjXZ uhRj3B5o1iY+7KMdnGSz1qkUqYMRLc4hmPZ7ezm3u4F/FpCGpM0OoyXwxpS9QD3F n01AAvfUjglgV/qj8VO/unxZKi5KGLIQF9Rwq7YrrTAUPzFni2QssR3wDfuNoH0p il/vDe2g7NqvPX8= -----END CERTIFICATE-----Generated at Mon Nov 25 20:22:05 2024 by rpki-client on console-fra.rpki-client.org