$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/UxLmNzEvIs_mx2gKn4BK8s6OSrA.roa File: UxLmNzEvIs_mx2gKn4BK8s6OSrA.roa (raw, json) Hash identifier: s4RG7KqmuPtNkCGRvbnMhSU5mmuLx042RqWCUsZVtpw= Subject key identifier: 53:12:E6:37:31:2F:22:CF:E6:C7:68:0A:9F:80:4A:F2:CE:8E:4A:B0 Certificate issuer: /CN=CDEF7111DE98BD756D92B34D394DA2D39EFF9B8E Certificate serial: 0DDE Authority key identifier: CD:EF:71:11:DE:98:BD:75:6D:92:B3:4D:39:4D:A2:D3:9E:FF:9B:8E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ze9xEd6YvXVtkrNNOU2i057_m44.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/UxLmNzEvIs_mx2gKn4BK8s6OSrA.roa Signing time: Mon 13 May 2024 03:18:31 +0000 ROA not before: Mon 13 May 2024 03:18:31 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 58593 IP address blocks: 163.228.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/ze9xEd6YvXVtkrNNOU2i057_m44.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/ze9xEd6YvXVtkrNNOU2i057_m44.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ze9xEd6YvXVtkrNNOU2i057_m44.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:21:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3550 (0xdde) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CDEF7111DE98BD756D92B34D394DA2D39EFF9B8E Validity Not Before: May 13 03:18:31 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=5312E637312F22CFE6C7680A9F804AF2CE8E4AB0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:7f:4d:91:7e:3e:92:5f:8a:d8:58:1d:17:20: e7:84:3f:fb:5e:35:a9:51:bc:d0:bf:13:33:ff:03: f4:8c:35:6c:38:a8:39:5d:53:ba:ae:93:ec:0d:e9: 48:31:05:06:04:ce:47:05:94:b6:1a:07:b4:70:09: 3c:d0:a5:ca:61:22:5d:e6:40:44:f1:f8:ab:9d:98: a2:74:b1:e0:45:12:71:96:7a:ad:4b:29:3a:91:71: 05:5e:d3:0f:30:aa:1d:bb:cb:32:9a:7d:4a:c7:13: 5a:bb:5a:8f:5a:c3:48:ac:a6:2d:52:30:b1:7b:43: 2e:18:d1:b6:08:a7:25:08:b0:de:34:29:44:89:6d: d4:01:b1:e4:d4:9f:02:b0:63:00:01:1b:5d:0f:1b: 5d:b9:0e:39:3e:0e:65:d6:d7:22:8d:b0:1f:6b:f7: a6:a7:52:79:9e:e3:51:cf:7c:48:9f:4c:e9:c6:db: 9d:fd:ee:79:bf:78:d8:a2:37:1f:64:9c:c2:35:f7: 40:9f:ca:f2:4f:f8:00:ea:38:56:a9:cf:b9:c3:ab: d3:f1:e2:9c:21:48:0e:5c:92:4e:98:d3:8c:31:b0: 03:bc:2c:4e:22:a2:10:ca:88:e0:03:c0:42:f1:a2: 5d:6b:b1:78:f6:60:ef:6a:9e:3b:ef:89:f3:01:09: c7:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:12:E6:37:31:2F:22:CF:E6:C7:68:0A:9F:80:4A:F2:CE:8E:4A:B0 X509v3 Authority Key Identifier: keyid:CD:EF:71:11:DE:98:BD:75:6D:92:B3:4D:39:4D:A2:D3:9E:FF:9B:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/ze9xEd6YvXVtkrNNOU2i057_m44.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ze9xEd6YvXVtkrNNOU2i057_m44.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/UxLmNzEvIs_mx2gKn4BK8s6OSrA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 163.228.0.0/16 Signature Algorithm: sha256WithRSAEncryption 0f:d3:89:04:32:46:5e:cc:df:7e:dd:c8:b5:bf:64:15:02:54: d4:fe:d8:9b:03:9a:58:2a:de:83:63:1a:21:61:fe:07:14:63: ad:b0:84:c0:d5:a6:de:74:c0:5e:fd:5f:c6:6b:9e:27:b5:ed: 89:16:88:fb:5a:60:ba:b3:7e:66:fb:5e:3f:93:67:ef:6d:a2: 10:f5:f2:de:16:f6:4e:f6:69:0d:e9:a3:1e:29:bf:4c:2d:a2: 4a:04:64:9c:b8:9c:67:ce:a0:70:54:e0:86:8d:20:1b:71:24: fc:41:94:b7:94:93:8a:bd:98:fd:41:d0:4c:b8:31:e4:c8:79: 80:f0:4f:fa:b7:b1:03:a1:7f:97:df:13:88:36:2f:2d:81:53: 24:3e:3d:c6:e4:65:fd:46:f2:fe:dc:93:d4:49:7b:65:27:4a: 14:2f:2a:3d:e5:04:2e:78:8c:2b:f9:b1:73:13:84:f6:99:2c: 3a:7f:02:bb:e5:15:22:b7:93:29:ba:4c:17:55:8a:45:00:ea: 44:91:94:27:e5:ad:5a:c1:6a:84:43:38:98:ed:94:4c:f2:9b: 17:5e:e6:09:57:37:e3:96:ca:e5:94:22:45:01:89:8c:f3:af: a2:69:04:3c:ec:f5:c7:5d:e6:86:4f:5a:a8:b9:9a:ec:b1:5c: 01:63:6c:7a -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICDd4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0RF RjcxMTFERTk4QkQ3NTZEOTJCMzREMzk0REEyRDM5RUZGOUI4RTAeFw0yNDA1MTMw MzE4MzFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUzMTJFNjM3MzEyRjIy Q0ZFNkM3NjgwQTlGODA0QUYyQ0U4RTRBQjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+f02Rfj6SX4rYWB0XIOeEP/teNalRvNC/EzP/A/SMNWw4qDld U7quk+wN6UgxBQYEzkcFlLYaB7RwCTzQpcphIl3mQETx+KudmKJ0seBFEnGWeq1L KTqRcQVe0w8wqh27yzKafUrHE1q7Wo9aw0ispi1SMLF7Qy4Y0bYIpyUIsN40KUSJ bdQBseTUnwKwYwABG10PG125Djk+DmXW1yKNsB9r96anUnme41HPfEifTOnG2539 7nm/eNiiNx9knMI190CfyvJP+ADqOFapz7nDq9Px4pwhSA5ckk6Y04wxsAO8LE4i ohDKiOADwELxol1rsXj2YO9qnjvvifMBCccNAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUUxLmNzEvIs/mx2gKn4BK8s6OSrAwHwYDVR0jBBgwFoAUze9xEd6YvXVtkrNN OU2i057/m44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy MC96ZTl4RWQ2WXZYVnRrck5OT1UyaTA1N19tNDQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3plOXhFZDZZdlhWdGtyTk5PVTJpMDU3X200NC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvVXhMbU56RXZJc19t eDJnS240Qks4czZPU3JBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw BQMDAKPkMA0GCSqGSIb3DQEBCwUAA4IBAQAP04kEMkZezN9+3ci1v2QVAlTU/tib A5pYKt6DYxohYf4HFGOtsITA1abedMBe/V/Ga54nte2JFoj7WmC6s35m+14/k2fv baIQ9fLeFvZO9mkN6aMeKb9MLaJKBGScuJxnzqBwVOCGjSAbcST8QZS3lJOKvZj9 QdBMuDHkyHmA8E/6t7EDoX+X3xOINi8tgVMkPj3G5GX9RvL+3JPUSXtlJ0oULyo9 5QQueIwr+bFzE4T2mSw6fwK75RUit5MpukwXVYpFAOpEkZQn5a1awWqEQziY7ZRM 8psXXuYJVzfjlsrllCJFAYmM86+iaQQ87PXHXeaGT1qouZrssVwBY2x6 -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:40 2024 by rpki-client on console-ams.rpki-client.org