$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/-4o0WGpqEV7uyxJUjvW9KVxV_2o.roa File: -4o0WGpqEV7uyxJUjvW9KVxV_2o.roa (raw, json) Hash identifier: NGXO1blN+ZBBYo7yt1q8tUoEN8aw54fBZR/lgPAB56k= Subject key identifier: FB:8A:34:58:6A:6A:11:5E:EE:CB:12:54:8E:F5:BD:29:5C:55:FF:6A Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Certificate serial: 172D Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/-4o0WGpqEV7uyxJUjvW9KVxV_2o.roa Signing time: Fri 24 May 2024 02:25:27 +0000 ROA not before: Fri 24 May 2024 02:25:27 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139021 IP address blocks: 218.247.64.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5933 (0x172d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Validity Not Before: May 24 02:25:27 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=FB8A34586A6A115EEECB12548EF5BD295C55FF6A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:b2:cc:f7:5c:50:82:a5:41:df:2a:43:d3:c7: 7e:96:38:89:43:a0:0a:73:71:ee:f5:51:fe:2d:a1: ef:3d:08:47:14:bb:ba:13:51:7e:d3:d9:0f:7c:b6: fb:a2:49:f8:be:96:ab:c8:dc:7b:10:17:53:94:a6: 82:65:50:cb:d7:c7:0f:dc:f9:88:c3:11:51:37:9a: 1e:e5:4b:d4:cc:60:00:54:7a:8c:02:c9:b5:e3:73: ae:45:b3:3f:bd:07:42:ea:c9:58:17:81:b7:7e:3a: 07:53:cf:f2:d8:8e:cc:fc:e6:58:57:27:74:89:a6: 54:44:3b:1c:f3:09:89:55:38:f3:78:bb:31:a8:f1: a9:ea:cf:e5:b3:af:07:28:0b:7d:30:52:ab:f2:8f: e6:bd:ab:f3:32:c1:57:df:f3:c3:c0:32:45:8d:5e: 21:81:ad:08:20:e6:c1:00:e3:a6:62:ab:19:55:15: 09:0a:0d:c9:c2:3b:20:40:65:23:18:c8:63:5e:d9: 11:c9:29:69:70:5e:a7:e0:6f:92:29:3f:37:63:40: 4a:51:6d:62:ed:bf:1d:ec:aa:ee:b5:3d:0e:7b:05: 19:36:ff:b5:1a:00:fb:0a:86:9e:b9:15:b9:03:cf: 46:74:9c:cf:00:7e:34:f8:44:c6:37:b1:7d:8d:ea: 24:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:8A:34:58:6A:6A:11:5E:EE:CB:12:54:8E:F5:BD:29:5C:55:FF:6A X509v3 Authority Key Identifier: keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/-4o0WGpqEV7uyxJUjvW9KVxV_2o.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 218.247.64.0/19 Signature Algorithm: sha256WithRSAEncryption 23:db:fc:2c:80:18:a4:3c:60:e9:f3:42:7d:f0:27:a6:09:74: af:93:d5:b0:b3:65:cd:8e:7d:41:57:74:76:11:45:e2:ff:27: 70:a5:ca:28:86:d3:b9:83:34:55:9d:02:5f:58:59:d4:d2:04: 17:bf:9d:57:be:e5:b6:21:54:02:b2:17:a3:89:5a:b7:d9:15: fc:9a:68:1d:97:45:b2:1d:35:12:7a:5a:88:aa:ae:5a:99:f6: 69:88:a0:32:6b:68:78:03:2c:b7:4a:08:84:e3:2d:a5:e8:54: 48:2b:5d:2a:80:24:fa:de:9a:01:18:35:d0:ca:25:b8:6e:76: 9d:f5:f0:0c:fa:67:28:d5:69:82:47:07:b0:c9:5f:96:45:5b: 6a:81:2b:03:94:57:e4:c6:d3:8e:8d:b3:0c:77:f5:ff:24:5c: 7d:51:dd:14:95:9c:c5:64:dc:c1:6d:46:65:8f:08:3d:67:5d: 36:f8:ce:a3:3b:61:52:cc:85:c8:87:f9:8f:63:ae:87:62:fe: c2:6b:2b:2d:0a:e2:78:e2:5c:0b:8a:f9:39:df:34:35:c6:59: 76:5f:d9:a0:f4:8c:01:f7:b6:4c:f2:de:43:d9:bc:ce:ca:75: 4e:0d:1a:e5:8b:33:e9:e9:35:85:14:68:dd:cf:82:42:79:2f: b5:f4:19:2e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFy0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNDA1MjQw MjI1MjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZCOEEzNDU4NkE2QTEx NUVFRUNCMTI1NDhFRjVCRDI5NUM1NUZGNkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7ssz3XFCCpUHfKkPTx36WOIlDoApzce71Uf4toe89CEcUu7oT UX7T2Q98tvuiSfi+lqvI3HsQF1OUpoJlUMvXxw/c+YjDEVE3mh7lS9TMYABUeowC ybXjc65Fsz+9B0LqyVgXgbd+OgdTz/LYjsz85lhXJ3SJplREOxzzCYlVOPN4uzGo 8anqz+WzrwcoC30wUqvyj+a9q/MywVff88PAMkWNXiGBrQgg5sEA46ZiqxlVFQkK DcnCOyBAZSMYyGNe2RHJKWlwXqfgb5IpPzdjQEpRbWLtvx3squ61PQ57BRk2/7Ua APsKhp65FbkDz0Z0nM8AfjT4RMY3sX2N6iRJAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU+4o0WGpqEV7uyxJUjvW9KVxV/2owHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4 OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvLTRvMFdHcHFFVjd1 eXhKVWp2VzlLVnhWXzJvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBdr3QDANBgkqhkiG9w0BAQsFAAOCAQEAI9v8LIAYpDxg6fNCffAnpgl0r5PV sLNlzY59QVd0dhFF4v8ncKXKKIbTuYM0VZ0CX1hZ1NIEF7+dV77ltiFUArIXo4la t9kV/JpoHZdFsh01EnpaiKquWpn2aYigMmtoeAMst0oIhOMtpehUSCtdKoAk+t6a ARg10MoluG52nfXwDPpnKNVpgkcHsMlflkVbaoErA5RX5MbTjo2zDHf1/yRcfVHd FJWcxWTcwW1GZY8IPWddNvjOozthUsyFyIf5j2Ouh2L+wmsrLQrieOJcC4r5Od80 NcZZdl/ZoPSMAfe2TPLeQ9m8zsp1Tg0a5Ysz6ek1hRRo3c+CQnkvtfQZLg== -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:39 2024 by rpki-client on console-fra.rpki-client.org