$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/Pt7MKh0n-lJ3nYitp0gSzjd-3sM.roa File: Pt7MKh0n-lJ3nYitp0gSzjd-3sM.roa (raw, json) Hash identifier: m2WKa8y693pYufEl/GfpJuF3xdm09VTsD4N5UMrdzic= Subject key identifier: 3E:DE:CC:2A:1D:27:FA:52:77:9D:88:AD:A7:48:12:CE:37:7E:DE:C3 Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Certificate serial: 172C Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/Pt7MKh0n-lJ3nYitp0gSzjd-3sM.roa Signing time: Fri 24 May 2024 02:25:26 +0000 ROA not before: Fri 24 May 2024 02:25:26 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 137443 IP address blocks: 219.234.8.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5932 (0x172c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Validity Not Before: May 24 02:25:26 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=3EDECC2A1D27FA52779D88ADA74812CE377EDEC3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:0a:d8:ad:56:45:66:ff:e3:f5:7e:ee:d5:52: 8b:6f:68:78:a7:ee:05:1b:0b:b4:af:37:d5:20:9d: 7e:b7:ab:76:9e:14:dd:7c:15:16:2a:0d:18:2f:12: 05:1c:a2:82:77:7f:b0:2d:7c:39:3f:00:16:85:93: 35:4f:f6:07:2f:75:ed:a3:20:18:08:a8:de:25:25: 88:86:87:2c:8f:92:a7:36:73:39:3f:a0:68:48:f7: 35:1b:54:3f:29:04:d8:28:28:69:46:bc:ee:77:34: 2b:4e:f1:36:d4:07:75:78:52:b7:86:f3:82:7a:41: 99:2d:44:4e:cd:8f:08:e1:d7:6d:d2:79:ae:e0:36: 30:c4:e5:66:83:27:0a:8d:1c:51:6f:0d:cf:02:f0: 1c:1b:e7:2d:31:9f:3e:26:3c:2e:f2:48:f8:93:24: fa:6a:5d:ef:91:ff:5e:0a:6f:ef:13:09:e9:e6:66: 6a:d7:65:09:8e:ee:2f:70:78:a6:8d:19:46:9d:21: 42:22:a2:9f:8a:f2:84:17:78:43:cc:2a:37:26:d1: bc:b0:21:94:4e:b6:40:7f:5b:72:10:08:1a:81:1e: ba:09:3f:b3:7a:1a:20:01:97:9b:1c:49:ee:53:11: ff:f5:4f:5a:ba:a9:6c:fc:b9:e9:a0:2f:94:31:06: 64:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:DE:CC:2A:1D:27:FA:52:77:9D:88:AD:A7:48:12:CE:37:7E:DE:C3 X509v3 Authority Key Identifier: keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/Pt7MKh0n-lJ3nYitp0gSzjd-3sM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 219.234.8.0/21 Signature Algorithm: sha256WithRSAEncryption 30:7a:c8:e5:d2:a6:c6:91:0a:49:9c:90:13:9a:c2:77:5b:f6: 69:f2:e2:5d:3b:8f:80:dc:05:09:82:25:d4:63:d8:a0:98:59: d9:c6:91:0a:79:e7:cd:21:6d:e8:58:2e:af:c5:c0:3a:56:59: 42:d9:51:ea:d6:0b:cd:4f:84:7d:1b:4a:f6:d7:d0:66:24:b4: 08:91:3b:9d:5b:fa:fa:de:03:0f:eb:61:ef:41:46:16:bc:6c: f4:1e:15:0f:27:f8:59:ae:ae:aa:a4:48:ac:63:d8:5b:54:4c: f2:5a:21:a8:fc:53:ad:03:13:58:d8:dc:08:36:c1:01:9d:b8: a1:ef:88:11:f8:8b:17:15:e9:dd:fb:24:8c:24:aa:e6:d9:0f: db:7e:84:67:c7:0e:4c:0e:2c:53:71:2c:83:42:8c:6d:22:b8: c1:d9:69:a7:f6:d6:e7:d8:2d:dc:4f:fe:91:23:14:e8:bf:b4: 53:a5:e4:5a:cc:01:92:37:9f:c1:01:f2:b3:08:d2:86:18:a0: 1e:bc:9e:44:5f:f7:aa:79:a5:cf:0b:87:43:ba:c5:d8:c5:66: 4a:34:2b:e2:f9:97:84:23:e3:f1:0c:77:a4:04:0e:a5:47:01: 3b:e8:e3:dc:4b:2d:f9:9c:95:83:28:28:11:a7:88:3b:92:88: 86:0b:d2:f0 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFywwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNDA1MjQw MjI1MjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNFREVDQzJBMUQyN0ZB NTI3NzlEODhBREE3NDgxMkNFMzc3RURFQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCuCtitVkVm/+P1fu7VUotvaHin7gUbC7SvN9UgnX63q3aeFN18 FRYqDRgvEgUcooJ3f7AtfDk/ABaFkzVP9gcvde2jIBgIqN4lJYiGhyyPkqc2czk/ oGhI9zUbVD8pBNgoKGlGvO53NCtO8TbUB3V4UreG84J6QZktRE7Njwjh123Sea7g NjDE5WaDJwqNHFFvDc8C8Bwb5y0xnz4mPC7ySPiTJPpqXe+R/14Kb+8TCenmZmrX ZQmO7i9weKaNGUadIUIiop+K8oQXeEPMKjcm0bywIZROtkB/W3IQCBqBHroJP7N6 GiABl5scSe5TEf/1T1q6qWz8uemgL5QxBmRXAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUPt7MKh0n+lJ3nYitp0gSzjd+3sMwHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4 OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvUHQ3TUtoMG4tbEoz bllpdHAwZ1N6amQtM3NNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA9vqCDANBgkqhkiG9w0BAQsFAAOCAQEAMHrI5dKmxpEKSZyQE5rCd1v2afLi XTuPgNwFCYIl1GPYoJhZ2caRCnnnzSFt6Fgur8XAOlZZQtlR6tYLzU+EfRtK9tfQ ZiS0CJE7nVv6+t4DD+th70FGFrxs9B4VDyf4Wa6uqqRIrGPYW1RM8lohqPxTrQMT WNjcCDbBAZ24oe+IEfiLFxXp3fskjCSq5tkP236EZ8cOTA4sU3Esg0KMbSK4wdlp p/bW59gt3E/+kSMU6L+0U6XkWswBkjefwQHyswjShhigHryeRF/3qnmlzwuHQ7rF 2MVmSjQr4vmXhCPj8Qx3pAQOpUcBO+jj3Est+ZyVgygoEaeIO5KIhgvS8A== -----END CERTIFICATE-----Generated at Fri Nov 22 07:02:34 2024 by rpki-client on console-fra.rpki-client.org