$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/_02AP_Ab-_jw9IDmIAqp2qDpjJs.roa File: _02AP_Ab-_jw9IDmIAqp2qDpjJs.roa (raw, json) Hash identifier: ZhDrB4oZVidoAiqetv4zpFhA9Kovxdk7zueVEXl3w/o= Subject key identifier: FF:4D:80:3F:F0:1B:FB:F8:F0:F4:80:E6:20:0A:A9:DA:A0:E9:8C:9B Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Certificate serial: 172E Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/_02AP_Ab-_jw9IDmIAqp2qDpjJs.roa Signing time: Fri 24 May 2024 02:25:27 +0000 ROA not before: Fri 24 May 2024 02:25:27 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139021 IP address blocks: 218.247.88.0/21 maxlen: 21 219.234.16.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5934 (0x172e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Validity Not Before: May 24 02:25:27 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=FF4D803FF01BFBF8F0F480E6200AA9DAA0E98C9B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:d5:0c:72:ff:4e:d0:11:26:e6:aa:4e:30:0a: c1:8d:9b:b3:14:fc:11:01:c8:38:48:19:7e:d5:28: 97:64:e5:f2:be:c3:9a:73:79:19:bb:9e:0b:90:53: 90:ee:1a:96:1c:de:f2:7a:b4:2b:0c:c6:70:15:d5: be:c0:1b:5c:19:1b:cf:19:0d:14:b8:63:e8:bc:e0: 8d:3d:db:7f:dd:96:7f:7d:7c:9e:be:a6:45:75:c0: 47:62:ac:9f:cf:96:ce:8d:7c:46:79:b3:91:f4:54: 89:11:18:85:12:c4:2a:d2:f7:85:28:42:21:1b:63: a2:bd:7b:d7:b1:a5:1b:da:28:81:fa:a7:b1:f8:5d: 0d:58:56:ca:bb:de:4f:1e:fc:d5:b1:e9:85:3d:14: 5c:29:b6:02:a1:2e:ba:4a:b7:3d:13:b1:0e:31:65: ce:02:99:e2:fc:3f:d9:71:25:88:2c:40:31:57:08: 05:49:ab:bd:41:e5:a8:e5:77:fe:51:ff:ae:2f:f4: 00:96:5b:4b:6e:76:b4:6c:02:39:be:43:01:9c:2c: 1d:e6:c9:c2:5c:1f:95:df:48:79:84:3f:ae:14:72: 02:b0:2d:ea:2b:6a:f0:12:93:f1:46:b5:8b:8e:f9: c1:89:d7:33:56:62:b9:d9:b2:f7:e8:2e:7b:ed:38: 8c:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:4D:80:3F:F0:1B:FB:F8:F0:F4:80:E6:20:0A:A9:DA:A0:E9:8C:9B X509v3 Authority Key Identifier: keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/_02AP_Ab-_jw9IDmIAqp2qDpjJs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 218.247.88.0/21 219.234.16.0/21 Signature Algorithm: sha256WithRSAEncryption 17:a4:32:a4:21:e4:ea:52:e6:ec:da:dc:f0:30:46:51:f3:7d: 01:c3:da:8c:1c:f4:09:2a:3d:5d:f9:4d:7f:18:58:66:06:fa: 96:01:e9:bd:1e:7d:28:44:47:f7:16:1f:67:3e:e9:12:f6:8f: 3c:3e:ad:a3:3b:70:75:cc:46:ec:15:45:d2:d7:52:9c:af:05: c5:55:63:1d:7f:0d:41:50:14:6e:d4:6c:57:72:10:69:f2:f9: fe:6c:4f:d3:22:d9:10:e0:85:e0:44:6b:91:69:32:9f:73:b5: 71:40:46:05:b7:3c:21:20:a4:17:ff:1c:c4:1a:c3:8b:05:08: 53:74:30:e7:26:d1:ef:5a:6a:4d:87:de:8e:c5:41:9d:3f:22: df:6e:9e:ee:c6:28:8c:ee:f2:cd:36:38:0c:d1:70:73:6f:07: 8a:80:6b:51:d8:da:0e:88:6d:69:7b:07:d8:de:e6:d7:c8:1a: e0:5a:75:90:15:94:68:01:9b:90:b5:af:c8:2e:70:02:6a:86: cc:03:49:64:76:7b:8a:90:8f:ae:5b:0e:a8:0e:b9:a9:f7:83: 18:a0:c0:a2:e2:1b:be:0d:98:f9:06:77:a7:0d:25:e1:1c:34: f6:9e:58:06:35:ab:64:1d:08:e8:da:08:fb:e4:7c:8f:a2:d3: d9:0f:eb:21 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgICFy4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNDA1MjQw MjI1MjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZGNEQ4MDNGRjAxQkZC RjhGMEY0ODBFNjIwMEFBOURBQTBFOThDOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDW1Qxy/07QESbmqk4wCsGNm7MU/BEByDhIGX7VKJdk5fK+w5pz eRm7nguQU5DuGpYc3vJ6tCsMxnAV1b7AG1wZG88ZDRS4Y+i84I0923/dln99fJ6+ pkV1wEdirJ/Pls6NfEZ5s5H0VIkRGIUSxCrS94UoQiEbY6K9e9expRvaKIH6p7H4 XQ1YVsq73k8e/NWx6YU9FFwptgKhLrpKtz0TsQ4xZc4CmeL8P9lxJYgsQDFXCAVJ q71B5ajld/5R/64v9ACWW0tudrRsAjm+QwGcLB3mycJcH5XfSHmEP64UcgKwLeor avASk/FGtYuO+cGJ1zNWYrnZsvfoLnvtOIybAgMBAAGjggH5MIIB9TAdBgNVHQ4E FgQU/02AP/Ab+/jw9IDmIAqp2qDpjJswHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4 OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvXzAyQVBfQWItX2p3 OUlEbUlBcXAycURwakpzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw DAMEA9r3WAMEA9vqEDANBgkqhkiG9w0BAQsFAAOCAQEAF6QypCHk6lLm7Nrc8DBG UfN9AcPajBz0CSo9XflNfxhYZgb6lgHpvR59KERH9xYfZz7pEvaPPD6toztwdcxG 7BVF0tdSnK8FxVVjHX8NQVAUbtRsV3IQafL5/mxP0yLZEOCF4ERrkWkyn3O1cUBG Bbc8ISCkF/8cxBrDiwUIU3Qw5ybR71pqTYfejsVBnT8i326e7sYojO7yzTY4DNFw c28HioBrUdjaDohtaXsH2N7m18ga4Fp1kBWUaAGbkLWvyC5wAmqGzANJZHZ7ipCP rlsOqA65qfeDGKDAouIbvg2Y+QZ3pw0l4Rw09p5YBjWrZB0I6NoI++R8j6LT2Q/r IQ== -----END CERTIFICATE-----Generated at Fri Nov 22 17:36:45 2024 by rpki-client on console-ams.rpki-client.org