$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/bTrvez5N-Jq_G_Qk5X90zaGxmZw.roa File: bTrvez5N-Jq_G_Qk5X90zaGxmZw.roa (raw, json) Hash identifier: SXyBZkTK7VEXPzjUnZ6Gb01MMcuIlJ3Bvrwvh1T7xeQ= Subject key identifier: 6D:3A:EF:7B:3E:4D:F8:9A:BF:1B:F4:24:E5:7F:74:CD:A1:B1:99:9C Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Certificate serial: 172F Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/bTrvez5N-Jq_G_Qk5X90zaGxmZw.roa Signing time: Fri 24 May 2024 02:25:28 +0000 ROA not before: Fri 24 May 2024 02:25:28 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139021 IP address blocks: 218.247.64.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5935 (0x172f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Validity Not Before: May 24 02:25:28 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=6D3AEF7B3E4DF89ABF1BF424E57F74CDA1B1999C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:8f:cd:e7:6f:ae:3a:ab:5b:00:7a:c8:56:1e: dc:45:a1:52:38:90:20:f2:0a:00:4b:2a:60:bf:57: 1c:a4:62:12:8f:a8:e9:f2:0a:ba:63:df:19:85:c8: 71:e0:d9:d2:2e:24:10:96:73:3f:5f:b0:e9:f9:5d: 7a:62:b8:da:95:89:cf:40:8d:64:09:0f:50:3c:fd: 38:8b:0b:8f:74:8d:ac:59:87:5f:ad:f4:90:e9:03: 61:94:b8:da:27:2d:57:97:c4:83:5b:a9:83:d1:93: 93:88:1e:34:2b:8e:0d:ce:c1:c2:de:c5:29:2d:f5: 51:89:d7:68:ed:ed:f0:2e:2e:78:a6:54:9c:9c:dd: 6f:31:24:4b:05:73:d8:b4:44:40:14:58:eb:8e:eb: 60:12:9a:d4:1b:7c:8e:42:3a:a3:f7:71:56:58:68: f5:77:32:d0:e4:53:e3:46:dc:88:3d:70:df:6d:7d: 6e:0b:14:e1:85:5e:23:34:0d:bf:54:00:8f:2c:65: c3:74:2e:48:52:90:d8:43:7a:36:d2:2b:03:54:b3: 72:ef:1f:19:22:19:e5:8a:94:01:e6:c8:27:f9:e3: 23:b0:84:6c:6d:d1:89:c1:c7:99:1d:57:99:4c:a8: f5:9e:e0:e3:11:b9:aa:36:26:dd:12:35:3b:d7:96: e1:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:3A:EF:7B:3E:4D:F8:9A:BF:1B:F4:24:E5:7F:74:CD:A1:B1:99:9C X509v3 Authority Key Identifier: keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/bTrvez5N-Jq_G_Qk5X90zaGxmZw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 218.247.64.0/20 Signature Algorithm: sha256WithRSAEncryption 98:a5:7f:e4:4b:c4:9d:84:ed:1e:7b:11:ec:4f:bc:3a:1e:02: 32:dc:3d:b9:d7:7f:d4:c1:e4:99:cb:db:62:f2:02:a0:9e:a3: a7:4b:f0:17:3d:a7:73:cb:be:21:e3:50:ff:4e:70:c2:fe:bc: 7e:2b:bf:a2:ce:7c:e9:87:83:e3:56:f2:ad:0e:75:69:af:e2: c2:c2:ba:7d:3b:28:19:57:6b:96:ab:eb:6c:2d:db:a6:9b:bf: 15:a2:68:73:42:fd:56:29:2e:ce:c6:9e:74:85:36:5d:78:00: d9:22:0b:54:f2:30:e1:be:ab:d4:ae:4a:e2:57:c0:c2:e8:7e: 77:e5:e2:4a:da:3e:6e:99:12:92:2a:0c:05:c2:f1:32:fb:33: 2c:4f:d8:74:e7:d3:11:2f:13:40:85:b5:3c:b0:0e:32:8f:4a: 48:22:83:f0:72:92:da:d2:de:4f:f5:1b:14:e2:e9:45:42:49: a6:a7:2b:ef:8f:c6:fb:fd:29:95:99:3b:ed:b9:4f:9e:d1:cc: f6:1f:90:6a:f0:d6:a7:04:09:d8:da:93:34:be:21:e2:ae:d5: 5f:de:b6:f9:44:2d:48:ce:43:71:4f:8b:a8:46:72:cc:55:77: 41:70:23:ce:85:55:18:4a:4f:b0:69:0c:b3:14:52:c8:a6:64: fa:1b:3d:a5 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFy8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNDA1MjQw MjI1MjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZEM0FFRjdCM0U0REY4 OUFCRjFCRjQyNEU1N0Y3NENEQTFCMTk5OUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCuj83nb646q1sAeshWHtxFoVI4kCDyCgBLKmC/VxykYhKPqOny Crpj3xmFyHHg2dIuJBCWcz9fsOn5XXpiuNqVic9AjWQJD1A8/TiLC490jaxZh1+t 9JDpA2GUuNonLVeXxINbqYPRk5OIHjQrjg3OwcLexSkt9VGJ12jt7fAuLnimVJyc 3W8xJEsFc9i0REAUWOuO62ASmtQbfI5COqP3cVZYaPV3MtDkU+NG3Ig9cN9tfW4L FOGFXiM0Db9UAI8sZcN0LkhSkNhDejbSKwNUs3LvHxkiGeWKlAHmyCf54yOwhGxt 0YnBx5kdV5lMqPWe4OMRuao2Jt0SNTvXluGtAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUbTrvez5N+Jq/G/Qk5X90zaGxmZwwHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4 OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvYlRydmV6NU4tSnFf R19RazVYOTB6YUd4bVp3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBNr3QDANBgkqhkiG9w0BAQsFAAOCAQEAmKV/5EvEnYTtHnsR7E+8Oh4CMtw9 udd/1MHkmcvbYvICoJ6jp0vwFz2nc8u+IeNQ/05wwv68fiu/os586YeD41byrQ51 aa/iwsK6fTsoGVdrlqvrbC3bppu/FaJoc0L9VikuzsaedIU2XXgA2SILVPIw4b6r 1K5K4lfAwuh+d+XiSto+bpkSkioMBcLxMvszLE/YdOfTES8TQIW1PLAOMo9KSCKD 8HKS2tLeT/UbFOLpRUJJpqcr74/G+/0plZk77blPntHM9h+QavDWpwQJ2NqTNL4h 4q7VX962+UQtSM5DcU+LqEZyzFV3QXAjzoVVGEpPsGkMsxRSyKZk+hs9pQ== -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:39 2024 by rpki-client on console-fra.rpki-client.org