$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/zIkyvYCG3xltDU6QordYYLqh4z0.roa File: zIkyvYCG3xltDU6QordYYLqh4z0.roa (raw, json) Hash identifier: cN5JanPEHEZFoNiw34OnU87vXF/zaAl/ToJRqZKqfaA= Subject key identifier: CC:89:32:BD:80:86:DF:19:6D:0D:4E:90:A2:B7:58:60:BA:A1:E3:3D Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Certificate serial: 1731 Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/zIkyvYCG3xltDU6QordYYLqh4z0.roa Signing time: Fri 24 May 2024 02:25:28 +0000 ROA not before: Fri 24 May 2024 02:25:28 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139021 IP address blocks: 218.247.80.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5937 (0x1731) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Validity Not Before: May 24 02:25:28 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=CC8932BD8086DF196D0D4E90A2B75860BAA1E33D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:a9:71:6d:ba:cb:c0:73:23:1c:24:5f:b6:17: 14:6b:e1:64:26:9b:da:0b:04:b1:78:7f:53:e5:5d: 01:12:d7:38:3e:ec:ec:49:89:e7:27:be:e9:98:20: e8:2a:70:19:8d:7b:3e:70:9c:b5:34:3b:6c:d8:cf: 0d:33:89:62:d5:81:2b:17:33:9c:8a:d4:e0:dc:ce: 30:24:31:d5:70:22:95:d0:fb:ea:80:84:bd:cb:30: aa:b4:2c:50:16:4e:e6:80:23:32:c4:f7:cc:4f:53: 21:6a:81:92:d2:c9:51:bb:3c:9e:2c:13:f2:fc:3a: b6:69:8e:94:75:6c:7e:27:a7:9a:cd:4d:0e:97:70: e4:35:76:6b:42:9d:a6:e3:29:38:1c:ae:de:fd:5c: d5:f1:87:10:7b:9d:c3:8d:85:c2:04:a3:00:a1:5d: f8:4e:01:02:b5:f0:5e:40:02:1b:bf:2a:fc:3f:56: c1:c0:29:49:fc:16:ae:4b:ca:d2:be:2d:db:0e:e9: fd:56:64:71:cc:94:63:68:7a:3a:5d:28:fc:88:84: 83:1c:7f:b6:a9:48:40:bf:f4:af:aa:93:0e:74:8a: e3:a8:4f:71:f4:14:13:06:7e:af:7c:f5:fd:ff:39: f4:e9:32:6c:09:96:aa:72:9e:c1:df:1d:c4:dc:a5: 0b:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:89:32:BD:80:86:DF:19:6D:0D:4E:90:A2:B7:58:60:BA:A1:E3:3D X509v3 Authority Key Identifier: keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/zIkyvYCG3xltDU6QordYYLqh4z0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 218.247.80.0/22 Signature Algorithm: sha256WithRSAEncryption 5d:5f:27:63:15:c6:3e:a4:6c:30:23:bd:bd:6a:16:b2:29:ae: 5e:31:79:d0:6b:f6:25:b5:57:75:53:5f:ce:31:8e:a2:99:a2: 6f:f5:bf:9a:fe:28:69:75:a8:28:30:94:66:17:26:c5:01:3c: 71:7e:33:a0:83:4a:cb:02:8c:99:f2:1e:c9:17:1b:f9:33:bd: 70:ff:d7:93:f2:2f:0b:d3:60:25:87:16:ab:06:0e:82:45:4c: b2:e9:34:56:37:dc:74:be:53:0f:8e:68:ae:af:02:8f:3a:f4: 40:dc:0c:19:94:83:86:4e:3c:55:f3:cd:c8:9f:c3:c5:9f:f6: de:e3:36:98:d2:07:d9:09:cc:a5:5a:f1:41:27:09:e7:af:cd: 47:e0:d6:9b:16:41:ee:a3:8e:0a:4a:9e:9b:d6:88:97:29:6b: 0a:e7:17:f8:a6:00:dd:37:72:48:27:1d:f1:c5:d6:5f:71:63: 94:53:9d:8d:32:4d:16:e6:c7:35:89:4f:51:96:4b:82:3e:81: 13:f5:78:17:48:ac:cf:da:ae:cd:81:de:4d:ea:f1:93:f7:bb: 32:33:83:52:98:c5:0f:08:51:4a:ae:a3:11:55:ba:fa:60:8b: bc:96:0d:5f:0c:94:3b:32:c8:e2:7f:02:c2:79:85:cf:d8:27: e8:e7:64:1e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFzEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNDA1MjQw MjI1MjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENDODkzMkJEODA4NkRG MTk2RDBENEU5MEEyQjc1ODYwQkFBMUUzM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1qXFtusvAcyMcJF+2FxRr4WQmm9oLBLF4f1PlXQES1zg+7OxJ iecnvumYIOgqcBmNez5wnLU0O2zYzw0ziWLVgSsXM5yK1ODczjAkMdVwIpXQ++qA hL3LMKq0LFAWTuaAIzLE98xPUyFqgZLSyVG7PJ4sE/L8OrZpjpR1bH4np5rNTQ6X cOQ1dmtCnabjKTgcrt79XNXxhxB7ncONhcIEowChXfhOAQK18F5AAhu/Kvw/VsHA KUn8Fq5LytK+LdsO6f1WZHHMlGNoejpdKPyIhIMcf7apSEC/9K+qkw50iuOoT3H0 FBMGfq989f3/OfTpMmwJlqpynsHfHcTcpQunAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUzIkyvYCG3xltDU6QordYYLqh4z0wHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4 OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkveklreXZZQ0czeGx0 RFU2UW9yZFlZTHFoNHowLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAtr3UDANBgkqhkiG9w0BAQsFAAOCAQEAXV8nYxXGPqRsMCO9vWoWsimuXjF5 0Gv2JbVXdVNfzjGOopmib/W/mv4oaXWoKDCUZhcmxQE8cX4zoINKywKMmfIeyRcb +TO9cP/Xk/IvC9NgJYcWqwYOgkVMsuk0VjfcdL5TD45orq8Cjzr0QNwMGZSDhk48 VfPNyJ/DxZ/23uM2mNIH2QnMpVrxQScJ56/NR+DWmxZB7qOOCkqem9aIlylrCucX +KYA3TdySCcd8cXWX3FjlFOdjTJNFubHNYlPUZZLgj6BE/V4F0isz9quzYHeTerx k/e7MjODUpjFDwhRSq6jEVW6+mCLvJYNXwyUOzLI4n8CwnmFz9gn6OdkHg== -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:39 2024 by rpki-client on console-fra.rpki-client.org