$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2943/6tZ1PL_nWX5MjFotFyIopnr5Exc.roa File: 6tZ1PL_nWX5MjFotFyIopnr5Exc.roa (raw, json) Hash identifier: jzlE9qZ3+so7n9Amj5N0YsNe4YAdpgMvcCvTOPlZ8mY= Subject key identifier: EA:D6:75:3C:BF:E7:59:7E:4C:8C:5A:2D:17:22:28:A6:7A:F9:13:17 Certificate issuer: /CN=D5C2CE1261E59FD76D3E3FB00E5EBA8E44DA30C9 Certificate serial: 15 Authority key identifier: D5:C2:CE:12:61:E5:9F:D7:6D:3E:3F:B0:0E:5E:BA:8E:44:DA:30:C9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1cLOEmHln9dtPj-wDl66jkTaMMk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2943/6tZ1PL_nWX5MjFotFyIopnr5Exc.roa Signing time: Wed 16 Oct 2024 07:22:22 +0000 ROA not before: Wed 16 Oct 2024 07:22:22 +0000 ROA not after: Tue 14 Oct 2025 04:34:08 +0000 asID: 139148 IP address blocks: 115.172.32.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2943/1cLOEmHln9dtPj-wDl66jkTaMMk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2943/1cLOEmHln9dtPj-wDl66jkTaMMk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1cLOEmHln9dtPj-wDl66jkTaMMk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21 (0x15) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D5C2CE1261E59FD76D3E3FB00E5EBA8E44DA30C9 Validity Not Before: Oct 16 07:22:22 2024 GMT Not After : Oct 14 04:34:08 2025 GMT Subject: CN=EAD6753CBFE7597E4C8C5A2D172228A67AF91317 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:e2:92:a8:d7:2e:c0:c5:44:81:60:aa:ab:92: b5:e1:50:14:27:0a:5c:87:1d:82:09:8f:12:53:19: 7f:41:a2:06:d6:93:e8:be:69:53:5a:80:f1:07:29: 8b:fc:df:0c:aa:c5:f2:18:2e:94:9f:27:83:7e:3c: 39:03:8a:08:2d:2e:5f:19:70:37:05:4c:35:3f:da: 3c:7b:6c:7d:96:02:92:92:4f:a5:88:c0:11:47:cc: 13:44:ea:e6:63:e5:e0:e7:7e:93:78:33:e6:2c:f5: 33:16:19:6a:16:9f:4e:16:6a:16:ea:9b:3e:37:c6: 63:d2:c7:a9:ba:cf:c9:18:ad:91:ce:05:95:c0:a0: ce:d7:80:65:67:4c:61:f0:e6:db:45:76:bc:b9:b3: 47:c6:af:12:7f:c8:e2:d6:eb:29:d7:c8:db:b5:00: 47:35:3e:a5:06:f4:8f:3b:71:eb:3d:52:e8:b0:f5: 19:16:6c:11:0e:88:83:c1:a1:f5:a5:38:15:db:9c: 9d:75:27:83:db:32:ae:d6:21:71:34:c5:f7:34:5e: b1:ce:8f:94:3c:aa:d3:73:a9:ae:cc:7b:dd:b4:33: 67:45:e7:23:21:f9:71:d6:09:92:2f:e8:ec:cc:e9: 23:e6:c0:6a:7c:39:65:7f:de:93:7c:60:de:1b:9d: 9f:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:D6:75:3C:BF:E7:59:7E:4C:8C:5A:2D:17:22:28:A6:7A:F9:13:17 X509v3 Authority Key Identifier: keyid:D5:C2:CE:12:61:E5:9F:D7:6D:3E:3F:B0:0E:5E:BA:8E:44:DA:30:C9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2943/1cLOEmHln9dtPj-wDl66jkTaMMk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1cLOEmHln9dtPj-wDl66jkTaMMk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2943/6tZ1PL_nWX5MjFotFyIopnr5Exc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.172.32.0/19 Signature Algorithm: sha256WithRSAEncryption df:80:63:ad:c9:7d:7c:a3:2d:ce:5b:1e:2d:63:48:bf:96:46: f0:1c:42:50:eb:8d:d3:59:1b:d9:78:1f:55:1b:21:41:35:76: 38:75:7d:3a:fb:b1:92:1b:37:5f:e4:c1:cb:d5:a8:ef:00:ce: 22:8c:66:34:e6:a3:4e:c9:a2:bd:14:1f:62:83:90:30:2d:ca: a4:09:a5:35:c4:a3:3f:8f:af:0c:4a:e3:eb:a4:72:d6:5d:e9: 34:3e:46:f3:66:38:36:77:45:94:e5:53:ee:3f:63:f2:58:cf: 4e:82:18:4b:5f:b1:cd:c9:42:6f:5e:4c:d7:ac:81:35:2d:c1: 7d:5e:4d:04:74:26:3f:3c:31:63:f9:aa:8b:ba:f7:24:b5:63: b8:c2:e5:73:c9:1f:e9:24:cb:c5:99:65:d0:b9:4a:11:f4:43: 90:47:e6:a1:26:6c:55:d1:c9:93:52:44:11:bd:b8:89:45:46: 77:1f:40:bb:b8:1f:d0:49:37:29:1b:ab:8a:f9:48:3c:3a:68: fa:39:7e:48:92:bb:1a:dc:7d:b1:b1:1b:69:3f:1d:e2:e1:79: df:78:d0:a5:94:97:ca:ca:5a:54:b1:5f:79:43:91:5d:32:96: 7d:33:ba:b2:08:c7:20:8c:e7:91:7d:77:5b:6f:6e:34:67:32: b3:35:8f:61 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhENUMy Q0UxMjYxRTU5RkQ3NkQzRTNGQjAwRTVFQkE4RTQ0REEzMEM5MB4XDTI0MTAxNjA3 MjIyMloXDTI1MTAxNDA0MzQwOFowMzExMC8GA1UEAxMoRUFENjc1M0NCRkU3NTk3 RTRDOEM1QTJEMTcyMjI4QTY3QUY5MTMxNzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALzikqjXLsDFRIFgqquSteFQFCcKXIcdggmPElMZf0GiBtaT6L5p U1qA8Qcpi/zfDKrF8hgulJ8ng348OQOKCC0uXxlwNwVMNT/aPHtsfZYCkpJPpYjA EUfME0Tq5mPl4Od+k3gz5iz1MxYZahafThZqFuqbPjfGY9LHqbrPyRitkc4FlcCg zteAZWdMYfDm20V2vLmzR8avEn/I4tbrKdfI27UARzU+pQb0jztx6z1S6LD1GRZs EQ6Ig8Gh9aU4FducnXUng9syrtYhcTTF9zResc6PlDyq03Oprsx73bQzZ0XnIyH5 cdYJki/o7MzpI+bAanw5ZX/ek3xg3hudnzkCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBTq1nU8v+dZfkyMWi0XIiimevkTFzAfBgNVHSMEGDAWgBTVws4SYeWf120+P7AO XrqORNowyTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yOTQz LzFjTE9FbUhsbjlkdFBqLXdEbDY2amtUYU1Nay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMWNMT0VtSGxuOWR0UGotd0RsNjZqa1RhTU1rLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk0My82dFoxUExfbldYNU1q Rm90RnlJb3BucjVFeGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQFc6wgMA0GCSqGSIb3DQEBCwUAA4IBAQDfgGOtyX18oy3OWx4tY0i/lkbwHEJQ 643TWRvZeB9VGyFBNXY4dX06+7GSGzdf5MHL1ajvAM4ijGY05qNOyaK9FB9ig5Aw LcqkCaU1xKM/j68MSuPrpHLWXek0PkbzZjg2d0WU5VPuP2PyWM9OghhLX7HNyUJv XkzXrIE1LcF9Xk0EdCY/PDFj+aqLuvcktWO4wuVzyR/pJMvFmWXQuUoR9EOQR+ah JmxV0cmTUkQRvbiJRUZ3H0C7uB/QSTcpG6uK+Ug8Omj6OX5Ikrsa3H2xsRtpPx3i 4XnfeNCllJfKylpUsV95Q5FdMpZ9M7qyCMcgjOeRfXdbb240ZzKzNY9h -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:10 2024 by rpki-client on console-fra.rpki-client.org