$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/2hACuV1H8e_YcZsRKQTC1iQo4jk.roa File: 2hACuV1H8e_YcZsRKQTC1iQo4jk.roa (raw, json) Hash identifier: ohwYW2pU4mjsUTpEmEB/Zin6sYq/X2dAaoZdL2TYvAc= Subject key identifier: DA:10:02:B9:5D:47:F1:EF:D8:71:9B:11:29:04:C2:D6:24:28:E2:39 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0F6B Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/2hACuV1H8e_YcZsRKQTC1iQo4jk.roa Signing time: Mon 18 Nov 2024 08:37:17 +0000 ROA not before: Mon 18 Nov 2024 08:37:17 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 1.92.160.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 23:53:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3947 (0xf6b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Nov 18 08:37:17 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=DA1002B95D47F1EFD8719B112904C2D62428E239 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:a1:70:37:a5:e8:67:4e:4f:bc:a4:41:50:aa: d8:71:fe:63:78:17:c0:cc:9c:af:b6:1f:22:95:11: fb:ed:be:22:f9:f6:6f:34:7f:50:de:9c:0b:a8:d2: b8:6d:ea:23:26:28:88:e9:99:c9:9d:47:b3:e0:68: 23:31:1f:da:71:93:94:ba:a1:98:9e:7d:ad:82:b2: 33:a9:96:10:70:61:dd:75:c8:9a:90:85:d6:b6:4c: 72:ca:db:4d:cb:2d:54:e9:f1:44:ae:22:e6:be:c8: 40:5c:5c:f1:75:f1:f8:b5:44:95:80:6d:85:b0:eb: 3e:83:3d:1a:3e:8b:df:8b:46:7a:de:28:8d:24:00: 6d:f2:e4:10:ec:a7:53:0c:15:c6:e2:ef:6e:12:ad: 42:7b:92:bd:b5:55:ef:58:6e:b1:1c:c5:51:8f:cd: fa:25:17:6b:de:51:e9:19:f9:06:1b:4c:05:61:e3: 1b:e0:f7:bb:f3:6b:24:49:11:4f:58:d0:8b:a7:db: 87:e4:3e:bc:ff:86:27:cb:69:21:6f:d8:82:54:c7: 98:d0:8e:5a:e2:4b:38:21:b0:aa:ed:f6:34:4b:d6: e3:09:16:f1:a6:82:92:f6:1e:a4:e9:03:38:37:a7: 22:43:79:75:97:a6:b3:be:65:05:a4:57:5d:e5:83: 1b:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:10:02:B9:5D:47:F1:EF:D8:71:9B:11:29:04:C2:D6:24:28:E2:39 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/2hACuV1H8e_YcZsRKQTC1iQo4jk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 1.92.160.0/19 Signature Algorithm: sha256WithRSAEncryption 7d:0f:e3:ac:e9:44:ac:d9:78:3f:2b:82:5f:b5:ad:6e:d1:46: dc:ee:03:c0:eb:57:81:56:9b:02:71:f2:df:17:4a:33:f9:56: 45:ec:f2:82:17:af:07:d0:ca:64:a4:a4:2b:df:11:b6:71:2d: 8b:8f:c4:31:78:8c:ab:ba:c3:29:80:4f:14:d3:c5:97:ca:bf: 7f:31:6d:d3:4c:6f:88:54:b4:ac:fd:a5:b6:93:ef:97:77:c6: 4f:0a:56:bc:6f:a6:36:4c:89:26:ec:e8:df:22:2b:cf:3e:e0: 0e:e0:e4:09:25:c0:0c:8f:4f:b4:2d:ee:24:f6:97:7d:0e:4e: d8:ce:8b:ea:da:b8:5c:f1:fb:66:04:99:5b:21:cf:7f:62:c2: 69:cc:23:bc:99:94:c4:8f:86:40:83:1e:1a:15:63:08:2f:61: 28:50:8d:03:31:78:89:e2:f2:27:c5:c4:41:16:fd:46:a7:ae: 41:66:d4:d4:b4:a8:e1:5b:be:41:6f:0c:88:42:d1:51:78:1b: 1b:d8:81:1b:1e:52:12:12:d5:db:75:91:b5:b4:74:00:57:ad: 3e:80:49:65:f0:1d:ab:be:d9:5e:9c:ad:42:92:03:c5:1a:25: 3d:f7:cc:b4:32:e2:fd:d3:5d:22:cc:78:00:dd:46:77:7a:78: 2f:cc:ca:1b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD2swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDExMTgw ODM3MTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKERBMTAwMkI5NUQ0N0Yx RUZEODcxOUIxMTI5MDRDMkQ2MjQyOEUyMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9oXA3pehnTk+8pEFQqthx/mN4F8DMnK+2HyKVEfvtviL59m80 f1DenAuo0rht6iMmKIjpmcmdR7PgaCMxH9pxk5S6oZiefa2CsjOplhBwYd11yJqQ hda2THLK203LLVTp8USuIua+yEBcXPF18fi1RJWAbYWw6z6DPRo+i9+LRnreKI0k AG3y5BDsp1MMFcbi724SrUJ7kr21Ve9YbrEcxVGPzfolF2veUekZ+QYbTAVh4xvg 97vzayRJEU9Y0Iun24fkPrz/hifLaSFv2IJUx5jQjlriSzghsKrt9jRL1uMJFvGm gpL2HqTpAzg3pyJDeXWXprO+ZQWkV13lgxtFAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU2hACuV1H8e/YcZsRKQTC1iQo4jkwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvMmhBQ3VWMUg4ZV9Z Y1pzUktRVEMxaVFvNGprLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBQFcoDANBgkqhkiG9w0BAQsFAAOCAQEAfQ/jrOlErNl4PyuCX7WtbtFG3O4D wOtXgVabAnHy3xdKM/lWRezyghevB9DKZKSkK98RtnEti4/EMXiMq7rDKYBPFNPF l8q/fzFt00xviFS0rP2ltpPvl3fGTwpWvG+mNkyJJuzo3yIrzz7gDuDkCSXADI9P tC3uJPaXfQ5O2M6L6tq4XPH7ZgSZWyHPf2LCacwjvJmUxI+GQIMeGhVjCC9hKFCN AzF4ieLyJ8XEQRb9RqeuQWbU1LSo4Vu+QW8MiELRUXgbG9iBGx5SEhLV23WRtbR0 AFetPoBJZfAdq77ZXpytQpIDxRolPffMtDLi/dNdIsx4AN1Gd3p4L8zKGw== -----END CERTIFICATE-----Generated at Mon Nov 25 20:22:05 2024 by rpki-client on console-fra.rpki-client.org