$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/3L1tjg6LE3cuTdpAF5i56JNLkR0.roa File: 3L1tjg6LE3cuTdpAF5i56JNLkR0.roa (raw, json) Hash identifier: kzNI5l1LNaskyt/n/b32dKmY8CNJIPiX0W2XXG4xtt8= Subject key identifier: DC:BD:6D:8E:0E:8B:13:77:2E:4D:DA:40:17:98:B9:E8:93:4B:91:1D Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0F65 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/3L1tjg6LE3cuTdpAF5i56JNLkR0.roa Signing time: Mon 18 Nov 2024 08:37:16 +0000 ROA not before: Mon 18 Nov 2024 08:37:16 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.47.238.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:20:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3941 (0xf65) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Nov 18 08:37:16 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=DCBD6D8E0E8B13772E4DDA401798B9E8934B911D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:60:10:a8:d3:18:7f:11:e8:c2:8b:0f:15:5f: 33:f1:8d:7a:ff:cd:d6:4a:dd:b8:f0:70:43:3d:4b: 18:f7:f0:bc:87:98:44:91:b3:d7:bc:3d:96:6c:f8: b0:27:89:08:7c:7f:09:e2:04:86:8c:43:a3:dc:e6: b9:79:84:bd:1f:1a:e5:44:37:4d:81:08:0b:a3:c4: cd:9c:5a:3a:bd:e1:47:8c:5a:22:10:5c:3d:9f:7e: fa:19:75:c7:63:2a:ef:9c:a7:59:05:18:55:1a:b9: 3a:a1:f7:e6:d5:9f:c3:81:62:8b:97:c9:af:18:1c: d5:92:71:f7:a5:94:77:a2:dc:d1:ff:8e:c8:4c:36: f9:9e:86:4d:12:d4:99:00:6b:38:e8:2d:cc:51:3a: d1:96:fa:a5:c3:20:76:dd:03:2d:43:7d:86:55:cb: 8d:d6:b6:41:63:83:96:29:c9:a8:40:c4:fd:69:21: 7a:7d:a7:01:f5:2b:e6:71:b2:41:42:79:90:50:ac: fe:60:c3:b8:5b:4b:ad:d3:c0:40:24:90:f5:d9:45: d1:77:db:72:8c:80:ba:9a:de:89:13:8c:02:dd:e3: 5b:06:93:3f:2c:0a:a3:e9:a9:c0:b8:b4:9e:a9:1f: 36:ef:ac:2e:87:45:92:58:e5:57:1f:c7:20:dc:c5: 36:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:BD:6D:8E:0E:8B:13:77:2E:4D:DA:40:17:98:B9:E8:93:4B:91:1D X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/3L1tjg6LE3cuTdpAF5i56JNLkR0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.238.0/23 Signature Algorithm: sha256WithRSAEncryption 3c:2d:e0:da:e3:1d:af:bf:bc:1e:df:c9:36:59:ed:18:30:3a: 78:60:8a:3f:f4:4c:18:52:2e:fc:17:04:90:38:d8:46:d3:1b: f4:4f:97:dc:ee:e9:cb:9c:8f:6f:66:1f:b2:3d:51:dd:25:de: 3f:95:46:24:09:57:bb:15:13:5b:98:05:64:0f:db:86:ea:f7: a7:5a:6b:86:a3:4e:ba:34:71:85:56:bc:28:98:8c:0e:a6:af: 6a:85:42:06:81:b4:ef:23:64:cd:a2:d6:fc:8d:7d:b9:2f:07: b3:3a:df:22:85:dd:2a:51:54:34:b0:4b:22:b3:d1:eb:0f:f7: 07:d0:72:5b:13:69:8d:ef:29:57:c9:42:c3:a7:de:42:65:81: 97:8a:83:0f:fb:29:db:44:c3:52:57:8a:c8:76:3e:93:0f:55: 29:b1:5d:b2:82:c3:8e:63:6a:01:2f:b9:99:a2:5f:8a:fb:48: de:e5:a3:59:68:67:81:0e:c6:f2:61:e2:8b:f3:ca:79:1c:24: 87:a1:b1:04:61:f3:f4:62:83:c1:67:05:45:6d:fe:bb:4c:2c: c5:18:54:4c:31:56:e7:f1:59:27:ad:29:0c:fc:93:72:aa:46: bb:70:83:5f:38:fb:c0:e5:dc:44:71:19:d6:26:de:56:52:ed: 71:a9:4f:72 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD2UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDExMTgw ODM3MTZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKERDQkQ2RDhFMEU4QjEz NzcyRTREREE0MDE3OThCOUU4OTM0QjkxMUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCcYBCo0xh/EejCiw8VXzPxjXr/zdZK3bjwcEM9Sxj38LyHmESR s9e8PZZs+LAniQh8fwniBIaMQ6Pc5rl5hL0fGuVEN02BCAujxM2cWjq94UeMWiIQ XD2ffvoZdcdjKu+cp1kFGFUauTqh9+bVn8OBYouXya8YHNWScfellHei3NH/jshM Nvmehk0S1JkAazjoLcxROtGW+qXDIHbdAy1DfYZVy43WtkFjg5YpyahAxP1pIXp9 pwH1K+ZxskFCeZBQrP5gw7hbS63TwEAkkPXZRdF323KMgLqa3okTjALd41sGkz8s CqPpqcC4tJ6pHzbvrC6HRZJY5VcfxyDcxTahAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU3L1tjg6LE3cuTdpAF5i56JNLkR0wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvM0wxdGpnNkxFM2N1 VGRwQUY1aTU2Sk5Ma1IwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEv7jANBgkqhkiG9w0BAQsFAAOCAQEAPC3g2uMdr7+8Ht/JNlntGDA6eGCK P/RMGFIu/BcEkDjYRtMb9E+X3O7py5yPb2Yfsj1R3SXeP5VGJAlXuxUTW5gFZA/b hur3p1prhqNOujRxhVa8KJiMDqavaoVCBoG07yNkzaLW/I19uS8HszrfIoXdKlFU NLBLIrPR6w/3B9ByWxNpje8pV8lCw6feQmWBl4qDD/sp20TDUleKyHY+kw9VKbFd soLDjmNqAS+5maJfivtI3uWjWWhngQ7G8mHii/PKeRwkh6GxBGHz9GKDwWcFRW3+ u0wsxRhUTDFW5/FZJ60pDPyTcqpGu3CDXzj7wOXcRHEZ1ibeVlLtcalPcg== -----END CERTIFICATE-----Generated at Fri Nov 22 16:05:38 2024 by rpki-client on console-fra.rpki-client.org