$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/3VnZW7WwFqBNSL14BfEg4PCtgzk.roa File: 3VnZW7WwFqBNSL14BfEg4PCtgzk.roa (raw, json) Hash identifier: yKkFhNOaOcu3I7RKbXv6HkNYXEWF54tI0KhpdBfRvUc= Subject key identifier: DD:59:D9:5B:B5:B0:16:A0:4D:48:BD:78:05:F1:20:E0:F0:AD:83:39 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0E1D Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/3VnZW7WwFqBNSL14BfEg4PCtgzk.roa Signing time: Wed 18 Sep 2024 07:51:20 +0000 ROA not before: Wed 18 Sep 2024 07:51:20 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 55990 IP address blocks: 110.41.90.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:50:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3613 (0xe1d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 18 07:51:20 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=DD59D95BB5B016A04D48BD7805F120E0F0AD8339 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:02:24:8f:5f:af:43:4c:66:6d:04:02:65:31: 05:da:1d:46:27:e6:7d:db:ac:ce:d8:68:38:ac:3c: ce:e6:8d:bf:db:cb:c0:81:4f:cf:72:eb:0e:4b:04: e6:3d:02:db:3e:f9:22:e6:97:65:50:a4:9d:29:81: b1:2f:14:0b:0d:49:94:b5:0b:a2:ca:e9:9b:5d:30: 89:28:04:44:7e:d6:ee:51:92:07:12:c7:96:43:57: c6:82:1e:44:74:02:77:e9:3c:fa:cf:79:fa:7a:20: c6:90:ab:09:8b:e6:b3:b7:0c:77:5f:7d:1b:5e:76: 48:4d:1e:f7:5a:dc:5f:5d:af:86:6d:f2:e6:b5:73: 2d:0c:88:f6:84:ca:f8:55:b4:80:df:6f:ac:67:a0: 19:bb:a7:3f:99:6d:8b:8c:5c:22:6f:30:a2:8e:c5: 2e:7d:ef:7a:72:fa:a5:9c:6c:64:ce:69:7a:75:bb: 42:5e:6c:05:f6:8f:f8:0b:35:33:87:c6:d2:d2:11: ec:f4:3a:30:be:06:81:ec:3b:a8:3f:6e:62:09:34: d9:c5:87:9e:ac:46:4a:4e:33:07:ff:ec:83:3a:15: bf:4a:b0:50:b6:aa:2c:5e:f5:70:03:23:73:69:ee: 74:4c:92:9f:9b:ac:4e:c3:f8:79:c2:0a:28:a3:95: 20:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:59:D9:5B:B5:B0:16:A0:4D:48:BD:78:05:F1:20:E0:F0:AD:83:39 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/3VnZW7WwFqBNSL14BfEg4PCtgzk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.41.90.0/24 Signature Algorithm: sha256WithRSAEncryption 07:67:7b:48:ca:8f:d6:54:b7:bf:70:7b:9a:13:d5:14:2f:12: de:0c:3e:d2:80:9d:83:99:fd:fa:5c:74:56:fa:b4:62:26:3b: 5e:be:38:3f:bd:61:ec:ff:e7:00:cf:92:ea:45:a2:4f:74:14: 80:52:08:be:50:1f:48:73:44:d2:c7:8f:78:9e:66:70:22:90: 5d:72:fb:f1:33:18:32:fd:18:03:7c:26:d9:62:ea:17:e0:26: a3:4b:80:1e:ae:7c:11:4a:cb:87:6c:1d:2b:7b:7f:20:8e:ad: 85:44:74:4e:a8:23:5f:4e:bd:92:01:97:6b:49:88:43:f3:69: 3d:1e:39:12:e7:cc:de:8c:3a:1f:8b:b6:35:dd:d0:3b:a9:08: 53:2a:de:21:5b:77:37:b5:77:f9:89:99:4f:08:d8:92:9d:29: a3:04:1a:fe:e4:12:d8:48:7b:ca:b3:7a:9b:f6:00:62:4c:9e: 10:a4:61:82:4a:00:42:1d:72:d3:86:b1:42:01:65:00:c7:bc: 32:f9:98:d4:70:ce:2e:c4:19:26:25:9e:6a:3a:22:56:89:13: 57:0c:fc:20:ca:5b:95:28:b5:95:e0:4f:83:8b:0b:23:ca:f6: 69:ad:f1:81:dc:b2:9b:c6:00:de:54:b0:8b:e9:64:c5:2f:be: 35:36:75:a0 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDh0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDA5MTgw NzUxMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERENTlEOTVCQjVCMDE2 QTA0RDQ4QkQ3ODA1RjEyMEUwRjBBRDgzMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCuAiSPX69DTGZtBAJlMQXaHUYn5n3brM7YaDisPM7mjb/by8CB T89y6w5LBOY9Ats++SLml2VQpJ0pgbEvFAsNSZS1C6LK6ZtdMIkoBER+1u5RkgcS x5ZDV8aCHkR0AnfpPPrPefp6IMaQqwmL5rO3DHdffRtedkhNHvda3F9dr4Zt8ua1 cy0MiPaEyvhVtIDfb6xnoBm7pz+ZbYuMXCJvMKKOxS5973py+qWcbGTOaXp1u0Je bAX2j/gLNTOHxtLSEez0OjC+BoHsO6g/bmIJNNnFh56sRkpOMwf/7IM6Fb9KsFC2 qixe9XADI3Np7nRMkp+brE7D+HnCCiijlSCTAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU3VnZW7WwFqBNSL14BfEg4PCtgzkwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvM1ZuWlc3V3dGcUJO U0wxNEJmRWc0UEN0Z3prLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAG4pWjANBgkqhkiG9w0BAQsFAAOCAQEAB2d7SMqP1lS3v3B7mhPVFC8S3gw+ 0oCdg5n9+lx0Vvq0YiY7Xr44P71h7P/nAM+S6kWiT3QUgFIIvlAfSHNE0sePeJ5m cCKQXXL78TMYMv0YA3wm2WLqF+Amo0uAHq58EUrLh2wdK3t/II6thUR0TqgjX069 kgGXa0mIQ/NpPR45EufM3ow6H4u2Nd3QO6kIUyreIVt3N7V3+YmZTwjYkp0powQa /uQS2Eh7yrN6m/YAYkyeEKRhgkoAQh1y04axQgFlAMe8MvmY1HDOLsQZJiWeajoi VokTVwz8IMpblSi1leBPg4sLI8r2aa3xgdyym8YA3lSwi+lkxS++NTZ1oA== -----END CERTIFICATE-----Generated at Fri Nov 22 13:38:14 2024 by rpki-client on console-fra.rpki-client.org