$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/4kf568DWpjbcoHxlYDbJvmM-m0E.roa File: 4kf568DWpjbcoHxlYDbJvmM-m0E.roa (raw, json) Hash identifier: IbEQ4kah9P8A+5bx588CnNaofAYMyOizyXJCgHg3gvA= Subject key identifier: E2:47:F9:EB:C0:D6:A6:36:DC:A0:7C:65:60:36:C9:BE:63:3E:9B:41 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0E20 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/4kf568DWpjbcoHxlYDbJvmM-m0E.roa Signing time: Wed 18 Sep 2024 07:51:21 +0000 ROA not before: Wed 18 Sep 2024 07:51:21 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 55990 IP address blocks: 110.41.210.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 23:53:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3616 (0xe20) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 18 07:51:21 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=E247F9EBC0D6A636DCA07C656036C9BE633E9B41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:af:05:ce:da:fe:51:4c:ca:41:27:77:a3:28: b0:b3:35:c0:b7:23:31:51:bc:4a:d4:8e:de:18:36: 12:07:a2:69:61:4d:f0:ac:c2:db:d2:88:62:5e:2e: c3:45:b8:c2:5d:3a:52:68:49:51:0b:72:95:07:f8: 11:1d:ed:7b:a6:33:c3:ea:86:8b:fb:87:53:75:54: 44:16:88:16:8b:c6:e5:a1:cf:43:3d:f2:05:70:77: 54:ad:c4:54:fe:be:c8:54:49:88:c4:42:3d:1e:f3: a7:85:89:b0:c4:73:4e:2a:81:e4:ac:c8:98:ff:d2: 79:1d:52:82:03:d7:9a:e3:1d:89:b8:09:52:ec:05: ec:ab:b1:fc:08:f0:31:4b:96:67:93:d6:13:6b:25: 3c:77:d5:ed:d6:76:1c:1f:63:b5:76:cb:d8:90:a2: 1b:b9:ca:34:9b:df:f2:a9:f6:f2:cb:b8:90:5b:d1: 9f:3e:08:6e:c2:b8:ec:a1:bc:c1:e3:4a:8d:1f:51: 7b:46:e5:1d:2c:ad:55:b1:05:c2:59:b5:71:39:d7: d5:1c:f3:45:10:85:4f:ee:c7:52:64:6b:a2:44:4a: c6:18:38:c1:a8:2d:f1:f3:f8:6c:26:db:2a:b5:a4: f0:d2:55:c0:4d:86:07:f7:af:8f:63:86:98:ab:d0: 71:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:47:F9:EB:C0:D6:A6:36:DC:A0:7C:65:60:36:C9:BE:63:3E:9B:41 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/4kf568DWpjbcoHxlYDbJvmM-m0E.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.41.210.0/24 Signature Algorithm: sha256WithRSAEncryption 56:2d:9f:d0:7d:0d:cf:9f:b0:e5:8f:36:9a:3a:9f:b2:7a:76: 55:4c:3d:b4:23:0f:ee:c7:f3:9e:a6:e1:66:cd:ee:79:a2:77: 9c:40:7a:e4:ac:cd:75:bc:6c:3e:c0:1f:2f:c5:00:36:a5:11: 8e:b9:b3:cf:92:37:b2:6f:cc:09:9a:91:7c:58:59:3b:3e:48: 40:ff:03:4a:24:c2:7c:22:1e:c1:48:be:d4:b5:85:b2:03:d3: 5f:56:90:d0:fa:8c:89:7a:5e:a1:36:d4:2a:d3:5a:11:2d:0f: 5f:81:b8:02:b6:3c:d2:41:67:0f:54:f0:83:c7:04:75:11:0d: 00:96:1c:41:3a:4f:65:4a:59:7b:e2:1a:5b:0d:62:ad:98:86: 83:9c:2f:48:65:bf:f7:a9:56:bb:64:ca:9d:ce:af:6d:fd:15: 27:61:40:43:3f:7b:e9:2a:f1:de:82:af:3e:92:ad:c5:a7:f5: 1f:61:81:e9:36:e2:50:15:94:cf:20:96:17:a4:e5:c3:f1:32: 8e:b5:9f:be:4a:26:96:4b:73:60:a3:cb:9c:44:ee:81:ea:b8: d5:d6:4f:0d:70:7b:8e:26:3b:07:bf:ce:65:9a:09:a8:29:09: ba:4f:0e:54:b5:34:c8:32:15:72:03:66:53:55:d5:0c:65:1a: 0b:9d:a6:7f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDiAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDA5MTgw NzUxMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUyNDdGOUVCQzBENkE2 MzZEQ0EwN0M2NTYwMzZDOUJFNjMzRTlCNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIrwXO2v5RTMpBJ3ejKLCzNcC3IzFRvErUjt4YNhIHomlhTfCs wtvSiGJeLsNFuMJdOlJoSVELcpUH+BEd7XumM8Pqhov7h1N1VEQWiBaLxuWhz0M9 8gVwd1StxFT+vshUSYjEQj0e86eFibDEc04qgeSsyJj/0nkdUoID15rjHYm4CVLs BeyrsfwI8DFLlmeT1hNrJTx31e3WdhwfY7V2y9iQohu5yjSb3/Kp9vLLuJBb0Z8+ CG7CuOyhvMHjSo0fUXtG5R0srVWxBcJZtXE519Uc80UQhU/ux1Jka6JESsYYOMGo LfHz+Gwm2yq1pPDSVcBNhgf3r49jhpir0HHFAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU4kf568DWpjbcoHxlYDbJvmM+m0EwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvNGtmNTY4RFdwamJj b0h4bFlEYkp2bU0tbTBFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAG4p0jANBgkqhkiG9w0BAQsFAAOCAQEAVi2f0H0Nz5+w5Y82mjqfsnp2VUw9 tCMP7sfznqbhZs3ueaJ3nEB65KzNdbxsPsAfL8UANqURjrmzz5I3sm/MCZqRfFhZ Oz5IQP8DSiTCfCIewUi+1LWFsgPTX1aQ0PqMiXpeoTbUKtNaES0PX4G4ArY80kFn D1Twg8cEdRENAJYcQTpPZUpZe+IaWw1irZiGg5wvSGW/96lWu2TKnc6vbf0VJ2FA Qz976Srx3oKvPpKtxaf1H2GB6TbiUBWUzyCWF6Tlw/EyjrWfvkomlktzYKPLnETu geq41dZPDXB7jiY7B7/OZZoJqCkJuk8OVLU0yDIVcgNmU1XVDGUaC52mfw== -----END CERTIFICATE-----Generated at Mon Nov 25 21:48:22 2024 by rpki-client on console-ams.rpki-client.org