$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/7nkAk5bajlKUgxj9RuM224_AY44.roa File: 7nkAk5bajlKUgxj9RuM224_AY44.roa (raw, json) Hash identifier: XJBu5/3bO5sxeDnobyo0E9F3XsGjfBjpb7OO9O3/K7Q= Subject key identifier: EE:79:00:93:96:DA:8E:52:94:83:18:FD:46:E3:36:DB:8F:C0:63:8E Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0D63 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/7nkAk5bajlKUgxj9RuM224_AY44.roa Signing time: Tue 13 Aug 2024 03:23:08 +0000 ROA not before: Tue 13 Aug 2024 03:23:08 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 136907 IP address blocks: 110.41.208.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 02:23:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3427 (0xd63) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Aug 13 03:23:08 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=EE79009396DA8E52948318FD46E336DB8FC0638E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:3a:bd:a5:78:0c:35:63:23:03:4a:43:41:08: bf:84:29:bf:17:59:e4:ed:1f:c0:f0:69:0c:1d:e2: d2:5a:80:99:3f:40:6d:b6:b0:5a:43:02:30:af:f5: 0e:d9:15:ca:f0:73:18:4a:3e:9d:cc:eb:18:85:ea: b7:7e:b2:84:c2:3c:82:14:bb:35:d4:fe:20:0f:72: 6a:60:14:9c:b2:16:ef:1a:8b:f6:f2:b1:90:29:a7: d2:ab:e6:19:52:1f:b8:c3:08:57:34:ea:94:9c:34: 7b:72:1d:68:eb:bc:f6:59:ea:45:7c:aa:35:89:8a: 30:23:08:50:1d:ab:3d:28:1f:80:29:d2:33:97:cd: 0f:0f:c2:dd:ce:27:b2:2c:a6:2b:93:c0:2b:90:c9: e0:c4:af:02:6c:03:a9:e7:31:1c:8e:39:50:18:80: cc:74:cf:b4:d9:a1:40:c9:8b:d5:ec:19:53:d0:1c: 86:ad:a5:ab:1a:b9:96:c6:f8:93:ac:57:3a:df:38: 29:54:44:64:a9:7e:58:b1:7d:97:2f:60:5e:1b:69: 2c:60:0c:d8:04:d4:d2:36:49:3a:b4:c3:bf:ef:82: 70:22:b7:06:77:3c:48:10:21:0b:32:33:9e:d4:57: 2d:7c:79:f1:c6:9c:67:6c:2a:d4:fb:6c:6c:b8:41: a8:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:79:00:93:96:DA:8E:52:94:83:18:FD:46:E3:36:DB:8F:C0:63:8E X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/7nkAk5bajlKUgxj9RuM224_AY44.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.41.208.0/24 Signature Algorithm: sha256WithRSAEncryption 1d:f5:c9:53:06:80:07:2a:60:18:e2:42:16:57:00:29:a2:6f: a6:c9:8a:5b:58:8a:2b:4f:aa:fb:63:4e:4f:40:3c:b6:38:59: b3:53:88:ea:7d:b6:7b:12:4c:1b:1a:f6:2a:3b:15:22:c2:88: 02:da:a2:0c:a1:29:15:34:53:93:5f:e2:8e:d2:8e:d9:cb:81: 20:92:2f:9e:42:87:12:c2:37:be:9a:74:d2:e3:9f:e7:c1:29: ec:38:95:8e:a9:ad:40:28:46:8c:67:94:24:7a:bd:06:fe:ed: 71:4c:d1:6f:83:4e:8a:b5:e7:a0:6a:02:64:f5:ef:c2:cc:67: a5:13:39:23:5a:6c:19:10:89:86:2d:5f:d9:63:ab:c0:f8:ac: fa:22:2b:4b:9f:71:71:1b:19:4f:a9:7c:b7:1e:e9:4d:32:48: c6:a1:39:88:8d:da:e2:4c:30:a8:2c:70:20:14:e7:c6:b4:1e: fd:c6:3f:70:26:78:ba:3b:de:42:74:1a:9a:97:91:87:e9:a2: 3f:5e:e9:5b:b7:d5:4d:9e:4c:a1:61:e5:c6:b7:f7:0a:0b:52: cd:40:91:8a:c0:12:6d:b2:ab:43:30:f7:de:a7:f1:fa:80:a5: 38:bd:70:43:a2:2f:07:c5:bf:5c:92:1d:af:a6:27:9b:bd:98: 85:10:19:1f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDWMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDA4MTMw MzIzMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVFNzkwMDkzOTZEQThF NTI5NDgzMThGRDQ2RTMzNkRCOEZDMDYzOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCgOr2leAw1YyMDSkNBCL+EKb8XWeTtH8DwaQwd4tJagJk/QG22 sFpDAjCv9Q7ZFcrwcxhKPp3M6xiF6rd+soTCPIIUuzXU/iAPcmpgFJyyFu8ai/by sZApp9Kr5hlSH7jDCFc06pScNHtyHWjrvPZZ6kV8qjWJijAjCFAdqz0oH4Ap0jOX zQ8Pwt3OJ7IspiuTwCuQyeDErwJsA6nnMRyOOVAYgMx0z7TZoUDJi9XsGVPQHIat pasauZbG+JOsVzrfOClURGSpflixfZcvYF4baSxgDNgE1NI2STq0w7/vgnAitwZ3 PEgQIQsyM57UVy18efHGnGdsKtT7bGy4QahLAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU7nkAk5bajlKUgxj9RuM224/AY44wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvN25rQWs1YmFqbEtV Z3hqOVJ1TTIyNF9BWTQ0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAG4p0DANBgkqhkiG9w0BAQsFAAOCAQEAHfXJUwaABypgGOJCFlcAKaJvpsmK W1iKK0+q+2NOT0A8tjhZs1OI6n22exJMGxr2KjsVIsKIAtqiDKEpFTRTk1/ijtKO 2cuBIJIvnkKHEsI3vpp00uOf58Ep7DiVjqmtQChGjGeUJHq9Bv7tcUzRb4NOirXn oGoCZPXvwsxnpRM5I1psGRCJhi1f2WOrwPis+iIrS59xcRsZT6l8tx7pTTJIxqE5 iI3a4kwwqCxwIBTnxrQe/cY/cCZ4ujveQnQampeRh+miP17pW7fVTZ5MoWHlxrf3 CgtSzUCRisASbbKrQzD33qfx+oClOL1wQ6IvB8W/XJIdr6Ynm72YhRAZHw== -----END CERTIFICATE-----Generated at Fri Nov 22 02:02:46 2024 by rpki-client on console-ams.rpki-client.org