$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/8KxjQgnHwKrfVdwyHoCsl1NcB24.roa File: 8KxjQgnHwKrfVdwyHoCsl1NcB24.roa (raw, json) Hash identifier: 8uBsfjuVmtDsmRdvBHskQ0V4q1Em9AVAFO2IdqzqyNo= Subject key identifier: F0:AC:63:42:09:C7:C0:AA:DF:55:DC:32:1E:80:AC:97:53:5C:07:6E Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0D5D Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/8KxjQgnHwKrfVdwyHoCsl1NcB24.roa Signing time: Tue 13 Aug 2024 03:22:20 +0000 ROA not before: Tue 13 Aug 2024 03:22:20 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 136907 IP address blocks: 110.41.90.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 04:50:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3421 (0xd5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Aug 13 03:22:20 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=F0AC634209C7C0AADF55DC321E80AC97535C076E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:43:32:18:af:aa:10:a4:00:db:1c:c7:c7:6e: 5e:78:a3:9e:5f:c2:9f:25:f0:ac:b2:56:bd:f0:d5: 29:09:01:06:17:af:8d:20:51:40:2c:bb:f1:8c:5c: 57:f2:c8:7f:a7:32:a7:5a:e2:4a:2c:a8:54:90:c8: b5:b0:f1:61:1e:01:15:ad:52:d2:63:de:75:a2:d2: 2b:b9:cb:b5:51:c0:3c:5d:c3:45:e3:41:0c:5d:86: bd:94:82:25:0e:ce:de:e5:78:fc:6d:65:bc:a6:3d: 7e:ca:63:94:f2:53:c3:44:42:ab:28:a9:3e:b6:d6: 7f:8c:34:c0:b2:22:e6:6c:c3:2c:f8:24:1a:a9:cf: 97:60:24:d4:52:58:ac:cd:79:55:f0:c8:6d:c7:20: 8f:ef:27:48:93:ac:26:0a:7d:86:6c:55:ae:b7:c3: bb:f6:6f:ed:44:68:78:62:fb:51:35:da:e7:86:14: ce:73:1a:98:9b:d2:6c:d9:e5:c0:9f:f9:6f:06:75: 62:20:a9:72:5e:84:91:7c:da:6b:c9:f3:f8:a3:73: 43:ef:b4:d2:ba:fa:8e:8f:60:07:10:a5:0f:1f:8f: d1:52:de:3a:01:6c:51:17:50:82:f2:53:57:fe:40: e8:a8:d1:a3:aa:f8:14:1f:65:43:d9:18:c0:e7:0e: 23:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:AC:63:42:09:C7:C0:AA:DF:55:DC:32:1E:80:AC:97:53:5C:07:6E X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/8KxjQgnHwKrfVdwyHoCsl1NcB24.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.41.90.0/24 Signature Algorithm: sha256WithRSAEncryption 17:df:fc:39:cb:37:bc:76:c7:3f:4e:4a:aa:83:f4:89:c9:99: e3:0c:7a:37:13:28:51:7e:e8:60:ff:2c:9f:68:68:c5:d5:d2: 9c:23:cb:11:47:81:26:1b:e3:ac:e2:7b:34:a7:9a:0b:26:39: 42:3b:fd:65:28:23:77:a4:02:c1:31:d2:d9:d4:30:cd:f8:77: d4:8c:fb:b9:fd:54:c3:ab:95:02:79:e5:12:16:9a:db:bd:8c: 80:61:9e:0d:8c:0d:7c:4b:1b:97:10:51:bd:1d:10:ca:d1:da: 36:7c:6d:1c:a6:3e:88:8a:e4:b7:94:88:31:00:5b:19:5a:8d: 31:88:5b:d9:84:e5:06:ef:5c:96:53:0b:d8:90:e8:b1:51:1b: 04:d4:c4:7d:1c:7b:49:8e:8b:cc:9b:26:47:ed:8a:80:ad:26: 53:c7:75:68:99:72:45:4c:ee:70:61:d1:63:ce:49:96:f2:ac: 2b:33:f5:f6:7c:94:70:8e:a4:59:d5:aa:8a:6d:8f:d9:4d:12: ae:ae:1e:1b:1a:8a:c8:d6:5a:7d:96:5f:10:00:bc:22:ba:14: 95:c7:3c:ec:d2:42:4a:a0:90:ba:67:f3:87:41:ff:6b:08:32: b9:64:59:af:40:7a:99:b1:b1:57:b1:13:57:23:0c:9f:ce:d2: 10:e1:3a:3d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDV0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDA4MTMw MzIyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYwQUM2MzQyMDlDN0Mw QUFERjU1REMzMjFFODBBQzk3NTM1QzA3NkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC3QzIYr6oQpADbHMfHbl54o55fwp8l8KyyVr3w1SkJAQYXr40g UUAsu/GMXFfyyH+nMqda4kosqFSQyLWw8WEeARWtUtJj3nWi0iu5y7VRwDxdw0Xj QQxdhr2UgiUOzt7lePxtZbymPX7KY5TyU8NEQqsoqT621n+MNMCyIuZswyz4JBqp z5dgJNRSWKzNeVXwyG3HII/vJ0iTrCYKfYZsVa63w7v2b+1EaHhi+1E12ueGFM5z Gpib0mzZ5cCf+W8GdWIgqXJehJF82mvJ8/ijc0PvtNK6+o6PYAcQpQ8fj9FS3joB bFEXUILyU1f+QOio0aOq+BQfZUPZGMDnDiPFAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU8KxjQgnHwKrfVdwyHoCsl1NcB24wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvOEt4alFnbkh3S3Jm VmR3eUhvQ3NsMU5jQjI0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAG4pWjANBgkqhkiG9w0BAQsFAAOCAQEAF9/8Ocs3vHbHP05KqoP0icmZ4wx6 NxMoUX7oYP8sn2hoxdXSnCPLEUeBJhvjrOJ7NKeaCyY5Qjv9ZSgjd6QCwTHS2dQw zfh31Iz7uf1Uw6uVAnnlEhaa272MgGGeDYwNfEsblxBRvR0QytHaNnxtHKY+iIrk t5SIMQBbGVqNMYhb2YTlBu9cllML2JDosVEbBNTEfRx7SY6LzJsmR+2KgK0mU8d1 aJlyRUzucGHRY85JlvKsKzP19nyUcI6kWdWqim2P2U0Srq4eGxqKyNZafZZfEAC8 IroUlcc87NJCSqCQumfzh0H/awgyuWRZr0B6mbGxV7ETVyMMn87SEOE6PQ== -----END CERTIFICATE-----Generated at Fri Nov 22 04:32:50 2024 by rpki-client on console-fra.rpki-client.org