$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/PnrZXl-JMcCcet9XYmAc9zo9G7U.roa File: PnrZXl-JMcCcet9XYmAc9zo9G7U.roa (raw, json) Hash identifier: Kph7uzTsvzk8OPS9x2US++NU7Eb6y+WvjyGGYCvnm6U= Subject key identifier: 3E:7A:D9:5E:5F:89:31:C0:9C:7A:DF:57:62:60:1C:F7:3A:3D:1B:B5 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0EF8 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/PnrZXl-JMcCcet9XYmAc9zo9G7U.roa Signing time: Mon 28 Oct 2024 10:22:12 +0000 ROA not before: Mon 28 Oct 2024 10:22:12 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.45.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 23:53:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3832 (0xef8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Oct 28 10:22:12 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=3E7AD95E5F8931C09C7ADF5762601CF73A3D1BB5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:2a:0f:ca:7d:f1:6f:89:b0:a4:a8:8b:3d:e8: ad:bd:27:58:a4:47:df:16:39:ca:8c:ff:7e:31:f6: 61:18:db:94:6c:ab:81:ad:32:b2:a6:21:04:d2:75: c7:ae:04:d4:bd:df:1f:ab:8d:06:72:77:12:da:72: 36:28:6a:b1:1a:ee:f3:10:88:3d:c8:34:62:9e:47: d4:d6:ce:1b:b3:35:4d:49:a6:08:fd:ac:3b:62:9d: 7d:ca:52:15:64:8b:f8:eb:6e:81:61:0b:01:8d:04: a7:7f:de:8b:c8:e5:80:bd:c5:fe:f5:53:80:01:89: 9c:af:df:f4:22:bd:53:81:7c:67:4c:66:a8:f1:df: 98:b3:e1:b7:95:62:2b:08:54:3a:35:4e:1e:88:f7: 0f:8f:75:c0:f9:6a:19:c5:34:50:f1:4f:ce:bb:52: 1e:82:10:c0:f9:29:20:1a:66:79:d2:b2:18:e8:30: 61:44:ac:6e:9f:88:3c:70:38:c8:b6:2b:14:69:46: ca:14:8f:d5:b1:63:a0:ae:d7:75:19:86:cc:ce:db: 65:a7:c9:8d:3b:07:55:23:29:b2:de:c2:28:5c:fe: 58:7f:8f:03:f1:59:c7:b0:50:51:ca:e2:b6:e2:f3: 9f:c1:ed:18:7d:36:5e:e7:e2:63:6e:79:85:db:e0: 38:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:7A:D9:5E:5F:89:31:C0:9C:7A:DF:57:62:60:1C:F7:3A:3D:1B:B5 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/PnrZXl-JMcCcet9XYmAc9zo9G7U.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.45.100.0/22 Signature Algorithm: sha256WithRSAEncryption 69:be:53:b4:28:85:97:79:44:b5:4c:a8:21:99:37:cb:78:91: 3e:f1:f7:ae:8e:d0:7a:9f:98:e9:19:7e:45:af:04:98:8c:67: 31:3d:be:b3:64:24:c5:94:19:ce:f1:aa:74:39:83:ee:25:ae: 55:6e:01:f8:f1:f3:96:82:4c:16:a6:04:f5:98:c5:a3:78:4d: ae:92:7f:2a:7d:2a:5e:37:b7:58:04:dc:4c:48:00:1a:01:94: 6f:f6:72:e3:b7:73:58:50:80:aa:6a:3b:ce:da:d5:fd:fc:37: 75:d8:30:4b:9b:62:e5:66:bf:35:d9:1f:da:3f:e5:03:f1:60: 25:3a:53:9e:04:d9:16:42:eb:97:71:5c:01:a6:de:42:0c:41: 40:97:96:ae:b8:70:c2:75:75:75:1e:02:3f:f3:46:26:60:34: eb:92:83:bd:be:60:2c:ff:8b:46:f5:7e:ec:97:ed:4e:88:3f: 8e:68:1b:49:c6:36:22:1f:22:91:38:51:1a:47:ce:bd:d4:ac: 18:71:e8:a7:0c:f1:c3:ec:d9:05:89:18:40:d7:dd:49:11:13: 05:0a:5d:14:9b:9b:d9:1a:3d:7c:5c:43:c5:eb:71:f9:38:34: e6:eb:86:c3:c9:57:6e:89:cc:75:84:37:b8:46:2e:94:43:65: 5c:ee:b8:89 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDvgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDEwMjgx MDIyMTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDNFN0FEOTVFNUY4OTMx QzA5QzdBREY1NzYyNjAxQ0Y3M0EzRDFCQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCcKg/KffFvibCkqIs96K29J1ikR98WOcqM/34x9mEY25Rsq4Gt MrKmIQTSdceuBNS93x+rjQZydxLacjYoarEa7vMQiD3INGKeR9TWzhuzNU1Jpgj9 rDtinX3KUhVki/jrboFhCwGNBKd/3ovI5YC9xf71U4ABiZyv3/QivVOBfGdMZqjx 35iz4beVYisIVDo1Th6I9w+PdcD5ahnFNFDxT867Uh6CEMD5KSAaZnnSshjoMGFE rG6fiDxwOMi2KxRpRsoUj9WxY6Cu13UZhszO22WnyY07B1UjKbLewihc/lh/jwPx WcewUFHK4rbi85/B7Rh9Nl7n4mNueYXb4DgVAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUPnrZXl+JMcCcet9XYmAc9zo9G7UwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvUG5yWlhsLUpNY0Nj ZXQ5WFltQWM5em85RzdVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAnEtZDANBgkqhkiG9w0BAQsFAAOCAQEAab5TtCiFl3lEtUyoIZk3y3iRPvH3 ro7Qep+Y6Rl+Ra8EmIxnMT2+s2QkxZQZzvGqdDmD7iWuVW4B+PHzloJMFqYE9ZjF o3hNrpJ/Kn0qXje3WATcTEgAGgGUb/Zy47dzWFCAqmo7ztrV/fw3ddgwS5ti5Wa/ Ndkf2j/lA/FgJTpTngTZFkLrl3FcAabeQgxBQJeWrrhwwnV1dR4CP/NGJmA065KD vb5gLP+LRvV+7JftTog/jmgbScY2Ih8ikThRGkfOvdSsGHHopwzxw+zZBYkYQNfd SRETBQpdFJub2Ro9fFxDxetx+Tg05uuGw8lXbonMdYQ3uEYulENlXO64iQ== -----END CERTIFICATE-----Generated at Mon Nov 25 21:48:22 2024 by rpki-client on console-ams.rpki-client.org