$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/Q7jgXq4DO19QiQIyE4_pjHqTgsE.roa File: Q7jgXq4DO19QiQIyE4_pjHqTgsE.roa (raw, json) Hash identifier: TkmqLOKEJLXBR0dXhdhlf87xuseYTrFgHevhS10tZbs= Subject key identifier: 43:B8:E0:5E:AE:03:3B:5F:50:89:02:32:13:8F:E9:8C:7A:93:82:C1 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0EF7 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Q7jgXq4DO19QiQIyE4_pjHqTgsE.roa Signing time: Mon 28 Oct 2024 10:22:11 +0000 ROA not before: Mon 28 Oct 2024 10:22:11 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.45.116.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 23:53:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3831 (0xef7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Oct 28 10:22:11 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=43B8E05EAE033B5F50890232138FE98C7A9382C1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:fb:21:cb:7e:6f:65:79:50:fd:90:cb:8d:8a: ec:62:87:0c:17:19:5a:ec:c9:63:9a:c7:3f:36:e8: 9c:d7:c5:3c:05:6c:65:20:7b:73:3e:fd:01:e6:69: b1:1e:be:1d:64:d8:de:a2:5d:c2:ac:47:43:38:67: d3:c6:ab:11:5a:31:08:fd:ef:57:c9:a5:09:21:20: 4e:3e:29:9d:2f:a5:7c:1a:f4:20:8f:9d:7e:1b:d9: a9:16:a1:a9:d6:83:e5:1d:d1:46:be:7d:24:b3:7a: ba:32:71:b9:7c:e3:4a:4f:7f:e0:fe:35:41:85:86: 41:b4:9a:36:d0:42:ed:79:d4:a6:32:d9:db:ce:ea: 82:32:96:b1:73:2b:5f:6e:51:82:77:f6:df:6c:36: 58:a6:f2:39:ce:d1:0e:a4:5c:e7:6f:09:89:20:4f: 3e:1b:62:bc:34:2c:c5:65:71:e9:11:98:f2:32:2a: 74:ce:c8:df:6c:81:74:dc:97:da:85:88:da:0e:6a: d3:9f:ac:49:04:d6:71:14:bf:93:da:d8:e1:3e:b8: bd:4d:09:bf:32:ae:84:5c:f5:5b:53:4f:f9:94:98: 34:38:76:4e:a8:99:39:b3:a9:cb:f0:a9:a2:a4:8b: 52:d5:98:86:e0:d8:83:9e:25:7e:69:f3:46:a8:44: 6b:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:B8:E0:5E:AE:03:3B:5F:50:89:02:32:13:8F:E9:8C:7A:93:82:C1 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Q7jgXq4DO19QiQIyE4_pjHqTgsE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.45.116.0/22 Signature Algorithm: sha256WithRSAEncryption 17:ef:dd:9c:7b:b1:21:97:bd:9b:04:2e:cd:42:03:dd:39:a3: 2b:46:e1:ec:ce:1b:d9:da:9f:d1:76:92:eb:07:fd:d3:93:63: 8e:23:9b:ea:da:4b:8d:1d:fb:79:e3:e9:61:a1:f9:17:54:b3: 61:64:a7:14:ba:1a:2a:13:fe:8f:9a:7b:83:6f:6f:00:6a:b9: ae:d6:22:6e:65:a5:5b:5d:34:43:ab:5b:c4:b7:01:46:e4:a2: e5:21:4d:f3:99:5b:b5:6f:ed:62:9d:da:3e:21:ec:e9:bd:1f: 08:3a:cd:9f:e6:2e:2c:09:36:da:49:ed:28:1a:e4:69:a5:71: 6a:90:f2:35:d6:dd:dd:c1:ac:c4:c0:8b:c9:d2:bc:ea:17:95: 5b:96:ad:86:d9:64:17:92:93:d0:4e:f2:af:e4:2f:6c:5e:75: 4f:dd:86:50:0e:c3:72:02:f8:b5:7c:81:32:39:45:cc:5f:f3: c6:6d:8c:d7:93:39:e4:7e:c5:7d:31:db:1e:84:a6:5d:e8:8f: 72:af:99:c5:6f:a6:12:d9:31:a9:69:b0:40:92:ab:2f:38:39: 80:24:d9:9b:66:3c:d7:b3:ef:8b:a2:fd:89:f3:ea:15:01:a0: e6:bf:17:2a:77:85:18:c8:6e:3c:ff:7a:5c:fc:fe:e4:64:43: 84:64:a9:17 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDvcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDEwMjgx MDIyMTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQzQjhFMDVFQUUwMzNC NUY1MDg5MDIzMjEzOEZFOThDN0E5MzgyQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDd+yHLfm9leVD9kMuNiuxihwwXGVrsyWOaxz826JzXxTwFbGUg e3M+/QHmabEevh1k2N6iXcKsR0M4Z9PGqxFaMQj971fJpQkhIE4+KZ0vpXwa9CCP nX4b2akWoanWg+Ud0Ua+fSSzeroycbl840pPf+D+NUGFhkG0mjbQQu151KYy2dvO 6oIylrFzK19uUYJ39t9sNlim8jnO0Q6kXOdvCYkgTz4bYrw0LMVlcekRmPIyKnTO yN9sgXTcl9qFiNoOatOfrEkE1nEUv5Pa2OE+uL1NCb8yroRc9VtTT/mUmDQ4dk6o mTmzqcvwqaKki1LVmIbg2IOeJX5p80aoRGvTAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUQ7jgXq4DO19QiQIyE4/pjHqTgsEwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvUTdqZ1hxNERPMTlR aVFJeUU0X3BqSHFUZ3NFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAnEtdDANBgkqhkiG9w0BAQsFAAOCAQEAF+/dnHuxIZe9mwQuzUID3TmjK0bh 7M4b2dqf0XaS6wf905NjjiOb6tpLjR37eePpYaH5F1SzYWSnFLoaKhP+j5p7g29v AGq5rtYibmWlW100Q6tbxLcBRuSi5SFN85lbtW/tYp3aPiHs6b0fCDrNn+YuLAk2 2kntKBrkaaVxapDyNdbd3cGsxMCLydK86heVW5athtlkF5KT0E7yr+QvbF51T92G UA7DcgL4tXyBMjlFzF/zxm2M15M55H7FfTHbHoSmXeiPcq+ZxW+mEtkxqWmwQJKr Lzg5gCTZm2Y817Pvi6L9ifPqFQGg5r8XKneFGMhuPP96XPz+5GRDhGSpFw== -----END CERTIFICATE-----Generated at Mon Nov 25 20:22:05 2024 by rpki-client on console-fra.rpki-client.org