$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/S7iGxvSW-RVmddV788QgYfy2K0c.roa File: S7iGxvSW-RVmddV788QgYfy2K0c.roa (raw, json) Hash identifier: t+Vx40GpgSSrvYCHIrVZzdybVDWr3rJdK7hC7m/yl2E= Subject key identifier: 4B:B8:86:C6:F4:96:F9:15:66:75:D5:7B:F3:C4:20:61:FC:B6:2B:47 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0F68 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/S7iGxvSW-RVmddV788QgYfy2K0c.roa Signing time: Mon 18 Nov 2024 08:37:17 +0000 ROA not before: Mon 18 Nov 2024 08:37:17 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.47.234.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 23:53:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3944 (0xf68) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Nov 18 08:37:17 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=4BB886C6F496F9156675D57BF3C42061FCB62B47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:96:57:ed:5e:54:8f:c4:0f:1e:0c:a1:fe:5c: 0a:01:44:4d:7a:cc:cf:80:23:6f:9c:6e:d2:f3:dc: 6b:a0:2c:a7:f2:45:24:95:f7:6e:2a:b1:65:65:76: 98:7d:21:9d:a2:7f:8a:3d:cb:3d:f7:e9:2c:f7:89: be:03:40:4e:41:16:df:db:0e:35:b4:9a:0b:6b:34: 35:b2:5f:09:38:ce:f5:35:02:03:0d:89:4b:be:3b: 72:70:65:7d:3a:2a:61:0e:89:62:08:54:60:09:15: 28:d1:93:9d:24:45:18:f0:77:01:a9:d7:dd:ae:ee: 3e:87:3a:e2:7c:fe:9d:99:a4:58:82:35:82:7b:d6: d7:1e:30:3a:5e:b1:47:9a:85:3f:8f:11:7c:ea:b1: 78:9e:9f:de:44:13:c6:e2:ab:62:76:08:0f:bf:2a: 36:5a:8a:82:94:37:d1:bd:5a:07:9a:28:e1:65:da: 2d:37:78:e1:7b:f9:35:ea:73:09:3e:d4:12:2e:37: 26:ff:af:4a:b7:17:22:9b:3d:5a:68:3e:e1:aa:67: c0:c4:3b:b1:ea:4c:44:d0:73:70:a3:ce:b8:b8:bf: 46:fd:1a:26:a5:5f:25:d1:a7:90:72:40:ce:2f:bd: da:87:89:b6:11:2b:95:48:83:1f:22:af:e3:60:42: e7:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:B8:86:C6:F4:96:F9:15:66:75:D5:7B:F3:C4:20:61:FC:B6:2B:47 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/S7iGxvSW-RVmddV788QgYfy2K0c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.234.0/23 Signature Algorithm: sha256WithRSAEncryption 32:8a:91:f3:b3:f7:12:27:44:08:83:d8:70:5b:84:78:da:db: b5:30:23:6a:c0:df:85:27:b5:7f:24:da:ac:d6:07:95:49:80: b7:00:db:7a:fc:34:16:94:df:49:8d:0f:80:93:6d:1c:ab:dc: 96:4a:92:03:4b:c4:1c:03:67:c7:08:3b:64:fc:c6:ce:6e:38: e0:5f:94:6e:2a:38:d5:0a:40:ce:58:4d:63:de:2e:28:85:e2: 72:0a:82:4a:b9:f4:1e:df:51:e1:eb:b1:dd:e1:56:f8:8a:bf: c0:b1:17:b2:2e:48:95:0f:5e:9d:a5:0b:2b:46:3b:a6:9f:fb: dc:ae:01:4e:b1:73:78:fe:03:7f:02:4e:61:0b:7a:46:1e:b2: 32:50:6f:d2:49:55:fa:7d:bb:28:f2:60:2b:7a:04:9e:88:54: 2e:a6:e9:e8:22:14:c5:0c:f6:6a:a7:d3:2d:0a:d4:fd:72:89: 9e:2a:0c:fd:df:37:45:6a:af:cb:08:67:af:cf:39:2c:4a:d5: d4:95:5e:0b:01:51:af:4e:39:88:97:86:29:8c:44:6f:f1:c1: 1a:dd:ea:bf:27:67:08:9f:d6:b1:34:c1:e7:d4:c8:c5:20:32: a5:a8:4f:bf:3b:65:f2:d9:a1:2d:b5:ee:bf:21:74:8c:55:3b: ca:4d:36:9e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD2gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDExMTgw ODM3MTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDRCQjg4NkM2RjQ5NkY5 MTU2Njc1RDU3QkYzQzQyMDYxRkNCNjJCNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzllftXlSPxA8eDKH+XAoBRE16zM+AI2+cbtLz3GugLKfyRSSV 924qsWVldph9IZ2if4o9yz336Sz3ib4DQE5BFt/bDjW0mgtrNDWyXwk4zvU1AgMN iUu+O3JwZX06KmEOiWIIVGAJFSjRk50kRRjwdwGp192u7j6HOuJ8/p2ZpFiCNYJ7 1tceMDpesUeahT+PEXzqsXien95EE8biq2J2CA+/KjZaioKUN9G9WgeaKOFl2i03 eOF7+TXqcwk+1BIuNyb/r0q3FyKbPVpoPuGqZ8DEO7HqTETQc3Cjzri4v0b9Gial XyXRp5ByQM4vvdqHibYRK5VIgx8ir+NgQufLAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUS7iGxvSW+RVmddV788QgYfy2K0cwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvUzdpR3h2U1ctUlZt ZGRWNzg4UWdZZnkySzBjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEv6jANBgkqhkiG9w0BAQsFAAOCAQEAMoqR87P3EidECIPYcFuEeNrbtTAj asDfhSe1fyTarNYHlUmAtwDbevw0FpTfSY0PgJNtHKvclkqSA0vEHANnxwg7ZPzG zm444F+Ubio41QpAzlhNY94uKIXicgqCSrn0Ht9R4eux3eFW+Iq/wLEXsi5IlQ9e naULK0Y7pp/73K4BTrFzeP4DfwJOYQt6Rh6yMlBv0klV+n27KPJgK3oEnohULqbp 6CIUxQz2aqfTLQrU/XKJnioM/d83RWqvywhnr885LErV1JVeCwFRr045iJeGKYxE b/HBGt3qvydnCJ/WsTTB59TIxSAypahPvztl8tmhLbXuvyF0jFU7yk02ng== -----END CERTIFICATE-----Generated at Mon Nov 25 20:22:05 2024 by rpki-client on console-fra.rpki-client.org