$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/TvgshJVja0fP62W1PQQY1yLS3zU.roa File: TvgshJVja0fP62W1PQQY1yLS3zU.roa (raw, json) Hash identifier: X+IHozWfpzzUGKvW+c4/qs233+WKTAL6wlexnZppUP0= Subject key identifier: 4E:F8:2C:84:95:63:6B:47:CF:EB:65:B5:3D:04:18:D7:22:D2:DF:35 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0EFA Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/TvgshJVja0fP62W1PQQY1yLS3zU.roa Signing time: Mon 28 Oct 2024 10:22:13 +0000 ROA not before: Mon 28 Oct 2024 10:22:13 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.45.98.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:20:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3834 (0xefa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Oct 28 10:22:13 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=4EF82C8495636B47CFEB65B53D0418D722D2DF35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:9d:ab:e5:6a:a3:97:bd:5c:f7:e6:78:c1:cd: dd:2f:a8:f5:de:e8:62:38:81:21:de:80:0a:b4:75: 86:bd:db:8a:db:9a:81:c8:11:fb:c2:1f:f0:f4:15: d5:8b:ed:25:7b:70:e1:ae:d7:62:4f:a0:a3:e4:6a: df:8c:d4:62:67:49:cb:9b:67:d9:9f:8c:6a:71:34: a9:c2:07:5d:a4:60:b4:b0:14:02:2e:ee:a9:0f:21: 4a:d9:d0:94:24:65:4d:a0:a1:b3:00:3f:4d:dc:9b: e8:cf:0b:70:ed:2a:04:75:b1:5b:65:e1:fb:26:8f: 91:47:9a:01:8b:39:63:13:5b:1a:b3:8f:78:48:5a: 9d:61:0f:45:f6:40:9a:61:e3:92:8b:67:79:b3:9b: a7:9d:87:01:3d:93:af:b0:91:e0:be:ec:26:84:c5: 07:85:23:7f:07:8a:94:95:33:fa:8c:33:65:89:84: 1e:e0:9d:52:3a:c1:a7:30:87:37:b5:3d:44:af:b6: fa:39:66:25:d4:d5:df:52:36:89:18:09:5e:c6:73: 45:47:58:79:c7:65:c5:0b:1b:94:53:30:b0:18:60: 92:96:8c:3e:20:92:5d:a6:30:30:94:0e:19:dd:05: 33:ac:27:80:c7:1c:31:ea:16:28:7e:1e:2e:50:4e: 18:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:F8:2C:84:95:63:6B:47:CF:EB:65:B5:3D:04:18:D7:22:D2:DF:35 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/TvgshJVja0fP62W1PQQY1yLS3zU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.45.98.0/23 Signature Algorithm: sha256WithRSAEncryption 85:b5:06:ce:7c:17:07:d3:0a:64:53:40:35:d5:4e:fa:d5:c2: 2f:9c:27:c9:b6:2a:7a:19:45:4d:c7:10:1e:70:ce:c1:a5:cb: 76:9a:85:2a:f0:c3:88:05:63:c5:3c:48:f3:69:f0:62:c2:7f: 1f:68:f6:2d:dc:d5:78:1c:fc:80:13:2a:4b:04:69:9b:ff:78: 62:5e:c2:bd:a4:db:6c:36:d7:75:a4:66:82:2a:23:fb:be:04: 91:50:42:0a:db:6f:95:cd:91:8c:36:73:23:c0:2b:f7:b2:c6: 7b:fb:cb:21:55:71:79:a9:2b:32:63:28:1d:01:aa:31:24:46: ff:ea:35:28:89:f9:48:5f:b4:54:48:16:72:77:96:d2:da:d3: 2d:df:a4:2f:2e:4e:7a:6b:85:e0:ec:85:e3:38:5c:e1:7f:b1: 02:56:b6:e1:3b:1e:50:c6:05:40:3d:89:30:21:d2:de:31:e8: b8:74:36:55:38:31:db:57:d3:cb:58:b2:46:1a:bf:98:3d:bb: 1a:36:41:31:e8:12:ea:64:43:55:e6:d8:e0:71:45:e2:fd:d5: 94:28:15:9c:23:f6:66:e3:d0:f3:51:cf:fe:a3:58:5c:72:5b: 1e:54:03:38:1e:a4:10:99:9c:74:9a:68:1a:97:f6:06:e7:76: c3:fd:8d:35 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDvowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDEwMjgx MDIyMTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDRFRjgyQzg0OTU2MzZC NDdDRkVCNjVCNTNEMDQxOEQ3MjJEMkRGMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCenavlaqOXvVz35njBzd0vqPXe6GI4gSHegAq0dYa924rbmoHI EfvCH/D0FdWL7SV7cOGu12JPoKPkat+M1GJnScubZ9mfjGpxNKnCB12kYLSwFAIu 7qkPIUrZ0JQkZU2gobMAP03cm+jPC3DtKgR1sVtl4fsmj5FHmgGLOWMTWxqzj3hI Wp1hD0X2QJph45KLZ3mzm6edhwE9k6+wkeC+7CaExQeFI38HipSVM/qMM2WJhB7g nVI6wacwhze1PUSvtvo5ZiXU1d9SNokYCV7Gc0VHWHnHZcULG5RTMLAYYJKWjD4g kl2mMDCUDhndBTOsJ4DHHDHqFih+Hi5QThjFAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUTvgshJVja0fP62W1PQQY1yLS3zUwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvVHZnc2hKVmphMGZQ NjJXMVBRUVkxeUxTM3pVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEtYjANBgkqhkiG9w0BAQsFAAOCAQEAhbUGznwXB9MKZFNANdVO+tXCL5wn ybYqehlFTccQHnDOwaXLdpqFKvDDiAVjxTxI82nwYsJ/H2j2LdzVeBz8gBMqSwRp m/94Yl7CvaTbbDbXdaRmgioj+74EkVBCCttvlc2RjDZzI8Ar97LGe/vLIVVxeakr MmMoHQGqMSRG/+o1KIn5SF+0VEgWcneW0trTLd+kLy5OemuF4OyF4zhc4X+xAla2 4TseUMYFQD2JMCHS3jHouHQ2VTgx21fTy1iyRhq/mD27GjZBMegS6mRDVebY4HFF 4v3VlCgVnCP2ZuPQ81HP/qNYXHJbHlQDOB6kEJmcdJpoGpf2Bud2w/2NNQ== -----END CERTIFICATE-----Generated at Fri Nov 22 16:05:38 2024 by rpki-client on console-fra.rpki-client.org