$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/W5g2hN_BwZpCh6He2nsTKMbtJEc.roa File: W5g2hN_BwZpCh6He2nsTKMbtJEc.roa (raw, json) Hash identifier: aPbXULS1U9L8DqM6TUYBYOgfqX/tVou5n/YIvZXYZHk= Subject key identifier: 5B:98:36:84:DF:C1:C1:9A:42:87:A1:DE:DA:7B:13:28:C6:ED:24:47 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0E90 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/W5g2hN_BwZpCh6He2nsTKMbtJEc.roa Signing time: Tue 08 Oct 2024 07:24:42 +0000 ROA not before: Tue 08 Oct 2024 07:24:42 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.45.104.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 23:53:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3728 (0xe90) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Oct 8 07:24:42 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=5B983684DFC1C19A4287A1DEDA7B1328C6ED2447 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:ea:0d:59:c5:ae:bd:ad:1c:0e:f7:e4:e4:00: c6:74:45:25:93:32:e2:c6:6e:08:87:9a:13:6b:02: b5:51:f1:8b:bd:a8:c9:7e:aa:93:43:62:89:d3:27: 2a:73:08:f2:44:9f:bd:10:e9:69:3a:e6:e7:4b:c3: 8a:56:d3:f6:13:21:e9:22:a0:fa:a9:5c:2a:27:25: 65:37:1c:8c:41:24:99:5e:33:b6:af:36:50:a3:f7: ef:b8:15:97:3a:09:21:be:e5:2a:68:c4:b0:fe:e8: 3b:77:d4:1c:be:bc:3d:fe:b3:df:5c:11:80:a1:8b: cd:4f:bb:6c:5e:e5:b4:1c:35:d6:72:20:39:95:19: 73:d8:c8:eb:0b:87:53:95:0d:02:5f:1f:0e:c3:ad: 82:0c:87:77:40:82:a2:9a:d0:ef:a9:49:29:94:c8: 2f:fe:e3:0d:32:20:59:80:47:5b:d7:c6:0c:e2:4f: d3:c6:e6:4b:5f:7f:54:d3:28:9a:0b:c1:4c:c8:c1: 79:1d:8d:c0:e5:d7:4b:0b:73:c0:1f:ed:92:6f:fc: 3c:77:79:a3:a2:85:56:22:9b:95:5b:b3:c0:23:8c: bf:8f:39:7b:e8:3b:79:68:8e:07:db:c7:f4:5a:b3: e6:6b:55:d1:78:72:56:b7:df:bc:88:a3:a8:76:3e: c9:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:98:36:84:DF:C1:C1:9A:42:87:A1:DE:DA:7B:13:28:C6:ED:24:47 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/W5g2hN_BwZpCh6He2nsTKMbtJEc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.45.104.0/21 Signature Algorithm: sha256WithRSAEncryption 7a:13:b8:6a:b1:3a:d7:76:a9:44:0f:81:54:84:dd:ac:ef:0e: f0:e0:ad:88:ca:be:b1:e5:1f:5a:ee:85:21:ac:8f:25:46:04: d5:7c:0e:17:56:19:d2:ce:2e:36:54:b5:96:07:ec:fc:28:51: 44:97:8a:5e:74:7e:b5:57:f1:94:c9:52:74:1a:1b:a5:49:21: b5:19:af:ea:57:8d:f8:4a:d6:fb:c1:4c:a9:7d:7e:a3:6e:af: ad:39:cd:fc:02:95:43:90:46:b2:9d:67:99:16:c5:63:12:01: 1b:7f:52:0e:e4:15:d4:de:a9:ec:49:ce:49:a2:53:b7:1c:26: d4:6b:cc:c6:5b:6c:bd:f7:b2:16:34:87:fa:0c:ea:e1:c4:af: 05:37:a8:a3:8b:45:68:98:a8:fb:45:e6:c9:09:b7:69:d9:18: b1:59:7f:a3:68:25:51:9f:58:a6:3c:da:71:27:cd:a7:66:8a: 6a:29:33:c2:ce:71:b6:4b:89:0e:2c:63:55:b3:f8:75:44:c9: be:2c:27:57:c9:56:dc:45:b0:8e:86:ac:db:0e:32:b4:93:d5: 65:7e:6b:07:6a:5a:c2:41:2c:3a:9c:09:62:d0:24:1f:e2:d0: dd:67:2e:b0:69:72:0c:30:24:18:23:91:c7:a4:e6:fb:ad:a3: 57:53:c9:b3 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDpAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDEwMDgw NzI0NDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDVCOTgzNjg0REZDMUMx OUE0Mjg3QTFERURBN0IxMzI4QzZFRDI0NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDK6g1Zxa69rRwO9+TkAMZ0RSWTMuLGbgiHmhNrArVR8Yu9qMl+ qpNDYonTJypzCPJEn70Q6Wk65udLw4pW0/YTIekioPqpXConJWU3HIxBJJleM7av NlCj9++4FZc6CSG+5SpoxLD+6Dt31By+vD3+s99cEYChi81Pu2xe5bQcNdZyIDmV GXPYyOsLh1OVDQJfHw7DrYIMh3dAgqKa0O+pSSmUyC/+4w0yIFmAR1vXxgziT9PG 5ktff1TTKJoLwUzIwXkdjcDl10sLc8Af7ZJv/Dx3eaOihVYim5Vbs8AjjL+POXvo O3lojgfbx/Ras+ZrVdF4cla337yIo6h2PsmpAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUW5g2hN/BwZpCh6He2nsTKMbtJEcwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvVzVnMmhOX0J3WnBD aDZIZTJuc1RLTWJ0SkVjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA3EtaDANBgkqhkiG9w0BAQsFAAOCAQEAehO4arE613apRA+BVITdrO8O8OCt iMq+seUfWu6FIayPJUYE1XwOF1YZ0s4uNlS1lgfs/ChRRJeKXnR+tVfxlMlSdBob pUkhtRmv6leN+ErW+8FMqX1+o26vrTnN/AKVQ5BGsp1nmRbFYxIBG39SDuQV1N6p 7EnOSaJTtxwm1GvMxltsvfeyFjSH+gzq4cSvBTeoo4tFaJio+0XmyQm3adkYsVl/ o2glUZ9YpjzacSfNp2aKaikzws5xtkuJDixjVbP4dUTJviwnV8lW3EWwjoas2w4y tJPVZX5rB2pawkEsOpwJYtAkH+LQ3WcusGlyDDAkGCORx6Tm+62jV1PJsw== -----END CERTIFICATE-----Generated at Mon Nov 25 20:22:05 2024 by rpki-client on console-fra.rpki-client.org