$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/ZKbdq6wKJr6zNGWSpWL0a_17kgs.roa File: ZKbdq6wKJr6zNGWSpWL0a_17kgs.roa (raw, json) Hash identifier: Hu/ttc6XGYHEJ5U9yPGiYtv46TcirWMcsbnl30Zp6b0= Subject key identifier: 64:A6:DD:AB:AC:0A:26:BE:B3:34:65:92:A5:62:F4:6B:FD:7B:92:0B Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0EF9 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ZKbdq6wKJr6zNGWSpWL0a_17kgs.roa Signing time: Mon 28 Oct 2024 10:22:12 +0000 ROA not before: Mon 28 Oct 2024 10:22:12 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.45.114.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 16 Feb 2025 22:57:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3833 (0xef9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Oct 28 10:22:12 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=64A6DDABAC0A26BEB3346592A562F46BFD7B920B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:e1:07:3a:a9:4a:c3:e1:f0:23:01:b1:e8:ac: 2a:af:d5:fe:35:eb:7a:34:77:d4:b4:83:3b:a6:e9: 01:ad:ba:7b:7f:a1:f5:95:88:22:4d:67:28:36:88: 15:be:27:3d:23:75:9e:3d:4c:63:e8:98:59:d9:c2: a3:7c:cf:38:5c:8d:14:73:4a:3f:43:4b:3a:e2:85: a6:77:77:e0:bf:e2:c7:92:9a:59:f8:94:22:9a:9a: 66:00:4e:f4:cb:27:10:33:5c:c0:a2:54:f1:d1:5b: 9d:50:df:df:2a:85:0b:e7:00:a9:5b:c4:51:a3:4e: fa:00:35:84:90:db:d0:ff:b8:6e:6c:c9:c3:f1:c6: 73:67:f4:f1:74:56:ee:3b:98:02:9f:19:52:65:fd: 08:04:2a:db:fb:10:a1:c1:5d:85:2e:fa:ef:6c:19: 06:d2:db:09:43:10:0e:63:e9:a5:2f:86:12:f4:31: 4c:8e:92:6b:03:09:b4:e7:a0:90:70:4f:c5:eb:9f: 74:04:56:38:74:f1:ab:90:2f:e6:c1:f2:80:18:38: b1:d4:e3:62:92:ac:28:82:7d:db:b2:06:95:8d:a0: 4e:06:b1:9f:47:4d:59:ec:00:87:b4:4e:2d:14:66: ee:c3:23:76:ff:22:7e:9b:11:35:22:33:13:58:84: 6f:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:A6:DD:AB:AC:0A:26:BE:B3:34:65:92:A5:62:F4:6B:FD:7B:92:0B X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ZKbdq6wKJr6zNGWSpWL0a_17kgs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.45.114.0/23 Signature Algorithm: sha256WithRSAEncryption 44:ca:26:3f:fe:08:5a:5a:94:55:02:17:94:de:4e:ef:71:30: dd:b7:49:c8:e8:bb:b9:62:3f:cb:36:ac:2b:72:79:7f:9c:04: 99:8f:de:b3:0d:2b:ca:62:59:62:96:17:fc:c4:43:51:79:50: f6:5d:37:bc:b5:d8:10:f8:cd:88:c6:cb:26:e6:70:ec:c2:fd: b3:db:be:26:62:38:ff:7e:fa:cb:20:a5:66:8b:f6:5b:3b:6c: 48:c0:ee:2d:c1:ef:b2:d4:75:30:f7:f9:df:03:c7:81:65:ea: bf:1a:a2:f1:b7:6c:28:54:a0:67:b4:ad:b2:c7:a6:4c:c1:a4: 63:f0:82:d7:4b:c1:00:61:ab:5d:c8:2f:c6:36:89:0c:95:c1: e0:96:0f:16:36:16:fc:97:84:f4:e9:2b:16:7f:78:9c:44:e9: da:f7:11:91:6a:69:f4:71:4b:9a:dc:ab:56:9a:fa:69:9d:62: 86:13:09:8a:5d:07:f5:ae:dc:1f:cf:37:83:a9:46:56:ff:32: f1:a8:e6:20:79:0c:45:ca:90:bd:fc:46:45:f1:62:5c:94:ff: 4f:a4:ee:06:0b:ca:80:ff:7d:80:e8:82:27:2d:0c:4d:2a:2c: 0f:31:18:16:20:85:e6:83:d9:bc:28:9e:ee:30:0f:db:99:cc: c5:82:62:ba -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDvkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDEwMjgx MDIyMTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDY0QTZEREFCQUMwQTI2 QkVCMzM0NjU5MkE1NjJGNDZCRkQ3QjkyMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCZ4Qc6qUrD4fAjAbHorCqv1f4163o0d9S0gzum6QGtunt/ofWV iCJNZyg2iBW+Jz0jdZ49TGPomFnZwqN8zzhcjRRzSj9DSzrihaZ3d+C/4seSmln4 lCKammYATvTLJxAzXMCiVPHRW51Q398qhQvnAKlbxFGjTvoANYSQ29D/uG5sycPx xnNn9PF0Vu47mAKfGVJl/QgEKtv7EKHBXYUu+u9sGQbS2wlDEA5j6aUvhhL0MUyO kmsDCbTnoJBwT8Xrn3QEVjh08auQL+bB8oAYOLHU42KSrCiCfduyBpWNoE4GsZ9H TVnsAIe0Ti0UZu7DI3b/In6bETUiMxNYhG9ZAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUZKbdq6wKJr6zNGWSpWL0a/17kgswHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvWktiZHE2d0tKcjZ6 TkdXU3BXTDBhXzE3a2dzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEtcjANBgkqhkiG9w0BAQsFAAOCAQEARMomP/4IWlqUVQIXlN5O73Ew3bdJ yOi7uWI/yzasK3J5f5wEmY/esw0rymJZYpYX/MRDUXlQ9l03vLXYEPjNiMbLJuZw 7ML9s9u+JmI4/376yyClZov2WztsSMDuLcHvstR1MPf53wPHgWXqvxqi8bdsKFSg Z7StssemTMGkY/CC10vBAGGrXcgvxjaJDJXB4JYPFjYW/JeE9OkrFn94nETp2vcR kWpp9HFLmtyrVpr6aZ1ihhMJil0H9a7cH883g6lGVv8y8ajmIHkMRcqQvfxGRfFi XJT/T6TuBgvKgP99gOiCJy0MTSosDzEYFiCF5oPZvCie7jAP25nMxYJiug== -----END CERTIFICATE-----Generated at Sun Feb 16 22:03:55 2025 by rpki-client