$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/ah10FyIuxpN784BEktJC4y5Djhs.roa File: ah10FyIuxpN784BEktJC4y5Djhs.roa (raw, json) Hash identifier: nkm/Cf9IZQEHTl83aqSzeB0PkhfebY6Y9iZQ+7UXHTw= Subject key identifier: 6A:1D:74:17:22:2E:C6:93:7B:F3:80:44:92:D2:42:E3:2E:43:8E:1B Certificate issuer: /CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2 Certificate serial: 0DF8 Authority key identifier: C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ah10FyIuxpN784BEktJC4y5Djhs.roa Signing time: Wed 18 Sep 2024 07:51:21 +0000 ROA not before: Wed 18 Sep 2024 07:51:21 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 55990 IP address blocks: 139.9.99.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 23:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3576 (0xdf8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2 Validity Not Before: Sep 18 07:51:21 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=6A1D7417222EC6937BF3804492D242E32E438E1B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:42:ee:23:1d:a2:48:c7:df:f5:58:bc:bf:1e: e7:65:5a:92:7d:b2:3c:22:3f:f0:37:7f:54:a4:0d: cc:b1:2c:de:69:4d:28:06:10:bd:fc:17:71:ab:5d: f0:f9:c6:77:2b:ef:fe:9d:de:03:21:5e:03:4c:f6: 74:17:ec:ce:6b:14:de:e3:6d:73:2e:a2:9f:5f:0c: 9f:e5:b6:c2:f6:63:83:3e:22:c1:5b:ed:72:e9:3d: 22:2b:d9:bc:c5:d1:96:e3:66:6d:48:80:19:62:b9: 21:30:fb:c3:8c:31:01:be:fb:81:87:47:ec:93:1f: 98:10:59:8b:b7:18:08:e8:d8:93:12:74:f6:7f:a2: 5a:33:72:9b:31:d3:4f:5c:7d:a1:8f:80:99:b2:ac: 80:b8:a9:42:55:c9:f0:e7:28:34:5a:ca:1b:26:4f: 4d:4d:cd:f4:38:40:7b:d6:89:33:8b:e8:d3:73:a2: a6:a2:83:09:f3:d1:f9:08:43:1d:26:b4:67:71:0e: 67:7a:3e:d9:8f:0b:ef:6a:f5:d0:3a:06:25:5f:2a: 0d:9b:bf:33:5b:2e:cc:fd:ec:15:03:09:07:be:a9: dc:bf:59:a8:b5:38:7b:38:64:17:77:2f:c0:14:72: df:10:ce:b2:36:91:3c:f8:bf:d7:03:d1:2a:5d:a2: 5a:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:1D:74:17:22:2E:C6:93:7B:F3:80:44:92:D2:42:E3:2E:43:8E:1B X509v3 Authority Key Identifier: keyid:C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ah10FyIuxpN784BEktJC4y5Djhs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.9.99.0/24 Signature Algorithm: sha256WithRSAEncryption 9d:0b:62:a9:ed:19:ef:b5:c5:6d:9d:ea:6a:29:c6:52:d1:12: 2b:3e:7a:01:19:23:ca:b1:38:7d:3c:86:7a:af:08:d2:10:25: 9c:b3:a4:b2:d9:72:a1:66:b2:bc:86:5a:d2:aa:f5:b1:0d:c1: df:77:7b:f9:15:4b:e6:98:2e:2a:02:99:f9:f1:fa:e9:54:1b: 45:c2:d9:e4:da:60:af:d0:d1:e8:c9:c5:a6:4c:34:3c:19:37: 13:d9:1f:cd:78:9c:90:38:94:f7:8a:7b:31:2d:e5:6f:e7:aa: ec:52:88:53:cb:e8:af:68:d0:8a:7e:4b:2d:e8:74:30:d5:f9: 96:0f:c5:52:aa:76:5e:4d:01:b9:5d:72:08:8d:36:c7:8d:98: 69:1b:b5:e6:84:a6:82:6c:97:5d:d0:78:bb:6e:f9:f2:88:1f: 86:e2:37:16:ad:3e:0a:b5:7f:5b:ee:df:0f:b6:64:85:0e:97: 51:88:6e:63:06:b9:f9:0b:b3:d3:51:72:d2:02:2a:69:e4:94: e2:51:ed:0b:80:01:51:8a:4d:dd:a3:e6:e3:34:c9:0a:42:43: dc:aa:86:90:50:b2:9e:3f:85:81:24:8e:4f:ac:6f:ce:b5:f2: 8d:a3:f8:cd:85:ca:6a:83:c8:eb:77:bf:f2:62:a9:27:57:08: 56:33:25:b1 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDfgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzFE MzEyOTE2MzhGNEE0MDQwQ0QzRDUyREVDM0ZGMkI5NzA5QzVGMjAeFw0yNDA5MTgw NzUxMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZBMUQ3NDE3MjIyRUM2 OTM3QkYzODA0NDkyRDI0MkUzMkU0MzhFMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDhQu4jHaJIx9/1WLy/HudlWpJ9sjwiP/A3f1SkDcyxLN5pTSgG EL38F3GrXfD5xncr7/6d3gMhXgNM9nQX7M5rFN7jbXMuop9fDJ/ltsL2Y4M+IsFb 7XLpPSIr2bzF0ZbjZm1IgBliuSEw+8OMMQG++4GHR+yTH5gQWYu3GAjo2JMSdPZ/ olozcpsx009cfaGPgJmyrIC4qUJVyfDnKDRayhsmT01NzfQ4QHvWiTOL6NNzoqai gwnz0fkIQx0mtGdxDmd6PtmPC+9q9dA6BiVfKg2bvzNbLsz97BUDCQe+qdy/Wai1 OHs4ZBd3L8AUct8QzrI2kTz4v9cD0SpdolqlAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUah10FyIuxpN784BEktJC4y5DjhswHwYDVR0jBBgwFoAUwdMSkWOPSkBAzT1S 3sP/K5cJxfIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC93ZE1Ta1dPUFNrQkF6VDFTM3NQX0s1Y0p4ZkkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3dkTVNrV09QU2tCQXpUMVMzc1BfSzVjSnhmSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvYWgxMEZ5SXV4cE43 ODRCRWt0SkM0eTVEamhzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAIsJYzANBgkqhkiG9w0BAQsFAAOCAQEAnQtiqe0Z77XFbZ3qainGUtESKz56 ARkjyrE4fTyGeq8I0hAlnLOkstlyoWayvIZa0qr1sQ3B33d7+RVL5pguKgKZ+fH6 6VQbRcLZ5Npgr9DR6MnFpkw0PBk3E9kfzXickDiU94p7MS3lb+eq7FKIU8vor2jQ in5LLeh0MNX5lg/FUqp2Xk0BuV1yCI02x42YaRu15oSmgmyXXdB4u2758ogfhuI3 Fq0+CrV/W+7fD7ZkhQ6XUYhuYwa5+Quz01Fy0gIqaeSU4lHtC4ABUYpN3aPm4zTJ CkJD3KqGkFCynj+FgSSOT6xvzrXyjaP4zYXKaoPI63e/8mKpJ1cIVjMlsQ== -----END CERTIFICATE-----Generated at Mon Nov 25 20:22:05 2024 by rpki-client on console-fra.rpki-client.org