$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/fBVL5uvMqsoSz7du-_6XKa3rXc8.roa File: fBVL5uvMqsoSz7du-_6XKa3rXc8.roa (raw, json) Hash identifier: oc3/NxSd+RMGLYQ8HPix+Z4zVb6xSBSvoSetVePIngQ= Subject key identifier: 7C:15:4B:E6:EB:CC:AA:CA:12:CF:B7:6E:FB:FE:97:29:AD:EB:5D:CF Certificate issuer: /CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2 Certificate serial: 0D3A Authority key identifier: C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/fBVL5uvMqsoSz7du-_6XKa3rXc8.roa Signing time: Tue 13 Aug 2024 03:22:20 +0000 ROA not before: Tue 13 Aug 2024 03:22:20 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 136907 IP address blocks: 139.9.98.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 03:53:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3386 (0xd3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2 Validity Not Before: Aug 13 03:22:20 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=7C154BE6EBCCAACA12CFB76EFBFE9729ADEB5DCF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:be:69:70:b0:4c:06:c7:1e:25:0f:25:63:c9: 45:51:b9:c2:cc:4a:c9:7f:40:96:43:27:99:70:71: 7f:52:5d:02:13:e8:5f:81:61:4a:86:aa:8e:95:27: bb:9b:e7:9a:af:60:09:25:b3:cf:94:ca:bf:aa:ac: a8:02:a9:51:7a:2b:55:52:73:b8:bf:47:c8:9f:b9: a5:ba:02:1d:3a:79:cb:74:16:59:12:66:fc:c2:bc: e0:c2:81:f0:df:d7:13:93:a5:1b:ef:1a:9f:27:58: f7:3a:7e:a8:04:29:11:70:c8:81:85:6e:b5:e1:c2: 19:d1:1d:d9:68:eb:6f:d1:b1:5c:a0:a1:e5:e3:9f: 15:38:82:7d:a6:ee:b1:1b:67:bb:a0:63:d7:6c:22: 3a:d7:62:db:f2:82:f1:b4:de:73:a6:98:3c:f2:05: 27:37:30:c2:76:22:f8:d8:33:7d:90:54:3b:25:22: 28:dc:cb:99:1a:7e:de:0a:6c:6c:19:96:c2:b0:7a: 4b:c5:72:10:67:b7:bc:b2:12:af:b6:b7:ba:eb:36: a4:8e:72:db:6b:4e:bf:26:66:2f:26:3d:b1:69:ae: 0c:e7:b5:19:93:5b:92:87:89:c7:6b:d2:fe:df:30: 0c:05:61:29:a1:68:b6:65:03:ed:24:2b:bb:9c:b7: 2c:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:15:4B:E6:EB:CC:AA:CA:12:CF:B7:6E:FB:FE:97:29:AD:EB:5D:CF X509v3 Authority Key Identifier: keyid:C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/fBVL5uvMqsoSz7du-_6XKa3rXc8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.9.98.0/24 Signature Algorithm: sha256WithRSAEncryption 65:29:95:e0:3b:b9:a7:cf:17:24:9c:47:58:1c:9c:88:bf:31: 0f:00:f0:ef:c3:23:9d:b7:e5:fa:84:81:77:a5:d6:67:d6:d8: db:9d:92:ff:6e:c6:9b:02:86:a1:8e:10:db:52:be:e9:1c:94: 06:a5:fb:f5:f6:b2:41:ea:fd:c9:13:1a:44:95:56:c8:e8:1d: 4a:92:c4:22:f6:de:e6:25:2c:da:14:05:51:b5:4c:eb:83:9a: 39:73:db:15:e5:8a:6b:b0:95:13:e9:be:c7:9e:d5:82:ca:67: 62:94:35:bf:b9:94:f1:b8:d7:93:af:b9:fa:bf:48:20:60:67: 48:e7:48:bc:4f:d1:8b:64:47:ca:48:7b:54:85:38:29:35:c8: 77:45:4e:0a:0c:69:ab:21:2e:ee:82:3f:6f:82:ed:b9:39:76: 12:c1:f8:b7:9f:6f:33:af:0d:f8:57:ac:3d:ec:9d:7f:f6:df: 4a:dd:a6:c4:be:a2:0c:fb:7a:03:4c:86:4f:06:3c:cf:c1:9c: 93:40:e0:52:c1:ee:82:23:94:e9:2d:4e:ef:55:58:20:c6:e0: e5:8e:51:db:4e:d0:3c:82:24:32:6c:86:71:45:e3:6f:45:6a: d3:54:21:ee:27:a8:4e:a0:65:2f:d8:66:83:cd:08:de:0d:3d: 50:07:e0:8e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDTowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzFE MzEyOTE2MzhGNEE0MDQwQ0QzRDUyREVDM0ZGMkI5NzA5QzVGMjAeFw0yNDA4MTMw MzIyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdDMTU0QkU2RUJDQ0FB Q0ExMkNGQjc2RUZCRkU5NzI5QURFQjVEQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4vmlwsEwGxx4lDyVjyUVRucLMSsl/QJZDJ5lwcX9SXQIT6F+B YUqGqo6VJ7ub55qvYAkls8+Uyr+qrKgCqVF6K1VSc7i/R8ifuaW6Ah06ect0FlkS ZvzCvODCgfDf1xOTpRvvGp8nWPc6fqgEKRFwyIGFbrXhwhnRHdlo62/RsVygoeXj nxU4gn2m7rEbZ7ugY9dsIjrXYtvygvG03nOmmDzyBSc3MMJ2IvjYM32QVDslIijc y5kaft4KbGwZlsKwekvFchBnt7yyEq+2t7rrNqSOcttrTr8mZi8mPbFprgzntRmT W5KHicdr0v7fMAwFYSmhaLZlA+0kK7uctyzBAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUfBVL5uvMqsoSz7du+/6XKa3rXc8wHwYDVR0jBBgwFoAUwdMSkWOPSkBAzT1S 3sP/K5cJxfIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC93ZE1Ta1dPUFNrQkF6VDFTM3NQX0s1Y0p4ZkkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3dkTVNrV09QU2tCQXpUMVMzc1BfSzVjSnhmSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvZkJWTDV1dk1xc29T ejdkdS1fNlhLYTNyWGM4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAIsJYjANBgkqhkiG9w0BAQsFAAOCAQEAZSmV4Du5p88XJJxHWByciL8xDwDw 78Mjnbfl+oSBd6XWZ9bY252S/27GmwKGoY4Q21K+6RyUBqX79fayQer9yRMaRJVW yOgdSpLEIvbe5iUs2hQFUbVM64OaOXPbFeWKa7CVE+m+x57VgspnYpQ1v7mU8bjX k6+5+r9IIGBnSOdIvE/Ri2RHykh7VIU4KTXId0VOCgxpqyEu7oI/b4LtuTl2EsH4 t59vM68N+FesPeydf/bfSt2mxL6iDPt6A0yGTwY8z8Gck0DgUsHugiOU6S1O71VY IMbg5Y5R207QPIIkMmyGcUXjb0Vq01Qh7ieoTqBlL9hmg80I3g09UAfgjg== -----END CERTIFICATE-----Generated at Fri Nov 22 02:37:57 2024 by rpki-client on console-fra.rpki-client.org