$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/hJ-5pNApoZi2BtkQqv1MNjTttM4.roa File: hJ-5pNApoZi2BtkQqv1MNjTttM4.roa (raw, json) Hash identifier: Ke+FLcFrVXXfaYTYrZjaey6++IMsxU81hBXG38u83+c= Subject key identifier: 84:9F:B9:A4:D0:29:A1:98:B6:06:D9:10:AA:FD:4C:36:34:ED:B4:CE Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0E8F Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/hJ-5pNApoZi2BtkQqv1MNjTttM4.roa Signing time: Tue 08 Oct 2024 07:24:42 +0000 ROA not before: Tue 08 Oct 2024 07:24:42 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.45.120.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 23:53:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3727 (0xe8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Oct 8 07:24:42 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=849FB9A4D029A198B606D910AAFD4C3634EDB4CE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:d8:d7:0a:bd:62:5f:37:d4:2c:b7:a5:7f:69: 42:81:f8:ec:4c:bb:96:3e:bd:46:e9:69:34:ae:0d: d9:d8:62:99:7f:72:b0:8c:3a:17:fc:f0:c6:22:17: 75:e6:b5:99:2b:ee:db:49:02:da:bd:21:23:6f:b3: 3a:34:0b:4f:22:67:a8:9f:dd:e6:d2:52:85:8b:91: 5b:35:ee:3d:7b:e3:ea:4f:03:1e:ea:57:3f:77:59: f4:d2:6e:d3:f4:ae:e4:b1:7f:40:ec:98:74:f9:97: 6b:60:c5:03:72:5d:d7:73:01:ef:6f:b1:7e:0f:2a: 23:27:ec:88:0e:4b:40:46:82:22:52:35:0a:14:c7: a1:89:d4:0d:d8:ae:d8:08:7d:b6:6d:15:54:a7:64: fd:6a:ac:5d:68:08:15:e8:06:5f:82:e5:e8:0e:ab: f4:4c:97:52:31:67:4b:53:c7:80:64:ff:9d:51:57: 08:f1:4b:ce:a5:5a:47:18:b1:f9:7a:e8:35:71:08: cb:51:0b:c5:23:ec:c1:4c:6f:7d:6e:61:c2:1b:58: fe:8a:47:56:f3:42:54:3f:81:ec:65:c5:fc:78:ea: b8:15:8d:f4:83:07:74:81:62:05:19:a6:64:3c:c9: 5d:34:e5:fe:cb:da:4f:a2:c1:f6:42:9d:5f:9e:c8: 73:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:9F:B9:A4:D0:29:A1:98:B6:06:D9:10:AA:FD:4C:36:34:ED:B4:CE X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/hJ-5pNApoZi2BtkQqv1MNjTttM4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.45.120.0/22 Signature Algorithm: sha256WithRSAEncryption 3f:be:ec:3f:7f:6e:c0:a0:96:4c:1c:f7:56:b8:92:da:65:73: 7e:25:8b:1e:fe:91:4e:16:61:91:3e:57:1d:c0:40:61:84:a2: 88:da:4f:33:56:a5:e0:7c:f8:c9:3f:1d:f8:d9:e3:ce:79:c8: 8f:f6:4d:b8:fe:f7:44:cc:e7:19:d2:58:10:61:a5:40:db:cb: 7f:63:75:74:b1:0c:95:17:b6:80:53:74:44:80:d9:04:40:8b: d0:86:69:78:1d:b7:48:ca:63:d3:01:90:9e:76:26:2c:2e:a3: b5:b8:6b:ee:7d:94:ec:cb:6f:6b:97:94:13:a5:76:07:47:44: 0e:cd:97:de:5b:7c:eb:e2:a9:6c:4d:78:6f:3e:3a:94:68:c1: 91:cf:2c:5b:ef:09:da:92:26:41:1a:e3:ab:3f:c1:1c:d8:26: 97:e1:f8:03:15:e8:1d:1f:a0:88:b7:b1:54:69:fb:44:31:0c: 7e:bf:2b:e1:bc:76:36:07:85:fd:3f:6b:d9:6a:1f:e2:c6:eb: 53:1d:f2:fd:04:55:21:2b:52:a8:57:c2:10:9e:dd:5a:38:67: 55:ea:cd:c1:55:24:cf:e8:b4:76:8a:f3:0d:73:09:74:38:39: 10:00:b8:d4:29:89:3a:c6:2b:12:df:bb:67:f9:46:ef:5e:e2: 8d:4b:31:f0 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDo8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDEwMDgw NzI0NDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg0OUZCOUE0RDAyOUEx OThCNjA2RDkxMEFBRkQ0QzM2MzRFREI0Q0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCy2NcKvWJfN9Qst6V/aUKB+OxMu5Y+vUbpaTSuDdnYYpl/crCM Ohf88MYiF3XmtZkr7ttJAtq9ISNvszo0C08iZ6if3ebSUoWLkVs17j174+pPAx7q Vz93WfTSbtP0ruSxf0DsmHT5l2tgxQNyXddzAe9vsX4PKiMn7IgOS0BGgiJSNQoU x6GJ1A3YrtgIfbZtFVSnZP1qrF1oCBXoBl+C5egOq/RMl1IxZ0tTx4Bk/51RVwjx S86lWkcYsfl66DVxCMtRC8Uj7MFMb31uYcIbWP6KR1bzQlQ/gexlxfx46rgVjfSD B3SBYgUZpmQ8yV005f7L2k+iwfZCnV+eyHPBAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUhJ+5pNApoZi2BtkQqv1MNjTttM4wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvaEotNXBOQXBvWmky QnRrUXF2MU1OalR0dE00LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAnEteDANBgkqhkiG9w0BAQsFAAOCAQEAP77sP39uwKCWTBz3VriS2mVzfiWL Hv6RThZhkT5XHcBAYYSiiNpPM1al4Hz4yT8d+NnjznnIj/ZNuP73RMznGdJYEGGl QNvLf2N1dLEMlRe2gFN0RIDZBECL0IZpeB23SMpj0wGQnnYmLC6jtbhr7n2U7Mtv a5eUE6V2B0dEDs2X3lt86+KpbE14bz46lGjBkc8sW+8J2pImQRrjqz/BHNgml+H4 AxXoHR+giLexVGn7RDEMfr8r4bx2NgeF/T9r2Wof4sbrUx3y/QRVIStSqFfCEJ7d WjhnVerNwVUkz+i0dorzDXMJdDg5EAC41CmJOsYrEt+7Z/lG717ijUsx8A== -----END CERTIFICATE-----Generated at Mon Nov 25 21:48:22 2024 by rpki-client on console-ams.rpki-client.org