$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/irUg_yKAigtDQFQBxThR2IkkOEQ.roa File: irUg_yKAigtDQFQBxThR2IkkOEQ.roa (raw, json) Hash identifier: pbCKp93MJxdeZU0GykA7Lm7qhfkqCIDPLQAhn/Id6+k= Subject key identifier: 8A:B5:20:FF:22:80:8A:0B:43:40:54:01:C5:38:51:D8:89:24:38:44 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0E8A Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/irUg_yKAigtDQFQBxThR2IkkOEQ.roa Signing time: Tue 08 Oct 2024 07:23:02 +0000 ROA not before: Tue 08 Oct 2024 07:23:02 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.45.96.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3722 (0xe8a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Oct 8 07:23:02 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=8AB520FF22808A0B43405401C53851D889243844 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:8d:92:f0:3d:6b:e0:21:56:28:b5:04:41:c4: 7d:c4:f0:30:b3:59:76:99:5e:9a:6a:3d:ca:5e:a7: 92:52:a6:95:4b:0c:d6:0e:3a:2e:91:56:94:89:7e: a9:bc:70:ec:2a:ef:0a:32:8b:f9:79:ea:fa:a4:60: 55:8b:76:42:2e:f3:27:3c:2c:13:c4:86:05:c8:ce: 23:f0:83:fe:2b:69:09:c1:f0:0b:98:bd:88:c1:a4: 69:47:fb:44:77:96:24:93:c6:1a:0e:b2:7a:f7:c1: d9:5f:17:79:06:f3:6d:7b:c0:b7:71:ea:0b:22:8d: 08:31:0e:9e:61:17:0d:5a:8b:b3:66:14:31:af:15: 17:9c:e6:9a:86:17:ba:5d:36:84:cb:60:15:45:a7: 0e:cd:b1:63:f2:1e:b3:c9:d4:52:32:27:3f:72:06: dc:38:91:f7:13:22:3c:96:e3:45:b5:3b:ae:ac:87: 2e:f4:48:0b:db:be:d3:6c:2e:1b:c5:a9:6b:4c:49: 80:60:f1:17:ab:31:13:2b:53:6c:12:f2:2d:1c:f6: b6:92:95:ee:cb:bb:39:5f:c0:db:e2:7d:6e:48:7c: 8b:e3:ed:f8:d3:f9:8d:54:95:d1:d2:9c:80:c6:ec: 11:4e:2c:f4:dc:4a:6b:48:a6:f1:ad:f4:ff:67:22: 25:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:B5:20:FF:22:80:8A:0B:43:40:54:01:C5:38:51:D8:89:24:38:44 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/irUg_yKAigtDQFQBxThR2IkkOEQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.45.96.0/23 Signature Algorithm: sha256WithRSAEncryption a5:98:ee:6b:0e:dd:f0:33:4f:15:7e:2d:90:81:f6:dc:98:70: 84:8f:8f:b8:29:ae:c0:42:22:d9:c5:40:f4:f7:ce:15:05:05: dd:7b:3b:13:a8:5b:5e:74:a6:9f:74:5d:ce:95:b8:b1:79:37: b1:de:c3:c6:60:09:65:a2:f6:65:a0:36:98:32:c1:7e:97:04: 17:25:0c:13:50:de:7d:f7:45:9e:6c:26:fa:7d:6d:88:bd:e2: f4:dc:b0:d8:6a:7c:50:bf:a7:cd:4d:0c:23:72:a8:68:59:0b: 92:87:61:a7:03:99:21:b4:60:47:1e:c9:c6:97:6d:d0:10:8e: c7:f3:3a:ae:fa:05:3c:7d:ef:b6:13:0f:be:52:0d:20:45:2d: 68:1f:f1:3f:72:73:1b:f3:db:d7:e0:e2:e1:92:2e:69:29:d7: 7d:4e:d9:57:a7:72:23:57:43:fc:94:30:76:df:0f:f8:9d:08: 80:10:ed:f6:80:3f:bb:a8:66:ab:97:0a:51:a4:3b:d1:93:2a: 27:12:e5:3a:9f:e9:20:cd:34:96:94:d5:82:4e:ec:4c:80:3c: 6a:0d:91:36:10:d1:cd:6e:84:22:7f:59:86:27:a5:81:37:7d: d8:5d:47:3e:82:56:f0:87:a7:0a:91:28:45:3b:b3:41:79:c1: fe:42:97:db -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDoowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDEwMDgw NzIzMDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDhBQjUyMEZGMjI4MDhB MEI0MzQwNTQwMUM1Mzg1MUQ4ODkyNDM4NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+jZLwPWvgIVYotQRBxH3E8DCzWXaZXppqPcpep5JSppVLDNYO Oi6RVpSJfqm8cOwq7woyi/l56vqkYFWLdkIu8yc8LBPEhgXIziPwg/4raQnB8AuY vYjBpGlH+0R3liSTxhoOsnr3wdlfF3kG8217wLdx6gsijQgxDp5hFw1ai7NmFDGv FRec5pqGF7pdNoTLYBVFpw7NsWPyHrPJ1FIyJz9yBtw4kfcTIjyW40W1O66shy70 SAvbvtNsLhvFqWtMSYBg8RerMRMrU2wS8i0c9raSle7LuzlfwNvifW5IfIvj7fjT +Y1UldHSnIDG7BFOLPTcSmtIpvGt9P9nIiWfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUirUg/yKAigtDQFQBxThR2IkkOEQwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvaXJVZ195S0FpZ3RE UUZRQnhUaFIySWtrT0VRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEtYDANBgkqhkiG9w0BAQsFAAOCAQEApZjuaw7d8DNPFX4tkIH23JhwhI+P uCmuwEIi2cVA9PfOFQUF3Xs7E6hbXnSmn3RdzpW4sXk3sd7DxmAJZaL2ZaA2mDLB fpcEFyUME1DeffdFnmwm+n1tiL3i9Nyw2Gp8UL+nzU0MI3KoaFkLkodhpwOZIbRg Rx7Jxpdt0BCOx/M6rvoFPH3vthMPvlINIEUtaB/xP3JzG/Pb1+Di4ZIuaSnXfU7Z V6dyI1dD/JQwdt8P+J0IgBDt9oA/u6hmq5cKUaQ70ZMqJxLlOp/pIM00lpTVgk7s TIA8ag2RNhDRzW6EIn9ZhielgTd92F1HPoJW8IenCpEoRTuzQXnB/kKX2w== -----END CERTIFICATE-----Generated at Fri Nov 22 14:30:52 2024 by rpki-client on console-ams.rpki-client.org