$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/lKaxXVWpNY3cEJsF4Og_qEx7TCI.roa File: lKaxXVWpNY3cEJsF4Og_qEx7TCI.roa (raw, json) Hash identifier: AMrq7Abrl9xiLPYrksFHu1PyWGxDDHxfWP0cSW8/isE= Subject key identifier: 94:A6:B1:5D:55:A9:35:8D:DC:10:9B:05:E0:E8:3F:A8:4C:7B:4C:22 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0E1E Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/lKaxXVWpNY3cEJsF4Og_qEx7TCI.roa Signing time: Wed 18 Sep 2024 07:51:20 +0000 ROA not before: Wed 18 Sep 2024 07:51:20 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 55990 IP address blocks: 110.41.208.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 23:53:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3614 (0xe1e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 18 07:51:20 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=94A6B15D55A9358DDC109B05E0E83FA84C7B4C22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:fa:27:84:62:22:dd:64:a2:79:eb:15:5f:2a: a2:fa:16:8e:09:cf:33:3a:b4:e8:93:fe:dc:1d:33: 2e:e8:de:4d:5b:fb:fd:e2:46:e2:a3:26:c3:2e:7d: fc:a8:76:dd:4f:b2:ce:f1:01:0e:a6:15:ff:00:68: 83:4a:52:6d:c2:91:e1:8b:f7:26:07:90:28:97:ab: 9e:3a:3b:63:8a:7a:3e:7c:4e:ad:de:d2:c7:fc:e8: 3f:cb:58:1c:87:f5:b2:4e:b6:28:60:c6:78:bc:7e: ae:89:be:1a:79:85:c3:13:5b:84:0f:f1:b5:0d:b7: 5e:ed:5f:62:48:62:23:d2:24:00:07:7c:89:6c:8f: c8:81:6d:67:89:dc:db:d6:75:94:87:88:f4:37:09: e8:f2:8e:6c:65:3a:cc:12:c1:87:ad:4c:0b:ef:e9: a6:ab:d5:b1:ce:c6:68:c8:f0:98:a4:0a:57:9f:ab: ea:54:f2:08:b2:31:8f:ff:a2:6c:ea:a7:5f:34:d6: 78:e0:d2:b4:80:d2:e3:ad:1b:ba:e4:8f:ba:94:a9: 2c:2f:fa:df:fe:49:1d:28:27:7f:3d:9d:35:bc:22: a3:41:20:fb:7c:d1:75:1e:f0:d7:d6:fe:80:f6:12: 49:76:b6:c7:76:3b:4a:5a:1d:5e:74:cd:e6:e4:49: ff:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:A6:B1:5D:55:A9:35:8D:DC:10:9B:05:E0:E8:3F:A8:4C:7B:4C:22 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/lKaxXVWpNY3cEJsF4Og_qEx7TCI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.41.208.0/24 Signature Algorithm: sha256WithRSAEncryption 95:74:ba:4b:9c:6f:bb:00:60:e0:ce:ca:e8:23:73:37:d3:99: 3f:f6:e7:50:eb:6d:fe:f2:14:ef:70:ee:fc:34:70:cf:7d:f0: fa:db:b9:4a:98:b9:ab:1d:5a:70:e2:16:c5:5e:40:b2:a7:40: 94:89:57:e7:d5:e8:a8:21:0f:13:5f:3f:15:d9:69:f2:2e:97: bf:8f:26:a8:4a:79:40:08:6d:a3:f4:2c:21:17:61:79:33:17: 01:de:df:4b:4f:a8:b9:5b:71:09:c2:2b:e5:22:60:5c:2c:ff: 7a:4c:39:c4:12:d5:fc:4c:d9:cc:65:3e:93:2c:da:f0:b8:e6: 76:47:d9:57:47:bf:28:d1:89:f8:22:0f:d9:db:cd:f2:3b:95: 0f:cd:21:4d:32:64:dd:7d:2c:dd:74:ca:20:3e:16:b9:d1:2e: b3:24:f0:07:7c:9e:c6:70:fc:ee:0f:b8:1d:d8:c1:6d:58:c2: 21:20:5f:42:b0:87:65:88:24:17:18:ae:fd:21:f4:d1:bd:58: a7:1b:c4:7f:69:40:4e:44:d7:4b:7f:0d:15:85:dd:3f:a1:bf: 8e:8a:24:92:08:99:91:e8:d8:4c:ee:fa:00:df:a8:76:a6:87: 5c:9a:ac:e8:49:2f:b8:e9:de:b9:ed:63:f0:58:e6:da:8d:b1: da:97:60:59 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDh4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDA5MTgw NzUxMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk0QTZCMTVENTVBOTM1 OEREQzEwOUIwNUUwRTgzRkE4NEM3QjRDMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDm+ieEYiLdZKJ56xVfKqL6Fo4JzzM6tOiT/twdMy7o3k1b+/3i RuKjJsMuffyodt1Pss7xAQ6mFf8AaINKUm3CkeGL9yYHkCiXq546O2OKej58Tq3e 0sf86D/LWByH9bJOtihgxni8fq6Jvhp5hcMTW4QP8bUNt17tX2JIYiPSJAAHfIls j8iBbWeJ3NvWdZSHiPQ3CejyjmxlOswSwYetTAvv6aar1bHOxmjI8JikClefq+pU 8giyMY//omzqp1801njg0rSA0uOtG7rkj7qUqSwv+t/+SR0oJ389nTW8IqNBIPt8 0XUe8NfW/oD2Ekl2tsd2O0paHV50zebkSf9JAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUlKaxXVWpNY3cEJsF4Og/qEx7TCIwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvbEtheFhWV3BOWTNj RUpzRjRPZ19xRXg3VENJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAG4p0DANBgkqhkiG9w0BAQsFAAOCAQEAlXS6S5xvuwBg4M7K6CNzN9OZP/bn UOtt/vIU73Du/DRwz33w+tu5Spi5qx1acOIWxV5AsqdAlIlX59XoqCEPE18/Fdlp 8i6Xv48mqEp5QAhto/QsIRdheTMXAd7fS0+ouVtxCcIr5SJgXCz/ekw5xBLV/EzZ zGU+kyza8LjmdkfZV0e/KNGJ+CIP2dvN8juVD80hTTJk3X0s3XTKID4WudEusyTw B3yexnD87g+4HdjBbVjCISBfQrCHZYgkFxiu/SH00b1YpxvEf2lATkTXS38NFYXd P6G/jookkgiZkejYTO76AN+odqaHXJqs6EkvuOneue1j8Fjm2o2x2pdgWQ== -----END CERTIFICATE-----Generated at Mon Nov 25 20:22:05 2024 by rpki-client on console-fra.rpki-client.org