$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/pWcd6cvy-6xMIGznHDcg4O9eQwQ.roa File: pWcd6cvy-6xMIGznHDcg4O9eQwQ.roa (raw, json) Hash identifier: PiBKBOSwPaB5uQr41/dtONYIqrCNOY3AnSzEpYOItEk= Subject key identifier: A5:67:1D:E9:CB:F2:FB:AC:4C:20:6C:E7:1C:37:20:E0:EF:5E:43:04 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0DED Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/pWcd6cvy-6xMIGznHDcg4O9eQwQ.roa Signing time: Mon 09 Sep 2024 02:58:35 +0000 ROA not before: Mon 09 Sep 2024 02:58:35 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 136907 IP address blocks: 124.71.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 02:23:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3565 (0xded) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 9 02:58:35 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=A5671DE9CBF2FBAC4C206CE71C3720E0EF5E4304 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:1e:1c:cc:61:55:8d:67:75:98:c3:d9:93:b4: f2:2d:f7:62:94:76:17:1e:4e:d1:5a:70:c0:6e:e2: 73:f5:9c:d1:da:97:27:be:10:83:cf:da:b1:96:87: 01:0f:50:42:94:78:03:e2:b7:f9:c0:29:e5:01:1a: be:66:87:cd:c6:f9:54:43:22:1c:e1:c4:cf:38:31: 82:f9:2f:74:9e:1a:2d:05:ee:25:79:24:08:1d:2f: 36:74:34:0f:61:b7:c5:86:4c:30:57:e0:0a:5d:75: 2e:ef:87:47:cb:86:9c:ab:ff:bd:6f:95:62:ec:9a: a5:ee:13:5d:d5:36:69:81:bb:7d:17:d2:c1:c8:6c: cb:71:55:b5:2d:aa:be:4c:35:3c:e3:2a:df:83:49: cb:0a:a0:ec:91:ad:78:e4:e6:24:5f:7c:f7:ef:08: c1:d3:a1:35:81:66:c3:7b:7c:4b:95:e7:f0:a8:0e: 95:59:85:b7:b7:e0:3a:7a:50:93:84:5a:20:63:d3: c6:b9:d9:45:f4:76:56:94:18:7c:ea:58:d8:e4:a9: f8:e8:b6:07:20:d5:44:82:44:e1:81:ca:c5:34:6a: 6b:da:09:bc:99:b3:3a:11:1e:60:fa:d6:91:ff:2e: d0:92:2f:32:4d:1f:17:30:18:5b:fb:74:0c:4a:a8: 4b:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:67:1D:E9:CB:F2:FB:AC:4C:20:6C:E7:1C:37:20:E0:EF:5E:43:04 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/pWcd6cvy-6xMIGznHDcg4O9eQwQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.71.251.0/24 Signature Algorithm: sha256WithRSAEncryption a6:17:65:d1:4c:29:f9:54:b0:5a:fb:8a:c3:53:b9:82:11:46: 19:49:a4:04:7d:31:98:3a:27:69:c2:3b:a9:b2:c6:73:17:48: f7:c4:2b:94:6d:8a:77:42:fa:f8:89:20:5c:dc:07:ef:6a:eb: 2e:51:89:a9:0d:19:35:d9:d6:31:c9:be:a3:17:b9:5e:81:55: a3:74:f0:db:ff:73:9f:2d:91:94:7c:a0:cc:25:75:0e:d7:04: 52:4c:bb:b0:c6:90:aa:ac:6d:27:24:d7:4a:cc:2f:c1:5e:d2: a8:f0:9f:72:c3:38:6e:62:47:ac:f4:5e:6e:1f:aa:c6:28:11: 30:f8:7b:2f:c0:29:88:fd:e6:be:84:dc:58:ea:77:4b:a6:f0: ac:12:a0:d2:f7:b7:7a:6f:17:49:f4:cf:c0:53:29:a8:7d:96: 91:56:e4:97:2f:ba:20:09:ca:02:c4:93:13:b8:47:35:ff:20: 2b:b2:56:c9:65:9a:b7:0e:19:1d:ab:5a:b8:d8:bc:67:77:8d: 0d:a3:d8:c8:50:44:25:4d:68:12:72:e1:9b:12:3c:1b:bc:9c: 65:00:b8:95:f7:d2:4b:4c:d4:d1:b8:59:26:79:82:f1:df:84: 3b:e5:b3:dd:cb:cb:54:65:f5:4c:c2:d6:81:f2:42:ff:a9:aa: 39:49:f8:a8 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDe0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDA5MDkw MjU4MzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE1NjcxREU5Q0JGMkZC QUM0QzIwNkNFNzFDMzcyMEUwRUY1RTQzMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtHhzMYVWNZ3WYw9mTtPIt92KUdhceTtFacMBu4nP1nNHalye+ EIPP2rGWhwEPUEKUeAPit/nAKeUBGr5mh83G+VRDIhzhxM84MYL5L3SeGi0F7iV5 JAgdLzZ0NA9ht8WGTDBX4ApddS7vh0fLhpyr/71vlWLsmqXuE13VNmmBu30X0sHI bMtxVbUtqr5MNTzjKt+DScsKoOyRrXjk5iRffPfvCMHToTWBZsN7fEuV5/CoDpVZ hbe34Dp6UJOEWiBj08a52UX0dlaUGHzqWNjkqfjotgcg1USCROGBysU0amvaCbyZ szoRHmD61pH/LtCSLzJNHxcwGFv7dAxKqEsjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUpWcd6cvy+6xMIGznHDcg4O9eQwQwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvcFdjZDZjdnktNnhN SUd6bkhEY2c0TzllUXdRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHxH+zANBgkqhkiG9w0BAQsFAAOCAQEAphdl0Uwp+VSwWvuKw1O5ghFGGUmk BH0xmDonacI7qbLGcxdI98QrlG2Kd0L6+IkgXNwH72rrLlGJqQ0ZNdnWMcm+oxe5 XoFVo3Tw2/9zny2RlHygzCV1DtcEUky7sMaQqqxtJyTXSswvwV7SqPCfcsM4bmJH rPRebh+qxigRMPh7L8ApiP3mvoTcWOp3S6bwrBKg0ve3em8XSfTPwFMpqH2WkVbk ly+6IAnKAsSTE7hHNf8gK7JWyWWatw4ZHatauNi8Z3eNDaPYyFBEJU1oEnLhmxI8 G7ycZQC4lffSS0zU0bhZJnmC8d+EO+Wz3cvLVGX1TMLWgfJC/6mqOUn4qA== -----END CERTIFICATE-----Generated at Fri Nov 22 02:02:46 2024 by rpki-client on console-ams.rpki-client.org