$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/v5sSEiiIc05FCCFyqe3iSFwVX18.roa File: v5sSEiiIc05FCCFyqe3iSFwVX18.roa (raw, json) Hash identifier: pJxHsRboBUmVNtFG/8TiZn6p8j8nSgBsYNpXUY8Z0ac= Subject key identifier: BF:9B:12:12:28:88:73:4E:45:08:21:72:A9:ED:E2:48:5C:15:5F:5F Certificate issuer: /CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2 Certificate serial: 0DF7 Authority key identifier: C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/v5sSEiiIc05FCCFyqe3iSFwVX18.roa Signing time: Wed 18 Sep 2024 07:51:21 +0000 ROA not before: Wed 18 Sep 2024 07:51:21 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 55990 IP address blocks: 139.9.98.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:50:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3575 (0xdf7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2 Validity Not Before: Sep 18 07:51:21 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=BF9B12122888734E45082172A9EDE2485C155F5F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:11:55:e2:13:53:e4:41:6a:92:ce:9f:e1:50: cd:2d:27:7a:ac:62:1f:c5:0e:47:63:13:39:6d:30: ac:83:d8:c6:bc:93:12:f7:b0:b6:20:03:b7:b6:d8: e1:2f:99:df:5d:8f:4c:ad:7d:27:09:3d:d8:39:46: 30:67:f9:42:75:29:aa:7d:f0:ca:50:ea:22:f4:e1: 53:32:73:29:24:09:99:91:a3:b0:5d:cc:86:63:84: 22:45:58:25:b3:ae:d4:9c:7f:ec:8f:3a:85:7a:de: a1:a6:00:81:64:7f:10:3c:2a:0d:fa:15:7f:28:0d: 36:18:29:8e:ef:ee:b2:da:24:55:af:f3:d8:cd:31: c5:e4:e7:0b:71:05:06:97:dc:22:47:4f:26:3e:02: ff:00:fc:46:c1:72:a0:a5:57:ec:59:21:91:47:52: 0c:17:b8:da:8d:47:dd:47:b1:78:94:4d:63:3f:b7: 80:94:dd:ba:ac:ef:83:64:b4:4b:08:48:58:1c:c5: 19:06:a3:64:c8:6e:7c:3a:fb:26:df:dc:0f:90:2b: b8:ce:ad:40:b0:fe:91:55:43:59:91:e3:51:ce:10: 84:2f:4c:b2:40:24:f8:30:c7:dc:2b:28:1b:5e:a4: 49:8b:2b:eb:42:30:70:fd:72:37:58:46:13:8e:55: d3:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:9B:12:12:28:88:73:4E:45:08:21:72:A9:ED:E2:48:5C:15:5F:5F X509v3 Authority Key Identifier: keyid:C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/v5sSEiiIc05FCCFyqe3iSFwVX18.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.9.98.0/24 Signature Algorithm: sha256WithRSAEncryption 41:8d:0f:5a:bd:59:d9:1b:db:dd:d5:e2:3c:3d:40:3e:79:d0: 21:55:ff:94:3f:59:6b:5a:af:1d:7d:26:ce:78:41:d5:9b:b3: 4c:ef:cf:e1:bf:36:a6:85:e9:ba:b7:df:72:e7:81:3d:d9:45: a3:1e:f0:3f:f6:38:de:6b:e6:cb:5c:07:4c:d2:5b:0a:1b:bd: 0a:f7:78:bd:c7:70:2a:ae:12:54:51:35:db:de:6b:31:4a:fc: 1f:1e:24:a3:ce:1b:a3:1d:ad:6f:49:c7:50:5b:7d:1a:95:a0: 83:54:6f:cf:90:ea:76:2a:16:67:93:de:b4:71:81:63:28:9b: 20:29:6e:2e:72:ab:a8:3a:35:20:78:c6:4c:0d:9c:f6:29:1c: 21:99:f6:dd:61:e0:47:fd:73:69:b4:e5:b0:4d:d1:b1:86:30: f9:af:87:6a:21:bb:54:4e:83:6b:d9:64:f3:00:9d:d4:33:22: 20:2d:77:33:3f:98:e4:1c:65:02:0b:6f:8d:af:a2:6a:20:b0: 47:0c:74:59:21:43:36:80:84:c8:f4:6f:6a:21:e2:14:bf:8b: c7:0e:1b:73:39:b6:09:e4:2a:17:b3:33:19:8e:a5:8b:33:2e: 77:ad:48:c6:4b:d4:3e:82:01:3a:70:e5:50:05:de:94:72:45: af:67:6b:80 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDfcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzFE MzEyOTE2MzhGNEE0MDQwQ0QzRDUyREVDM0ZGMkI5NzA5QzVGMjAeFw0yNDA5MTgw NzUxMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJGOUIxMjEyMjg4ODcz NEU0NTA4MjE3MkE5RURFMjQ4NUMxNTVGNUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCuEVXiE1PkQWqSzp/hUM0tJ3qsYh/FDkdjEzltMKyD2Ma8kxL3 sLYgA7e22OEvmd9dj0ytfScJPdg5RjBn+UJ1Kap98MpQ6iL04VMycykkCZmRo7Bd zIZjhCJFWCWzrtScf+yPOoV63qGmAIFkfxA8Kg36FX8oDTYYKY7v7rLaJFWv89jN McXk5wtxBQaX3CJHTyY+Av8A/EbBcqClV+xZIZFHUgwXuNqNR91HsXiUTWM/t4CU 3bqs74NktEsISFgcxRkGo2TIbnw6+ybf3A+QK7jOrUCw/pFVQ1mR41HOEIQvTLJA JPgwx9wrKBtepEmLK+tCMHD9cjdYRhOOVdMjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUv5sSEiiIc05FCCFyqe3iSFwVX18wHwYDVR0jBBgwFoAUwdMSkWOPSkBAzT1S 3sP/K5cJxfIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC93ZE1Ta1dPUFNrQkF6VDFTM3NQX0s1Y0p4ZkkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3dkTVNrV09QU2tCQXpUMVMzc1BfSzVjSnhmSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvdjVzU0VpaUljMDVG Q0NGeXFlM2lTRndWWDE4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAIsJYjANBgkqhkiG9w0BAQsFAAOCAQEAQY0PWr1Z2Rvb3dXiPD1APnnQIVX/ lD9Za1qvHX0mznhB1ZuzTO/P4b82poXpurffcueBPdlFox7wP/Y43mvmy1wHTNJb Chu9Cvd4vcdwKq4SVFE1295rMUr8Hx4ko84box2tb0nHUFt9GpWgg1Rvz5DqdioW Z5PetHGBYyibICluLnKrqDo1IHjGTA2c9ikcIZn23WHgR/1zabTlsE3RsYYw+a+H aiG7VE6Da9lk8wCd1DMiIC13Mz+Y5BxlAgtvja+iaiCwRwx0WSFDNoCEyPRvaiHi FL+Lxw4bczm2CeQqF7MzGY6lizMud61IxkvUPoIBOnDlUAXelHJFr2drgA== -----END CERTIFICATE-----Generated at Fri Nov 22 13:38:14 2024 by rpki-client on console-fra.rpki-client.org