$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/2U-xmiM3fTs14uJFVzwJ7mo9dIk.roa File: 2U-xmiM3fTs14uJFVzwJ7mo9dIk.roa (raw, json) Hash identifier: TFL0/XFUs/Zeo14zQeX9vTN9QCvF6RNed05s271HUWk= Subject key identifier: D9:4F:B1:9A:23:37:7D:3B:35:E2:E2:45:57:3C:09:EE:6A:3D:74:89 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1AA7 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/2U-xmiM3fTs14uJFVzwJ7mo9dIk.roa Signing time: Tue 24 Sep 2024 00:21:45 +0000 ROA not before: Tue 24 Sep 2024 00:21:45 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 136958 IP address blocks: 118.145.32.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6823 (0x1aa7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 24 00:21:45 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=D94FB19A23377D3B35E2E245573C09EE6A3D7489 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:5d:8b:06:f0:c9:bd:b1:54:1c:de:be:33:81: 63:c1:9f:d2:94:d7:0d:48:a2:3b:46:c3:9d:dd:b4: 1f:ca:5d:6a:6c:d5:41:4a:58:3d:c5:22:24:fe:93: fa:24:9c:34:a7:d3:db:97:34:5a:04:9d:d7:77:a5: 32:6c:5c:1b:34:33:a3:36:3d:ab:31:f4:74:3f:65: 50:c1:82:76:bc:51:89:6d:4b:9b:bb:7d:8b:bc:68: 77:c3:ca:fe:11:52:60:7a:53:66:17:de:ea:14:3d: 82:cb:2d:70:7c:d1:18:ef:ab:54:84:c0:38:7e:d1: d5:77:ed:c9:c3:87:50:a2:b7:34:27:04:1f:23:74: f1:a6:03:80:4e:25:c3:52:97:00:84:81:8c:f9:31: e6:52:d5:9d:3c:e8:f0:b1:6f:78:46:a8:b8:2d:37: 5c:7a:6f:74:3c:9b:72:00:71:bc:23:7e:29:80:38: ea:35:7c:70:f6:52:80:78:04:ce:94:f3:e8:b5:db: 68:7e:07:3d:3d:2a:01:b5:8a:59:1d:fa:d7:f0:48: 92:16:9e:f4:d5:cb:80:c2:25:e6:65:5e:fa:36:75: bc:9c:87:e1:e0:94:8f:52:d2:8a:24:93:92:d3:aa: a4:e6:5c:45:18:e8:99:02:e2:7f:e2:29:d3:7f:8b: eb:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:4F:B1:9A:23:37:7D:3B:35:E2:E2:45:57:3C:09:EE:6A:3D:74:89 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/2U-xmiM3fTs14uJFVzwJ7mo9dIk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.145.32.0/19 Signature Algorithm: sha256WithRSAEncryption 32:b6:78:ce:98:d8:04:c7:e5:fc:a7:83:1f:ec:67:eb:f7:a8: 74:b8:65:6d:ec:3d:59:43:a2:4c:21:bb:7e:b1:22:56:b9:fd: a0:e0:28:e4:79:b2:37:f0:13:95:b1:96:84:30:38:d7:f9:c0: 15:d6:83:d9:87:41:f9:9c:20:8a:55:91:44:7d:85:d5:b4:6a: af:31:9d:84:a5:fa:30:e7:6c:fc:f6:a5:28:7c:95:5c:50:30: bd:3a:e0:4b:7e:75:35:e4:73:f1:46:0c:68:21:97:5c:96:11: c5:ad:15:77:74:ad:6f:3a:2b:c2:4e:4d:9a:25:73:70:e5:70: bd:d1:bb:24:22:fe:10:90:17:4e:63:86:c7:cc:91:dc:a6:e3: 82:21:30:c6:38:e8:f1:0f:b9:9e:86:ab:15:50:64:7d:ff:0f: 57:71:4b:18:46:5c:a9:bb:1d:0f:55:64:c7:c0:2f:f0:dd:86: 94:23:bd:3a:91:08:32:d6:82:39:cf:ba:7f:ff:cf:a0:7b:38: 9e:5f:aa:5e:6c:79:2d:9a:ae:b7:56:dc:40:e9:26:24:b3:bb: 29:13:07:42:4e:36:40:bf:b8:09:d9:48:03:df:19:8d:0f:75: 1b:16:6d:6f:c0:f2:e4:dd:39:50:63:59:fe:dc:ce:82:66:17: 87:ae:fb:74 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGqcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNDA5MjQw MDIxNDVaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKEQ5NEZCMTlBMjMzNzdE M0IzNUUyRTI0NTU3M0MwOUVFNkEzRDc0ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDXYsG8Mm9sVQc3r4zgWPBn9KU1w1IojtGw53dtB/KXWps1UFK WD3FIiT+k/oknDSn09uXNFoEndd3pTJsXBs0M6M2Pasx9HQ/ZVDBgna8UYltS5u7 fYu8aHfDyv4RUmB6U2YX3uoUPYLLLXB80Rjvq1SEwDh+0dV37cnDh1CitzQnBB8j dPGmA4BOJcNSlwCEgYz5MeZS1Z086PCxb3hGqLgtN1x6b3Q8m3IAcbwjfimAOOo1 fHD2UoB4BM6U8+i122h+Bz09KgG1ilkd+tfwSJIWnvTVy4DCJeZlXvo2dbych+Hg lI9S0ookk5LTqqTmXEUY6JkC4n/iKdN/i+v1AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU2U+xmiM3fTs14uJFVzwJ7mo9dIkwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvMlUteG1pTTNmVHMx NHVKRlZ6d0o3bW85ZElrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXaRIDANBgkqhkiG9w0BAQsFAAOCAQEAMrZ4zpjYBMfl/KeDH+xn6/eodLhl bew9WUOiTCG7frEiVrn9oOAo5HmyN/ATlbGWhDA41/nAFdaD2YdB+ZwgilWRRH2F 1bRqrzGdhKX6MOds/PalKHyVXFAwvTrgS351NeRz8UYMaCGXXJYRxa0Vd3Stbzor wk5NmiVzcOVwvdG7JCL+EJAXTmOGx8yR3KbjgiEwxjjo8Q+5noarFVBkff8PV3FL GEZcqbsdD1Vkx8Av8N2GlCO9OpEIMtaCOc+6f//PoHs4nl+qXmx5LZqut1bcQOkm JLO7KRMHQk42QL+4CdlIA98ZjQ91GxZtb8Dy5N05UGNZ/tzOgmYXh677dA== -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:40 2024 by rpki-client on console-fra.rpki-client.org