$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/Cn_9gARHZ480zrwVP_q2NX1_sOw.roa File: Cn_9gARHZ480zrwVP_q2NX1_sOw.roa (raw, json) Hash identifier: dCY99rCYIuMYt/RNM25r7Rc8MGRjRIHGWZ+gYEZVXIM= Subject key identifier: 0A:7F:FD:80:04:47:67:8F:34:CE:BC:15:3F:FA:B6:35:7D:7F:B0:EC Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1830 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/Cn_9gARHZ480zrwVP_q2NX1_sOw.roa Signing time: Mon 20 May 2024 14:19:39 +0000 ROA not before: Mon 20 May 2024 14:19:39 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 58542 IP address blocks: 180.184.24.0/21 maxlen: 24 180.184.56.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:25:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6192 (0x1830) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: May 20 14:19:39 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=0A7FFD800447678F34CEBC153FFAB6357D7FB0EC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:36:3b:1b:d0:23:f9:3f:68:f0:87:9c:2e:f9: 2b:29:ec:56:28:94:97:b2:1d:bc:f4:4c:41:44:f4: 05:64:67:99:2c:de:87:32:0e:8a:42:89:d1:e6:8c: 7c:4d:5e:6d:f7:21:03:00:86:d1:b9:28:dc:2f:c9: 2a:3f:8e:8a:d9:2b:1a:57:e7:14:58:10:35:e5:aa: 04:7a:c9:81:f2:19:8e:e3:8d:8d:4e:e7:58:09:68: 3b:27:52:c2:73:eb:da:db:b3:91:07:bd:79:57:ae: 96:04:c7:17:14:35:96:61:4a:2d:97:5b:de:48:db: 47:3a:7d:86:df:49:73:84:2c:1e:a0:38:4d:47:c5: 37:6e:3f:53:48:5d:1f:d3:08:66:0a:33:33:d3:e9: d7:39:ac:65:1b:f1:d3:b8:97:a1:db:47:0b:7c:11: 0d:17:d5:77:a1:88:d8:c4:4c:08:0d:cc:4d:17:e3: b2:37:ef:b0:a0:76:e6:86:94:ab:62:59:ab:4d:98: 64:59:b1:be:43:7a:5d:ab:f8:4d:51:ac:18:9c:2f: 4b:e3:30:d7:a7:91:b7:45:ba:da:2a:57:cb:fe:bb: 1e:3e:b9:f5:c9:57:12:a1:6c:5e:5f:0a:03:ff:69: f7:51:b5:ea:72:06:0e:bb:c4:d3:67:06:97:82:ea: 22:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:7F:FD:80:04:47:67:8F:34:CE:BC:15:3F:FA:B6:35:7D:7F:B0:EC X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/Cn_9gARHZ480zrwVP_q2NX1_sOw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.24.0/21 180.184.56.0/21 Signature Algorithm: sha256WithRSAEncryption 4f:5e:fd:25:e1:37:2c:6c:2c:eb:4c:e9:0d:6d:c5:33:fa:51: aa:77:c8:33:78:28:27:a7:77:08:a3:d4:44:87:16:46:63:ef: f8:91:cd:2a:8c:8e:d9:a8:45:79:b2:fa:d2:fc:a5:e3:af:9a: d8:01:af:42:7b:9e:c5:d7:ad:44:cb:45:5c:4f:e0:ee:7d:0b: 24:b1:6c:6e:20:65:a8:62:04:3a:3f:37:bc:2f:d4:3d:5c:a9: d1:13:a3:c5:66:c4:89:7e:ad:73:fc:63:3e:65:77:a0:f4:94: 22:53:f5:41:e8:68:39:d4:5f:a2:93:d6:57:b5:d2:07:b5:57: 13:b6:6c:45:c8:6d:09:d7:7b:53:6c:b0:9f:b9:60:b4:8d:b9: 26:db:49:cc:e4:ff:3e:ec:d1:81:1c:e2:b5:22:4b:45:06:4c: b2:e0:00:8b:65:04:30:70:41:89:be:41:5d:71:e5:39:d5:24: 87:55:2a:c5:9d:cd:17:29:68:a7:a4:69:e0:9d:fa:c9:58:ca: 51:f7:4c:e7:23:d7:af:4e:e2:4c:3d:9d:d3:b6:ea:4b:ee:a7: 0a:f7:66:00:23:22:e5:ba:87:36:0a:61:92:da:78:87:60:e2: c7:24:e2:92:41:66:91:43:c3:00:fd:19:30:b9:8b:32:b2:aa: 6d:be:68:32 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgICGDAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNDA1MjAx NDE5MzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBBN0ZGRDgwMDQ0NzY3 OEYzNENFQkMxNTNGRkFCNjM1N0Q3RkIwRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGNjsb0CP5P2jwh5wu+Ssp7FYolJeyHbz0TEFE9AVkZ5ks3ocy DopCidHmjHxNXm33IQMAhtG5KNwvySo/jorZKxpX5xRYEDXlqgR6yYHyGY7jjY1O 51gJaDsnUsJz69rbs5EHvXlXrpYExxcUNZZhSi2XW95I20c6fYbfSXOELB6gOE1H xTduP1NIXR/TCGYKMzPT6dc5rGUb8dO4l6HbRwt8EQ0X1XehiNjETAgNzE0X47I3 77CgduaGlKtiWatNmGRZsb5Del2r+E1RrBicL0vjMNenkbdFutoqV8v+ux4+ufXJ VxKhbF5fCgP/afdRtepyBg67xNNnBpeC6iKDAgMBAAGjggH5MIIB9TAdBgNVHQ4E FgQUCn/9gARHZ480zrwVP/q2NX1/sOwwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvQ25fOWdBUkhaNDgw enJ3VlBfcTJOWDFfc093LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw DAMEA7S4GAMEA7S4ODANBgkqhkiG9w0BAQsFAAOCAQEAT179JeE3LGws60zpDW3F M/pRqnfIM3goJ6d3CKPURIcWRmPv+JHNKoyO2ahFebL60vyl46+a2AGvQnuexdet RMtFXE/g7n0LJLFsbiBlqGIEOj83vC/UPVyp0ROjxWbEiX6tc/xjPmV3oPSUIlP1 QehoOdRfopPWV7XSB7VXE7ZsRchtCdd7U2ywn7lgtI25JttJzOT/PuzRgRzitSJL RQZMsuAAi2UEMHBBib5BXXHlOdUkh1UqxZ3NFylop6Rp4J36yVjKUfdM5yPXr07i TD2d07bqS+6nCvdmACMi5bqHNgphktp4h2DixyTikkFmkUPDAP0ZMLmLMrKqbb5o Mg== -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:40 2024 by rpki-client on console-ams.rpki-client.org