$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/I_M2IfoLHa9FPH9Vn1iaPXGSWSI.roa File: I_M2IfoLHa9FPH9Vn1iaPXGSWSI.roa (raw, json) Hash identifier: nN99pmX4MaJoqu6cF3+hEPfPGRIYxHOaeFeCvKXOynM= Subject key identifier: 23:F3:36:21:FA:0B:1D:AF:45:3C:7F:55:9F:58:9A:3D:71:92:59:22 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1AA9 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/I_M2IfoLHa9FPH9Vn1iaPXGSWSI.roa Signing time: Tue 24 Sep 2024 00:21:46 +0000 ROA not before: Tue 24 Sep 2024 00:21:46 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 58466 IP address blocks: 118.145.32.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6825 (0x1aa9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 24 00:21:46 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=23F33621FA0B1DAF453C7F559F589A3D71925922 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:f1:30:76:15:4a:b1:a8:4f:4c:a4:34:88:2e: c6:bf:95:63:7a:a9:2e:2b:a7:5d:07:16:57:0e:81: 1c:96:ec:b1:5f:ff:cf:67:13:3f:78:41:f9:7d:54: ea:24:67:68:2d:68:a8:34:79:af:5e:96:df:69:47: ea:f8:e0:24:cd:2b:bf:92:f3:8a:49:96:76:a2:51: 1b:c8:60:f5:06:7d:b8:ad:f2:b6:a2:31:fd:78:25: be:3e:0c:dc:e9:b2:91:ab:41:72:01:24:0d:61:c4: 7d:cf:ba:7f:b8:9a:33:5c:af:cb:59:75:60:58:16: b9:02:44:50:9e:6e:85:b0:c3:83:bf:f0:7a:3a:94: 9b:18:94:bf:80:ce:e6:68:83:d2:e6:1d:79:d2:5b: b8:f6:2c:c1:76:bf:de:fc:74:6a:90:a8:01:8a:06: 41:94:91:78:92:12:66:44:bc:b8:0d:03:0e:25:0a: 11:1c:24:b9:3d:d1:f1:d0:eb:5f:3c:96:0e:3f:ed: 08:85:cf:18:84:2d:53:7a:46:b0:e2:68:02:4d:b5: 03:cd:7e:df:41:11:16:6b:2c:9d:64:15:2b:31:5d: b5:c7:1e:49:6c:c2:21:26:84:a6:b2:ac:e0:3b:4b: 5a:84:7b:43:47:58:e9:d5:b6:61:4a:9e:76:f8:4b: 79:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:F3:36:21:FA:0B:1D:AF:45:3C:7F:55:9F:58:9A:3D:71:92:59:22 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/I_M2IfoLHa9FPH9Vn1iaPXGSWSI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.145.32.0/19 Signature Algorithm: sha256WithRSAEncryption 38:33:fd:ab:e3:a3:0e:2e:a8:a5:58:bf:94:9d:91:52:69:68: 75:d6:02:d8:6c:ed:88:2f:fd:1e:cd:9e:9b:f2:2e:52:02:87: 32:d8:3b:6b:80:3a:19:69:90:01:a7:15:5e:f7:11:6a:27:7c: 1f:35:43:7d:3a:9a:05:9d:4b:0b:8e:35:8f:e0:4a:1b:cd:a6: 04:cf:8d:19:27:33:d0:d9:7a:e4:31:08:a7:ea:7a:09:b4:eb: 91:0d:c6:51:6d:3e:d3:97:fe:1b:4b:3b:cd:79:4b:89:59:9a: 22:32:b0:15:50:af:89:47:84:17:a2:ac:1a:07:a9:92:9b:45: 1a:03:f1:bc:88:cf:94:de:bb:c6:a3:5a:8d:99:a9:85:2d:63: 52:46:52:d9:ac:a4:38:22:de:79:0b:3e:8c:12:a9:84:7f:38: eb:fc:a1:e7:64:2c:cc:89:e6:50:c0:54:b5:c7:7a:21:ff:ee: dc:1b:7d:2e:9b:13:8e:92:42:a1:64:14:e9:d1:94:72:07:cd: 45:e7:21:83:9c:d7:fa:fc:78:4a:09:83:73:2a:39:45:65:9e: 8d:bc:55:b4:63:4b:c6:cd:37:a0:e8:57:30:19:11:dc:8d:a4: 87:49:66:46:ff:bb:ca:e3:6a:0c:dc:90:64:f0:73:b6:cb:fb: 8b:33:19:a5 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGqkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNDA5MjQw MDIxNDZaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDIzRjMzNjIxRkEwQjFE QUY0NTNDN0Y1NTlGNTg5QTNENzE5MjU5MjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC48TB2FUqxqE9MpDSILsa/lWN6qS4rp10HFlcOgRyW7LFf/89n Ez94Qfl9VOokZ2gtaKg0ea9elt9pR+r44CTNK7+S84pJlnaiURvIYPUGfbit8rai Mf14Jb4+DNzpspGrQXIBJA1hxH3Pun+4mjNcr8tZdWBYFrkCRFCeboWww4O/8Ho6 lJsYlL+AzuZog9LmHXnSW7j2LMF2v978dGqQqAGKBkGUkXiSEmZEvLgNAw4lChEc JLk90fHQ6188lg4/7QiFzxiELVN6RrDiaAJNtQPNft9BERZrLJ1kFSsxXbXHHkls wiEmhKayrOA7S1qEe0NHWOnVtmFKnnb4S3l1AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUI/M2IfoLHa9FPH9Vn1iaPXGSWSIwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvSV9NMklmb0xIYTlG UEg5Vm4xaWFQWEdTV1NJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXaRIDANBgkqhkiG9w0BAQsFAAOCAQEAODP9q+OjDi6opVi/lJ2RUmloddYC 2GztiC/9Hs2em/IuUgKHMtg7a4A6GWmQAacVXvcRaid8HzVDfTqaBZ1LC441j+BK G82mBM+NGScz0Nl65DEIp+p6CbTrkQ3GUW0+05f+G0s7zXlLiVmaIjKwFVCviUeE F6KsGgepkptFGgPxvIjPlN67xqNajZmphS1jUkZS2aykOCLeeQs+jBKphH846/yh 52QszInmUMBUtcd6If/u3Bt9LpsTjpJCoWQU6dGUcgfNRechg5zX+vx4SgmDcyo5 RWWejbxVtGNLxs03oOhXMBkR3I2kh0lmRv+7yuNqDNyQZPBztsv7izMZpQ== -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:44 2024 by rpki-client on console-ams.rpki-client.org