$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/T2rWZVXy8FJFbwCXKXapPtPZbDg.roa File: T2rWZVXy8FJFbwCXKXapPtPZbDg.roa (raw, json) Hash identifier: hlonYY2TB94S7FVVhD9ExFwUWK8n6dOKUWgXUoJv4bc= Subject key identifier: 4F:6A:D6:65:55:F2:F0:52:45:6F:00:97:29:76:A9:3E:D3:D9:6C:38 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1AAB Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/T2rWZVXy8FJFbwCXKXapPtPZbDg.roa Signing time: Tue 24 Sep 2024 00:21:47 +0000 ROA not before: Tue 24 Sep 2024 00:21:47 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 58539 IP address blocks: 180.184.8.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:25:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6827 (0x1aab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 24 00:21:47 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=4F6AD66555F2F052456F00972976A93ED3D96C38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:5f:78:c6:48:69:29:30:24:d6:19:cf:b3:c5: 77:46:bb:04:92:73:55:24:4e:11:32:74:e5:c1:ab: ee:0c:bd:5e:35:3b:39:79:7d:30:7c:22:b7:20:52: 52:83:98:6a:3a:64:1d:ff:01:39:f5:cb:10:57:2d: 0a:82:45:92:5d:50:51:36:28:fa:56:ab:30:e4:b8: 0f:48:c4:4b:44:69:6e:0e:dc:1e:1b:a4:b2:0b:38: 89:e1:f2:cd:d6:40:52:ea:2b:37:b2:86:ef:07:ba: 77:9b:28:6f:ea:a5:b0:f0:07:07:f0:93:a2:fc:b4: ad:a6:41:a7:06:13:6e:8c:71:ad:a8:34:8e:03:63: 15:01:27:f3:f0:da:f3:73:d9:c6:2d:80:c3:50:27: 36:a3:26:ba:1a:38:c2:c5:22:a6:23:33:cf:d4:9d: 6f:5d:74:7a:fa:f4:56:22:7a:8e:a5:90:e8:96:85: b4:64:cb:fb:7b:24:55:31:6e:ee:26:25:61:53:df: d2:23:c8:47:6b:b7:7c:2d:02:d3:21:7a:4c:6d:34: fc:2d:87:40:99:e8:3b:12:35:2b:84:ef:f7:c1:ce: d7:d1:0b:ff:21:ca:cd:9f:88:90:6c:9c:4c:c0:96: 87:6a:ab:a4:ca:fe:f8:6b:ca:1b:68:ea:78:33:ee: 27:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:6A:D6:65:55:F2:F0:52:45:6F:00:97:29:76:A9:3E:D3:D9:6C:38 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/T2rWZVXy8FJFbwCXKXapPtPZbDg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.8.0/23 Signature Algorithm: sha256WithRSAEncryption 1d:b9:6a:d5:f6:56:00:64:a8:43:cd:92:94:4b:82:a4:68:72: dc:2d:1a:1a:2c:8b:fb:fd:f6:de:c6:dc:61:e9:ff:c9:27:ae: 40:c2:c0:1a:d5:b8:af:dc:b2:cf:1c:1e:92:2e:78:af:eb:47: b9:a6:96:d4:0e:00:15:83:39:0e:0e:7f:4b:06:c3:25:eb:73: 7a:da:2d:ba:90:b0:ac:69:8a:f6:ff:f2:9f:9c:5b:55:21:96: 56:23:58:59:e6:bb:3f:2f:e8:20:af:aa:2c:21:c7:d6:e5:ab: 65:44:2c:a0:6a:24:9a:0c:6f:17:4f:fc:5c:80:af:26:47:1c: 69:8f:ff:56:41:64:0e:67:25:a1:aa:2a:1f:7c:b9:cd:fa:7d: b1:44:4a:0a:30:fe:e1:cc:b7:74:78:c9:83:45:b1:66:cb:60: 35:64:c5:e1:02:43:6f:ef:5e:88:ec:f1:49:cf:53:04:b2:c8: 2e:73:49:fd:84:c1:e6:2f:54:f0:ae:4f:7b:1b:8d:03:bd:27: 49:77:64:e0:e6:e5:64:cb:ac:aa:19:c0:a4:20:3d:f3:9c:17: 4d:fa:25:f7:77:8d:2d:99:11:88:54:0a:22:cf:16:c1:37:2d: 86:9d:b6:11:62:01:bc:b9:5d:e0:2f:b3:b1:86:ee:e2:fb:96: db:7d:06:88 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGqswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNDA5MjQw MDIxNDdaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDRGNkFENjY1NTVGMkYw NTI0NTZGMDA5NzI5NzZBOTNFRDNEOTZDMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDSX3jGSGkpMCTWGc+zxXdGuwSSc1UkThEydOXBq+4MvV41Ozl5 fTB8IrcgUlKDmGo6ZB3/ATn1yxBXLQqCRZJdUFE2KPpWqzDkuA9IxEtEaW4O3B4b pLILOInh8s3WQFLqKzeyhu8HunebKG/qpbDwBwfwk6L8tK2mQacGE26Mca2oNI4D YxUBJ/Pw2vNz2cYtgMNQJzajJroaOMLFIqYjM8/UnW9ddHr69FYieo6lkOiWhbRk y/t7JFUxbu4mJWFT39IjyEdrt3wtAtMhekxtNPwth0CZ6DsSNSuE7/fBztfRC/8h ys2fiJBsnEzAlodqq6TK/vhryhto6ngz7idjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUT2rWZVXy8FJFbwCXKXapPtPZbDgwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvVDJyV1pWWHk4RkpG YndDWEtYYXBQdFBaYkRnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAbS4CDANBgkqhkiG9w0BAQsFAAOCAQEAHblq1fZWAGSoQ82SlEuCpGhy3C0a GiyL+/323sbcYen/ySeuQMLAGtW4r9yyzxweki54r+tHuaaW1A4AFYM5Dg5/SwbD JetzetotupCwrGmK9v/yn5xbVSGWViNYWea7Py/oIK+qLCHH1uWrZUQsoGokmgxv F0/8XICvJkccaY//VkFkDmcloaoqH3y5zfp9sURKCjD+4cy3dHjJg0WxZstgNWTF 4QJDb+9eiOzxSc9TBLLILnNJ/YTB5i9U8K5PexuNA70nSXdk4OblZMusqhnApCA9 85wXTfol93eNLZkRiFQKIs8WwTcthp22EWIBvLld4C+zsYbu4vuW230GiA== -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:40 2024 by rpki-client on console-ams.rpki-client.org