$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/xNap2Y8tUbfuYfhnKVOCViJKfow.roa File: xNap2Y8tUbfuYfhnKVOCViJKfow.roa (raw, json) Hash identifier: jx4Di2kg3KQ4ZH9mf/IzC/YUy0IJd9H/m7O/yOLQL88= Subject key identifier: C4:D6:A9:D9:8F:2D:51:B7:EE:61:F8:67:29:53:82:56:22:4A:7E:8C Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1AAC Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/xNap2Y8tUbfuYfhnKVOCViJKfow.roa Signing time: Tue 24 Sep 2024 00:21:47 +0000 ROA not before: Tue 24 Sep 2024 00:21:47 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 23724 IP address blocks: 180.184.24.0/21 maxlen: 24 180.184.56.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6828 (0x1aac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 24 00:21:47 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=C4D6A9D98F2D51B7EE61F86729538256224A7E8C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:b1:d8:aa:ff:c3:fc:4a:ad:bc:ad:0d:ba:44: e4:5c:b3:a1:5c:5f:d6:8d:7c:57:7d:50:2c:53:61: d6:1e:42:40:44:7b:65:52:e3:86:e5:e1:bd:c8:2a: 45:76:97:66:e6:ac:2b:ad:17:72:b9:66:1d:1d:47: 80:93:e1:a9:ec:d7:79:6b:57:6f:0c:f4:7f:3e:f5: 92:f4:0c:c9:e5:f0:75:79:48:6d:f3:33:ed:66:43: a0:63:c0:28:5f:42:62:f6:c6:47:00:02:83:13:66: 73:e6:fa:ad:42:d3:46:90:cd:5b:4c:c7:4d:31:0d: 9e:45:1c:86:35:11:00:fc:1b:36:2f:e1:1e:e5:c9: 2f:0c:ad:f4:86:03:ab:66:ee:f0:b3:52:ac:90:94: 01:9d:53:a2:a9:ca:4d:18:38:02:b2:85:0e:17:95: 0e:ef:ab:34:b6:24:15:d3:e9:7d:1c:da:d0:eb:e0: 63:6a:81:c7:7f:46:25:94:f1:a3:45:a4:cf:94:3f: fb:0b:57:a2:72:64:c5:73:ee:11:0a:db:e8:a5:cf: 52:73:cb:91:df:cf:1a:20:59:b0:15:83:12:b1:f7: 10:00:80:42:87:b2:64:4f:ca:d9:1f:21:a8:b8:f4: 2b:13:42:d9:c1:4a:6e:d6:26:be:16:11:b3:e4:80: 93:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:D6:A9:D9:8F:2D:51:B7:EE:61:F8:67:29:53:82:56:22:4A:7E:8C X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/xNap2Y8tUbfuYfhnKVOCViJKfow.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.24.0/21 180.184.56.0/21 Signature Algorithm: sha256WithRSAEncryption a4:12:4f:ab:9f:99:3a:f3:bd:53:4a:37:6a:74:90:9e:ab:57: 7c:b1:c3:67:be:bf:f0:83:fc:e1:58:d8:ac:64:16:a0:c9:e9: f7:9a:b9:51:c1:c6:74:5c:07:81:8e:37:40:4c:1e:68:d0:89: 8f:f6:c5:55:af:49:6e:6d:ea:2c:7e:0f:ea:8c:66:79:a5:73: 98:d9:33:58:a3:d3:d0:f3:4f:2e:17:c4:70:18:87:5a:d0:d2: 69:94:df:61:25:2e:27:ca:86:4a:a1:92:48:aa:22:f4:1c:3b: 71:9f:45:a6:70:f3:96:52:a0:a3:6e:ef:01:d9:bb:5f:84:3c: 98:82:7c:7c:96:de:a8:12:ba:fd:d0:4f:49:78:77:b1:81:4b: e1:78:74:da:f7:6f:69:f3:0f:a4:f9:e3:19:d9:3b:2b:34:fe: 0a:b3:5c:43:5d:c9:4c:d6:17:ea:25:d1:b5:1d:18:bb:d8:fe: 9a:32:32:a9:30:82:43:52:dd:b0:83:48:32:3f:d5:a8:e0:14: cd:1c:1c:0a:0b:74:ea:7c:af:b9:a6:16:20:9e:92:1c:a6:44: 20:eb:34:c6:cb:b9:66:cb:56:ad:67:32:6e:a9:53:ee:11:90: b3:cf:63:a7:31:82:97:d7:de:d3:c0:5e:de:70:aa:fa:03:5f: e1:d2:da:43 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgICGqwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNDA5MjQw MDIxNDdaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKEM0RDZBOUQ5OEYyRDUx QjdFRTYxRjg2NzI5NTM4MjU2MjI0QTdFOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWsdiq/8P8Sq28rQ26RORcs6FcX9aNfFd9UCxTYdYeQkBEe2VS 44bl4b3IKkV2l2bmrCutF3K5Zh0dR4CT4ans13lrV28M9H8+9ZL0DMnl8HV5SG3z M+1mQ6BjwChfQmL2xkcAAoMTZnPm+q1C00aQzVtMx00xDZ5FHIY1EQD8GzYv4R7l yS8MrfSGA6tm7vCzUqyQlAGdU6Kpyk0YOAKyhQ4XlQ7vqzS2JBXT6X0c2tDr4GNq gcd/RiWU8aNFpM+UP/sLV6JyZMVz7hEK2+ilz1Jzy5HfzxogWbAVgxKx9xAAgEKH smRPytkfIai49CsTQtnBSm7WJr4WEbPkgJNNAgMBAAGjggH5MIIB9TAdBgNVHQ4E FgQUxNap2Y8tUbfuYfhnKVOCViJKfowwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQveE5hcDJZOHRVYmZ1 WWZobktWT0NWaUpLZm93LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw DAMEA7S4GAMEA7S4ODANBgkqhkiG9w0BAQsFAAOCAQEApBJPq5+ZOvO9U0o3anSQ nqtXfLHDZ76/8IP84VjYrGQWoMnp95q5UcHGdFwHgY43QEweaNCJj/bFVa9Jbm3q LH4P6oxmeaVzmNkzWKPT0PNPLhfEcBiHWtDSaZTfYSUuJ8qGSqGSSKoi9Bw7cZ9F pnDzllKgo27vAdm7X4Q8mIJ8fJbeqBK6/dBPSXh3sYFL4Xh02vdvafMPpPnjGdk7 KzT+CrNcQ13JTNYX6iXRtR0Yu9j+mjIyqTCCQ1LdsINIMj/VqOAUzRwcCgt06nyv uaYWIJ6SHKZEIOs0xsu5ZstWrWcybqlT7hGQs89jpzGCl9fe08Be3nCq+gNf4dLa Qw== -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:44 2024 by rpki-client on console-ams.rpki-client.org