$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/AtjmeAO7NJ2sPc0sNjgpFkTWkVU.roa File: AtjmeAO7NJ2sPc0sNjgpFkTWkVU.roa (raw, json) Hash identifier: 7YD+VMOWRgD+SlkAhj/tMdk6HTn7OOMchCeee1DjNRA= Subject key identifier: 02:D8:E6:78:03:BB:34:9D:AC:3D:CD:2C:36:38:29:16:44:D6:91:55 Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Certificate serial: 0711 Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/AtjmeAO7NJ2sPc0sNjgpFkTWkVU.roa Signing time: Tue 24 Sep 2024 00:17:53 +0000 ROA not before: Tue 24 Sep 2024 00:17:53 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 9808 IP address blocks: 202.46.224.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 Nov 2024 03:50:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1809 (0x711) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Validity Not Before: Sep 24 00:17:53 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=02D8E67803BB349DAC3DCD2C3638291644D69155 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:0c:71:83:c6:72:77:02:c4:30:4c:ee:2f:c7: 58:99:1c:c3:43:66:4b:17:1d:8a:94:a1:5e:74:ef: 94:64:23:46:91:1b:36:61:d3:d7:af:a1:89:87:0d: 73:a6:e1:bc:20:f2:dc:b5:6a:20:51:d6:f9:5e:24: 63:d3:b6:ff:73:99:ec:e4:3c:68:83:e1:d2:23:d5: db:98:5d:df:61:aa:89:74:cd:55:2f:5b:a2:fa:a6: a2:d2:81:be:b0:43:ac:92:e7:69:71:ad:d1:10:c1: 0f:17:2f:39:2c:aa:8c:3f:a7:c3:20:e6:66:c8:d1: 02:80:d5:76:29:28:a3:20:ed:c2:5a:40:c2:2c:80: d9:6c:a9:20:8e:65:a7:e7:0f:b8:32:b8:fa:66:f0: be:f4:9b:7e:d6:1f:14:2e:da:0b:83:c1:ad:8d:f4: e5:d1:c0:86:70:84:50:91:cf:f1:86:11:05:2d:20: 61:2b:87:66:0c:ed:09:10:56:16:6b:d5:4d:ba:af: e7:62:04:a6:a7:c5:af:fe:5b:02:f0:82:d4:24:eb: ab:1f:dc:cf:0f:7e:da:d4:52:14:f7:f1:d1:17:5a: 42:c9:e2:48:df:55:73:49:af:0f:8c:1e:46:0c:60: 58:b5:22:18:49:d8:98:fd:e2:82:9f:db:0b:c1:ec: d8:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:D8:E6:78:03:BB:34:9D:AC:3D:CD:2C:36:38:29:16:44:D6:91:55 X509v3 Authority Key Identifier: keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/AtjmeAO7NJ2sPc0sNjgpFkTWkVU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.46.224.0/22 Signature Algorithm: sha256WithRSAEncryption 99:5d:d6:f1:fd:50:39:3a:87:54:1b:d8:f5:ff:2a:15:c0:c2: 51:8b:37:9b:1d:a6:82:1d:9d:10:7d:c5:80:73:1d:b4:d8:be: 7f:0c:3f:a0:24:f1:bb:14:27:f7:5e:8f:b8:1d:dd:2c:4e:6c: 74:96:ad:86:41:45:c7:b3:1f:e5:51:ad:2f:73:0d:66:55:18: 54:2f:62:0b:77:9b:11:3e:8d:48:e3:70:67:c9:50:e7:c3:ee: 22:dc:7b:66:18:84:e1:b3:e2:dc:c4:5c:39:27:15:1c:02:b1: 2a:e8:a6:16:36:e0:17:a0:c3:31:c0:cf:66:6c:2b:0e:02:29: 2a:dd:5f:d5:4e:99:77:83:81:cb:60:79:36:9b:f1:fb:4e:ff: 7d:71:14:59:03:c3:a0:8d:74:a0:d8:7b:a1:1b:b4:47:03:c8: 61:d6:6a:f7:98:0f:46:a9:e1:e0:23:20:26:ad:4a:94:2e:ed: 16:af:68:df:94:8b:0f:a8:50:cb:ef:29:1b:50:b4:a2:e4:30: d7:c9:84:ff:a9:60:3a:b5:41:26:c6:59:5e:13:af:6d:c0:56: e7:60:72:ec:05:cf:39:56:2a:c3:dc:1a:75:b0:4e:26:9a:87: f1:16:4c:88:a3:04:ed:bf:f8:32:a2:ce:fd:6d:bc:8e:09:35: 5c:e2:cf:8b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBxEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNDA5MjQw MDE3NTNaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDAyRDhFNjc4MDNCQjM0 OURBQzNEQ0QyQzM2MzgyOTE2NDRENjkxNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/DHGDxnJ3AsQwTO4vx1iZHMNDZksXHYqUoV5075RkI0aRGzZh 09evoYmHDXOm4bwg8ty1aiBR1vleJGPTtv9zmezkPGiD4dIj1duYXd9hqol0zVUv W6L6pqLSgb6wQ6yS52lxrdEQwQ8XLzksqow/p8Mg5mbI0QKA1XYpKKMg7cJaQMIs gNlsqSCOZafnD7gyuPpm8L70m37WHxQu2guDwa2N9OXRwIZwhFCRz/GGEQUtIGEr h2YM7QkQVhZr1U26r+diBKanxa/+WwLwgtQk66sf3M8PftrUUhT38dEXWkLJ4kjf VXNJrw+MHkYMYFi1IhhJ2Jj94oKf2wvB7NjfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUAtjmeAO7NJ2sPc0sNjgpFkTWkVUwHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b 3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvQXRqbWVBTzdOSjJz UGMwc05qZ3BGa1RXa1ZVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAsou4DANBgkqhkiG9w0BAQsFAAOCAQEAmV3W8f1QOTqHVBvY9f8qFcDCUYs3 mx2mgh2dEH3FgHMdtNi+fww/oCTxuxQn916PuB3dLE5sdJathkFFx7Mf5VGtL3MN ZlUYVC9iC3ebET6NSONwZ8lQ58PuItx7ZhiE4bPi3MRcOScVHAKxKuimFjbgF6DD McDPZmwrDgIpKt1f1U6Zd4OBy2B5Npvx+07/fXEUWQPDoI10oNh7oRu0RwPIYdZq 95gPRqnh4CMgJq1KlC7tFq9o35SLD6hQy+8pG1C0ouQw18mE/6lgOrVBJsZZXhOv bcBW52By7AXPOVYqw9wadbBOJpqH8RZMiKME7b/4MqLO/W28jgk1XOLPiw== -----END CERTIFICATE-----Generated at Sat Nov 16 03:06:23 2024 by rpki-client on console-fra.rpki-client.org