$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/ZTFBOS4TbQI5wTD2it0iJvmbjGI.roa File: ZTFBOS4TbQI5wTD2it0iJvmbjGI.roa (raw, json) Hash identifier: 7qjP02DOJKY/YQWYXGBMCl7w4KEpappIbd5+rUbZdQg= Subject key identifier: 65:31:41:39:2E:13:6D:02:39:C1:30:F6:8A:DD:22:26:F9:9B:8C:62 Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Certificate serial: 0712 Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/ZTFBOS4TbQI5wTD2it0iJvmbjGI.roa Signing time: Tue 24 Sep 2024 00:17:54 +0000 ROA not before: Tue 24 Sep 2024 00:17:54 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 135061 IP address blocks: 202.46.224.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1810 (0x712) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Validity Not Before: Sep 24 00:17:54 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=653141392E136D0239C130F68ADD2226F99B8C62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:8b:b3:f6:49:12:02:7f:23:5e:da:eb:5d:5c: 10:9c:c3:1a:95:78:1d:72:35:30:de:91:f0:ce:8f: 2e:19:35:df:09:f4:66:8b:e7:09:b4:7c:20:62:46: 04:f2:42:91:5e:95:f9:16:38:8e:e2:f0:16:99:6c: 91:3f:a2:d3:80:08:8f:14:cd:a3:f0:ed:5f:a3:4f: 43:c4:d6:94:be:12:61:a5:63:20:69:82:3e:44:a4: e2:aa:72:74:14:16:23:43:2a:15:70:fa:84:f7:2d: cd:b0:97:b0:8f:23:96:9a:28:5e:43:28:b9:db:ca: c9:43:43:33:ef:d0:36:73:ea:fd:eb:a0:b7:07:ee: a0:b1:d6:dc:a5:05:13:f9:9f:b5:63:fa:cd:f1:b4: 2e:65:42:07:d0:4e:56:7e:84:51:be:a8:b8:f6:38: 93:2d:0a:15:76:77:e9:cb:9c:d7:f6:a9:fe:74:63: 34:15:d5:7f:19:8a:e3:c0:6d:f6:c4:83:23:c8:fa: 0f:5d:04:75:47:13:0a:8d:54:38:4f:a0:35:c2:a8: 4c:aa:60:56:6a:74:95:0d:c6:6c:43:d4:b7:06:87: ed:7a:50:b7:99:08:a6:83:5c:dc:99:5c:bf:d6:d8: ab:04:1b:24:5c:53:92:ba:7c:e9:34:a1:3f:12:9f: 12:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:31:41:39:2E:13:6D:02:39:C1:30:F6:8A:DD:22:26:F9:9B:8C:62 X509v3 Authority Key Identifier: keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/ZTFBOS4TbQI5wTD2it0iJvmbjGI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.46.224.0/22 Signature Algorithm: sha256WithRSAEncryption 05:ec:c4:5f:76:fd:b4:1b:4f:ce:b3:b8:14:48:66:7b:8d:06: 8e:93:eb:27:06:3b:13:1b:7a:58:43:d6:ea:4c:cd:f8:a2:dc: f3:bb:1f:33:d7:84:e8:64:0f:c2:6b:9a:9c:0b:b4:9a:80:77: 3f:dc:b8:5d:d3:27:e6:5f:3a:6c:9f:5a:47:4b:f0:3c:2d:98: 94:25:d7:b9:ba:46:5d:12:01:64:f5:37:0f:6a:55:04:ef:1a: 50:e8:97:ad:d6:90:3e:33:9f:e0:66:53:31:0b:05:f1:d1:c1: 67:19:62:ef:7a:23:61:0a:b2:5a:af:94:01:e5:c6:a6:06:68: f1:63:a8:f1:87:2f:ad:d1:a3:4f:67:61:24:80:4b:2e:8a:19: 74:e3:95:60:31:18:0d:a2:5f:5a:da:5b:8a:4b:5f:46:c9:7f: f3:f9:53:8b:6b:58:6a:1e:bc:d1:63:1b:63:62:a8:34:08:4a: 81:7d:41:48:18:84:cb:44:11:3f:6b:1b:41:f7:ca:4e:7d:97: e6:18:dc:1a:f9:5c:d9:32:21:38:9b:7b:ea:d1:86:40:0f:ce: 88:3a:da:f5:4f:75:00:12:d1:a0:4f:b3:09:da:66:dc:dc:5c: 29:32:44:f0:09:84:7b:38:9f:13:14:64:45:d5:02:90:e2:e5: 30:31:1f:c8 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBxIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNDA5MjQw MDE3NTRaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDY1MzE0MTM5MkUxMzZE MDIzOUMxMzBGNjhBREQyMjI2Rjk5QjhDNjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJi7P2SRICfyNe2utdXBCcwxqVeB1yNTDekfDOjy4ZNd8J9GaL 5wm0fCBiRgTyQpFelfkWOI7i8BaZbJE/otOACI8UzaPw7V+jT0PE1pS+EmGlYyBp gj5EpOKqcnQUFiNDKhVw+oT3Lc2wl7CPI5aaKF5DKLnbyslDQzPv0DZz6v3roLcH 7qCx1tylBRP5n7Vj+s3xtC5lQgfQTlZ+hFG+qLj2OJMtChV2d+nLnNf2qf50YzQV 1X8ZiuPAbfbEgyPI+g9dBHVHEwqNVDhPoDXCqEyqYFZqdJUNxmxD1LcGh+16ULeZ CKaDXNyZXL/W2KsEGyRcU5K6fOk0oT8SnxLFAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUZTFBOS4TbQI5wTD2it0iJvmbjGIwHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b 3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvWlRGQk9TNFRiUUk1 d1REMml0MGlKdm1iakdJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAsou4DANBgkqhkiG9w0BAQsFAAOCAQEABezEX3b9tBtPzrO4FEhme40GjpPr JwY7Ext6WEPW6kzN+KLc87sfM9eE6GQPwmuanAu0moB3P9y4XdMn5l86bJ9aR0vw PC2YlCXXubpGXRIBZPU3D2pVBO8aUOiXrdaQPjOf4GZTMQsF8dHBZxli73ojYQqy Wq+UAeXGpgZo8WOo8YcvrdGjT2dhJIBLLooZdOOVYDEYDaJfWtpbiktfRsl/8/lT i2tYah680WMbY2KoNAhKgX1BSBiEy0QRP2sbQffKTn2X5hjcGvlc2TIhOJt76tGG QA/OiDra9U91ABLRoE+zCdpm3NxcKTJE8AmEezifExRkRdUCkOLlMDEfyA== -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:40 2024 by rpki-client on console-fra.rpki-client.org