$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/fy9AXhTdZH2Nhi6zHJK9SodjIpE.roa File: fy9AXhTdZH2Nhi6zHJK9SodjIpE.roa (raw, json) Hash identifier: eZjlm6m/4sjwHQWVrqCPR/Zs/EWt9ISmGArkRWuY4kQ= Subject key identifier: 7F:2F:40:5E:14:DD:64:7D:8D:86:2E:B3:1C:92:BD:4A:87:63:22:91 Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Certificate serial: 021E Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/fy9AXhTdZH2Nhi6zHJK9SodjIpE.roa Signing time: Sat 13 Jan 2024 09:38:22 +0000 ROA not before: Sat 13 Jan 2024 09:38:22 +0000 ROA not after: Tue 08 Oct 2024 00:16:33 +0000 asID: 9808 IP address blocks: 202.46.224.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Jun 2024 16:24:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 542 (0x21e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Validity Not Before: Jan 13 09:38:22 2024 GMT Not After : Oct 8 00:16:33 2024 GMT Subject: CN=7F2F405E14DD647D8D862EB31C92BD4A87632291 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:02:f8:c2:93:46:5b:bc:9b:d3:37:e6:0d:36: 26:29:b6:30:2b:d6:79:62:d4:09:4c:56:c5:3e:f5: 9f:c0:80:45:12:96:16:45:df:d9:84:16:a4:8c:58: 98:75:2c:5f:c6:8e:cd:11:ca:69:1f:60:79:db:d3: 4f:db:8f:13:72:d7:81:c7:75:1a:cb:5c:74:1c:2e: 88:b3:03:69:42:9a:f6:bc:58:02:4c:ef:c7:a3:fc: 35:cf:86:35:5b:84:97:4b:9b:b8:a5:56:87:e6:cb: 15:73:56:61:f0:6e:48:42:a4:07:6c:af:11:9e:d3: 5e:82:53:50:e0:db:a3:d2:2e:6f:96:c4:13:99:0a: ba:21:ac:7e:87:64:d0:62:5b:1d:47:34:fe:95:0d: da:51:b1:c7:87:dc:48:81:ec:50:c4:ab:a7:b9:a5: 6f:c6:7d:25:88:d3:ab:13:03:7f:12:87:13:ff:ea: 2d:dd:73:5c:a0:71:5b:ab:a1:c9:1e:4b:14:79:c3: 8e:b1:37:fd:26:25:4e:49:da:dd:9f:a1:ed:ed:18: f2:76:74:6f:63:bd:09:dc:15:9c:47:0c:bf:9f:e4: 15:44:b2:85:58:73:70:10:4a:7e:f6:50:8c:2d:5c: c0:47:02:7f:65:9e:b1:09:de:eb:3f:b4:34:05:eb: df:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:2F:40:5E:14:DD:64:7D:8D:86:2E:B3:1C:92:BD:4A:87:63:22:91 X509v3 Authority Key Identifier: keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/fy9AXhTdZH2Nhi6zHJK9SodjIpE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.46.224.0/22 Signature Algorithm: sha256WithRSAEncryption a8:60:5c:0b:f7:a1:be:29:4d:33:a9:79:03:9c:b3:66:35:10: af:0f:15:d5:b5:c0:2e:11:f3:1e:b2:b3:a1:7f:ae:45:8d:9d: 08:06:7c:8d:9b:cc:17:ce:86:3c:c3:12:60:3e:0d:f8:ca:73: aa:ef:3d:54:09:03:d7:94:6a:36:86:5f:e4:39:26:96:a7:46: b5:50:ce:3a:84:02:f8:18:3c:11:cc:99:58:46:4a:3d:54:30: 75:a7:67:0d:08:30:13:ec:8f:24:3e:e5:2d:32:e6:50:78:e7: 9d:ff:26:f0:8c:69:89:45:c1:53:2a:28:80:71:4f:8e:cc:d6: 23:0e:39:a0:77:89:5e:c0:49:76:b1:bc:c7:f5:c6:dc:0e:95: c5:51:2a:bd:6f:2b:1f:5c:49:13:cb:46:88:d1:a8:7a:35:0a: 79:e6:48:dc:dc:f5:96:84:51:b4:1e:2a:f2:52:2c:05:2e:10: 89:e0:e2:5e:a8:00:15:1a:d5:67:4a:40:fa:85:e5:3e:36:e7: 38:3b:ac:46:f7:48:f5:60:67:87:72:be:8b:9d:60:83:f2:e9: 5a:2b:36:32:6a:b5:0f:5a:65:d9:d2:95:28:ae:d5:04:58:62: 7b:e5:67:8a:46:7e:cb:3e:11:62:7d:bf:89:b8:99:30:87:03: 93:e5:01:2f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAh4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNDAxMTMw OTM4MjJaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDdGMkY0MDVFMTRERDY0 N0Q4RDg2MkVCMzFDOTJCRDRBODc2MzIyOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGAvjCk0ZbvJvTN+YNNiYptjAr1nli1AlMVsU+9Z/AgEUSlhZF 39mEFqSMWJh1LF/Gjs0RymkfYHnb00/bjxNy14HHdRrLXHQcLoizA2lCmva8WAJM 78ej/DXPhjVbhJdLm7ilVofmyxVzVmHwbkhCpAdsrxGe016CU1Dg26PSLm+WxBOZ CrohrH6HZNBiWx1HNP6VDdpRsceH3EiB7FDEq6e5pW/GfSWI06sTA38ShxP/6i3d c1ygcVurockeSxR5w46xN/0mJU5J2t2foe3tGPJ2dG9jvQncFZxHDL+f5BVEsoVY c3AQSn72UIwtXMBHAn9lnrEJ3us/tDQF69+/AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUfy9AXhTdZH2Nhi6zHJK9SodjIpEwHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b 3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvZnk5QVhoVGRaSDJO aGk2ekhKSzlTb2RqSXBFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAsou4DANBgkqhkiG9w0BAQsFAAOCAQEAqGBcC/ehvilNM6l5A5yzZjUQrw8V 1bXALhHzHrKzoX+uRY2dCAZ8jZvMF86GPMMSYD4N+Mpzqu89VAkD15RqNoZf5Dkm lqdGtVDOOoQC+Bg8EcyZWEZKPVQwdadnDQgwE+yPJD7lLTLmUHjnnf8m8IxpiUXB UyoogHFPjszWIw45oHeJXsBJdrG8x/XG3A6VxVEqvW8rH1xJE8tGiNGoejUKeeZI 3Nz1loRRtB4q8lIsBS4QieDiXqgAFRrVZ0pA+oXlPjbnODusRvdI9WBnh3K+i51g g/LpWis2Mmq1D1pl2dKVKK7VBFhie+VnikZ+yz4RYn2/ibiZMIcDk+UBLw== -----END CERTIFICATE-----Generated at Sun Jun 2 11:54:52 2024 by rpki-client on console-fra.rpki-client.org