$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/312/fwAn8NSnt3x2w-dWyifIZLWULAg.roa File: fwAn8NSnt3x2w-dWyifIZLWULAg.roa (raw, json) Hash identifier: rJb4+FFw38PVxlwUN6Vt3vgaj1zI3TP7PL21EUmHRSE= Subject key identifier: 7F:00:27:F0:D4:A7:B7:7C:76:C3:E7:56:CA:27:C8:64:B5:94:2C:08 Certificate issuer: /CN=85F3BFD1A14090C4829A5A313A4D31F9CC8F312F Certificate serial: 1957 Authority key identifier: 85:F3:BF:D1:A1:40:90:C4:82:9A:5A:31:3A:4D:31:F9:CC:8F:31:2F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/fwAn8NSnt3x2w-dWyifIZLWULAg.roa Signing time: Fri 06 Sep 2024 01:55:46 +0000 ROA not before: Fri 06 Sep 2024 01:55:46 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 135373 IP address blocks: 112.73.0.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/hfO_0aFAkMSCmloxOk0x-cyPMS8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/hfO_0aFAkMSCmloxOk0x-cyPMS8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:21:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6487 (0x1957) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85F3BFD1A14090C4829A5A313A4D31F9CC8F312F Validity Not Before: Sep 6 01:55:46 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=7F0027F0D4A7B77C76C3E756CA27C864B5942C08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:77:d0:64:ca:5c:9c:c7:1a:32:06:a2:e0:7b: 7d:ca:7e:7c:4c:57:3a:1a:c4:5b:1e:49:00:94:ee: 34:d7:82:6d:c0:7e:44:9a:b1:56:a7:97:23:33:85: ca:0d:dc:60:45:f8:8f:a0:d0:a7:5c:c2:1f:ca:c9: 48:fc:0d:3b:8f:52:ab:c8:59:31:ca:af:25:21:c4: d8:05:7a:cc:65:17:01:9f:c0:e2:6c:7f:91:e7:5d: 8d:e9:52:8d:82:2c:00:b2:b1:f8:e3:35:02:6c:81: e7:6b:9b:8c:42:4e:8c:d4:e5:23:dc:0a:f2:38:02: f9:41:54:95:73:99:54:7c:4b:b7:3a:9c:88:7d:8e: f4:f0:51:6d:3d:49:08:7a:e7:70:41:29:72:50:50: 47:13:15:51:0f:26:88:19:e6:99:51:d9:21:e5:01: 82:aa:ce:d6:05:4e:85:e1:ce:0c:80:74:2f:37:5d: d3:81:53:59:ad:59:52:e4:e8:08:ca:ac:cd:fa:93: 34:a7:0f:3b:c9:1c:ea:a7:26:1f:50:f7:82:48:d4: 63:45:a9:27:99:ed:b7:33:08:47:bc:dc:0a:2d:91: f5:e6:b2:7f:33:a1:a2:e5:89:86:85:de:7e:35:24: ad:af:bc:74:69:a2:f2:83:78:a4:20:08:52:99:b9: 89:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:00:27:F0:D4:A7:B7:7C:76:C3:E7:56:CA:27:C8:64:B5:94:2C:08 X509v3 Authority Key Identifier: keyid:85:F3:BF:D1:A1:40:90:C4:82:9A:5A:31:3A:4D:31:F9:CC:8F:31:2F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/hfO_0aFAkMSCmloxOk0x-cyPMS8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/fwAn8NSnt3x2w-dWyifIZLWULAg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 112.73.0.0/19 Signature Algorithm: sha256WithRSAEncryption b8:0f:95:a4:15:69:93:56:ef:3d:66:16:c0:a0:7e:d1:e2:58: 6a:74:37:c5:ea:56:18:38:e9:36:3a:3b:ac:d7:85:67:7b:7a: 1b:e1:6f:85:32:bd:56:db:0e:13:2d:d9:46:d0:08:e9:a9:29: 71:fe:0d:b4:51:dd:23:5f:95:4e:d5:c1:31:ef:f7:54:3b:c5: 64:03:d5:cd:ff:c3:01:08:2d:fa:10:dc:8d:4e:59:10:3f:d5: 06:4a:6d:e1:ac:18:d3:d7:b8:f2:fc:08:a6:f3:2f:d2:63:52: 94:70:35:a8:3a:54:2d:28:c0:ec:04:65:fd:28:7a:34:8a:bf: 4e:34:51:b8:16:28:da:1f:c8:21:ab:96:de:d8:10:19:b7:ed: b8:4e:13:bf:57:69:83:28:ae:f8:c8:65:81:f7:52:06:24:2a: 99:74:34:0b:33:b5:34:3c:7b:74:73:f2:ee:4d:a3:c1:f8:45: cb:14:8a:04:a2:b0:9d:71:1e:96:3c:23:12:a0:6f:44:19:ac: 1f:f5:91:ec:77:fb:5a:6d:76:4e:75:57:33:dd:7c:8b:db:7f: de:96:56:47:34:77:90:a2:b0:63:4a:e8:ca:19:10:be:7c:5a: 08:52:83:cc:e3:5a:d1:f5:db:3d:17:62:45:36:6c:a9:af:73: f7:47:ae:35 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGVcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODVG M0JGRDFBMTQwOTBDNDgyOUE1QTMxM0E0RDMxRjlDQzhGMzEyRjAeFw0yNDA5MDYw MTU1NDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdGMDAyN0YwRDRBN0I3 N0M3NkMzRTc1NkNBMjdDODY0QjU5NDJDMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQChd9BkylycxxoyBqLge33KfnxMVzoaxFseSQCU7jTXgm3AfkSa sVanlyMzhcoN3GBF+I+g0Kdcwh/KyUj8DTuPUqvIWTHKryUhxNgFesxlFwGfwOJs f5HnXY3pUo2CLACysfjjNQJsgedrm4xCTozU5SPcCvI4AvlBVJVzmVR8S7c6nIh9 jvTwUW09SQh653BBKXJQUEcTFVEPJogZ5plR2SHlAYKqztYFToXhzgyAdC83XdOB U1mtWVLk6AjKrM36kzSnDzvJHOqnJh9Q94JI1GNFqSeZ7bczCEe83AotkfXmsn8z oaLliYaF3n41JK2vvHRpovKDeKQgCFKZuYnzAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUfwAn8NSnt3x2w+dWyifIZLWULAgwHwYDVR0jBBgwFoAUhfO/0aFAkMSCmlox Ok0x+cyPMS8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEy L2hmT18wYUZBa01TQ21sb3hPazB4LWN5UE1TOC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvaGZPXzBhRkFrTVNDbWxveE9rMHgtY3lQTVM4LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEyL2Z3QW44TlNudDN4Mnct ZFd5aWZJWkxXVUxBZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAVwSQAwDQYJKoZIhvcNAQELBQADggEBALgPlaQVaZNW7z1mFsCgftHiWGp0N8Xq Vhg46TY6O6zXhWd7ehvhb4UyvVbbDhMt2UbQCOmpKXH+DbRR3SNflU7VwTHv91Q7 xWQD1c3/wwEILfoQ3I1OWRA/1QZKbeGsGNPXuPL8CKbzL9JjUpRwNag6VC0owOwE Zf0oejSKv040UbgWKNofyCGrlt7YEBm37bhOE79XaYMorvjIZYH3UgYkKpl0NAsz tTQ8e3Rz8u5No8H4RcsUigSisJ1xHpY8IxKgb0QZrB/1kex3+1ptdk51VzPdfIvb f96WVkc0d5CisGNK6MoZEL58WghSg8zjWtH12z0XYkU2bKmvc/dHrjU= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:44 2024 by rpki-client on console-ams.rpki-client.org