$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/312/kITN17NnNT9DwfJRj6g1XENGm24.roa File: kITN17NnNT9DwfJRj6g1XENGm24.roa (raw, json) Hash identifier: PWYKWQpULrJQU8grTZzXq+sDVEWl5Tl1oebwGJAdFU0= Subject key identifier: 90:84:CD:D7:B3:67:35:3F:43:C1:F2:51:8F:A8:35:5C:43:46:9B:6E Certificate issuer: /CN=85F3BFD1A14090C4829A5A313A4D31F9CC8F312F Certificate serial: 1954 Authority key identifier: 85:F3:BF:D1:A1:40:90:C4:82:9A:5A:31:3A:4D:31:F9:CC:8F:31:2F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/kITN17NnNT9DwfJRj6g1XENGm24.roa Signing time: Fri 06 Sep 2024 01:55:44 +0000 ROA not before: Fri 06 Sep 2024 01:55:44 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 38372 IP address blocks: 112.73.32.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/hfO_0aFAkMSCmloxOk0x-cyPMS8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/hfO_0aFAkMSCmloxOk0x-cyPMS8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:21:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6484 (0x1954) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85F3BFD1A14090C4829A5A313A4D31F9CC8F312F Validity Not Before: Sep 6 01:55:44 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=9084CDD7B367353F43C1F2518FA8355C43469B6E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:b4:e9:fa:05:6e:ea:b6:01:38:14:33:23:c4: e2:8c:d2:35:e4:cb:39:71:e4:0d:73:74:f3:2d:38: 6c:48:38:37:de:6a:c1:a9:79:30:ac:ce:cc:2f:c6: 41:c6:b5:99:38:bb:46:30:3b:e7:5a:a8:8b:3a:29: 2a:59:42:43:7e:80:6a:9a:41:ac:a6:c8:92:eb:6a: e3:25:eb:07:3d:46:c5:00:ee:5f:a7:25:e7:94:08: 1b:d8:b2:22:20:87:f7:d9:61:67:07:64:15:aa:44: 0d:58:9f:79:ce:86:1f:c3:fc:68:e8:ab:4e:d1:51: c0:b7:3d:ba:b6:88:33:aa:43:73:0d:dd:81:8e:00: 7d:75:a0:f7:76:d1:32:fc:c9:56:95:ef:d0:8c:3d: 79:1c:95:d5:a2:06:32:a2:65:bb:79:43:30:a9:1b: b3:ab:72:f1:c1:a5:38:3d:f1:9d:e3:a8:c0:61:49: d4:c6:25:3e:40:ab:df:03:36:03:bf:08:c7:76:3c: 4b:bb:e0:8d:4a:d7:fd:16:5e:f4:64:89:95:d4:36: fc:0d:a1:2c:51:a9:cb:6d:ca:2d:32:9c:24:0f:0f: 2d:db:31:bc:c7:b4:36:6b:41:69:50:7c:9b:dc:96: 66:d8:f9:7d:53:c5:14:35:c5:53:ad:c9:55:c8:df: 28:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:84:CD:D7:B3:67:35:3F:43:C1:F2:51:8F:A8:35:5C:43:46:9B:6E X509v3 Authority Key Identifier: keyid:85:F3:BF:D1:A1:40:90:C4:82:9A:5A:31:3A:4D:31:F9:CC:8F:31:2F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/hfO_0aFAkMSCmloxOk0x-cyPMS8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/kITN17NnNT9DwfJRj6g1XENGm24.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 112.73.32.0/19 Signature Algorithm: sha256WithRSAEncryption b8:bc:6e:af:8f:ba:e3:be:11:f5:72:02:44:8e:a8:ea:2d:96: 1a:1a:6f:15:95:04:4c:0d:55:f4:10:86:33:f4:28:d0:32:43: 60:eb:55:49:c4:76:78:9a:7a:51:10:69:23:f2:0f:c3:d9:ba: 27:ba:e2:ed:13:47:98:85:86:78:ce:29:3f:88:64:8e:10:78: e9:38:67:bb:04:e5:c2:ad:52:fb:a5:88:83:2e:cd:cf:c6:40: 99:6c:0d:7d:c7:25:89:c1:be:5b:78:0b:10:f6:98:45:96:cf: 1e:71:70:63:0a:b0:f0:6f:82:55:1f:fa:a9:4e:f1:9e:75:f7: c7:ab:1f:45:c6:f5:88:22:5d:21:b8:0f:68:69:7c:cd:2b:93: 35:e1:34:75:24:44:f2:eb:49:e5:c0:0e:e2:bb:60:ad:ac:89: 3e:bd:7c:0a:76:83:8e:2c:76:ff:a7:56:02:4c:38:95:75:9d: 37:33:26:c9:d3:14:19:8e:f9:55:90:71:58:48:b0:16:aa:76: 58:63:4b:f1:00:b9:54:11:dd:07:2b:f2:37:42:7d:65:ba:21: b3:f1:71:2c:32:06:49:ab:c7:2f:c6:53:83:1a:d3:1e:bc:60: 1d:97:d4:b9:22:12:d5:24:71:ac:c1:79:ac:41:a9:98:9c:2a: ba:c7:2f:31 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGVQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODVG M0JGRDFBMTQwOTBDNDgyOUE1QTMxM0E0RDMxRjlDQzhGMzEyRjAeFw0yNDA5MDYw MTU1NDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwODRDREQ3QjM2NzM1 M0Y0M0MxRjI1MThGQTgzNTVDNDM0NjlCNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDetOn6BW7qtgE4FDMjxOKM0jXkyzlx5A1zdPMtOGxIODfeasGp eTCszswvxkHGtZk4u0YwO+daqIs6KSpZQkN+gGqaQaymyJLrauMl6wc9RsUA7l+n JeeUCBvYsiIgh/fZYWcHZBWqRA1Yn3nOhh/D/Gjoq07RUcC3Pbq2iDOqQ3MN3YGO AH11oPd20TL8yVaV79CMPXkcldWiBjKiZbt5QzCpG7OrcvHBpTg98Z3jqMBhSdTG JT5Aq98DNgO/CMd2PEu74I1K1/0WXvRkiZXUNvwNoSxRqcttyi0ynCQPDy3bMbzH tDZrQWlQfJvclmbY+X1TxRQ1xVOtyVXI3yirAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUkITN17NnNT9DwfJRj6g1XENGm24wHwYDVR0jBBgwFoAUhfO/0aFAkMSCmlox Ok0x+cyPMS8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEy L2hmT18wYUZBa01TQ21sb3hPazB4LWN5UE1TOC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvaGZPXzBhRkFrTVNDbWxveE9rMHgtY3lQTVM4LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEyL2tJVE4xN05uTlQ5RHdm SlJqNmcxWEVOR20yNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAVwSSAwDQYJKoZIhvcNAQELBQADggEBALi8bq+PuuO+EfVyAkSOqOotlhoabxWV BEwNVfQQhjP0KNAyQ2DrVUnEdniaelEQaSPyD8PZuie64u0TR5iFhnjOKT+IZI4Q eOk4Z7sE5cKtUvuliIMuzc/GQJlsDX3HJYnBvlt4CxD2mEWWzx5xcGMKsPBvglUf +qlO8Z5198erH0XG9YgiXSG4D2hpfM0rkzXhNHUkRPLrSeXADuK7YK2siT69fAp2 g44sdv+nVgJMOJV1nTczJsnTFBmO+VWQcVhIsBaqdlhjS/EAuVQR3Qcr8jdCfWW6 IbPxcSwyBkmrxy/GU4Ma0x68YB2X1LkiEtUkcazBeaxBqZicKrrHLzE= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:10 2024 by rpki-client on console-fra.rpki-client.org