$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/312/pkcVefRHc892SpTt4m918JNKlrc.roa File: pkcVefRHc892SpTt4m918JNKlrc.roa (raw, json) Hash identifier: LRyTSX6Z3s8aqt+Hnazr2/yLIn5xgFlfVO38GiaQIbM= Subject key identifier: A6:47:15:79:F4:47:73:CF:76:4A:94:ED:E2:6F:75:F0:93:4A:96:B7 Certificate issuer: /CN=85F3BFD1A14090C4829A5A313A4D31F9CC8F312F Certificate serial: 15E3 Authority key identifier: 85:F3:BF:D1:A1:40:90:C4:82:9A:5A:31:3A:4D:31:F9:CC:8F:31:2F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/pkcVefRHc892SpTt4m918JNKlrc.roa Signing time: Wed 13 Mar 2024 01:21:00 +0000 ROA not before: Wed 13 Mar 2024 01:21:00 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 4515 IP address blocks: 120.31.164.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/hfO_0aFAkMSCmloxOk0x-cyPMS8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/hfO_0aFAkMSCmloxOk0x-cyPMS8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:21:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5603 (0x15e3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85F3BFD1A14090C4829A5A313A4D31F9CC8F312F Validity Not Before: Mar 13 01:21:00 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=A6471579F44773CF764A94EDE26F75F0934A96B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:66:7f:35:7d:b3:c6:65:cf:55:23:42:a9:67: 15:34:8e:12:88:ce:b9:77:01:02:73:11:0f:a0:6b: a0:6e:69:84:a2:f0:3f:a5:a9:26:8b:22:9d:bc:47: 30:93:07:8b:6e:54:b7:5d:d6:ea:e6:3e:78:ae:8e: 7f:0c:30:ea:5d:82:94:15:a6:bb:70:db:50:a6:54: 2c:9a:a3:57:7d:86:e4:b5:73:16:d5:98:99:aa:4b: f0:50:fd:3b:4c:ed:9a:29:b8:e5:9d:0d:6c:16:8a: e3:be:1c:f6:d7:70:f4:cd:e0:be:93:61:3e:b2:db: 82:92:6f:6e:b5:01:0b:7e:36:2d:df:ea:ed:6b:84: 98:61:54:28:dc:83:47:9c:64:5e:c6:32:06:c3:00: 9f:45:79:b7:15:40:b0:43:d0:29:2f:f6:56:99:03: 9b:48:80:ae:54:8e:96:f5:c1:3e:3b:6b:7e:5f:2e: d6:10:e2:30:50:28:f3:0c:a7:86:01:74:a7:7f:0a: 39:d1:5c:26:f8:59:30:82:61:23:43:c1:e9:00:ad: fb:e6:7c:8f:50:36:9e:78:22:ca:04:b9:b0:27:68: 8b:46:1e:59:3c:ac:11:dd:d7:0b:d2:d9:8c:b1:eb: ac:ae:d0:72:2e:0e:c3:0f:6f:1d:31:c3:b7:d0:5f: 94:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:47:15:79:F4:47:73:CF:76:4A:94:ED:E2:6F:75:F0:93:4A:96:B7 X509v3 Authority Key Identifier: keyid:85:F3:BF:D1:A1:40:90:C4:82:9A:5A:31:3A:4D:31:F9:CC:8F:31:2F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/hfO_0aFAkMSCmloxOk0x-cyPMS8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/pkcVefRHc892SpTt4m918JNKlrc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 120.31.164.0/22 Signature Algorithm: sha256WithRSAEncryption 49:aa:df:fc:bb:e2:f1:eb:46:f8:d4:23:2c:3e:07:ba:f4:52: 24:0f:a3:13:2f:50:a8:ea:77:c7:58:ba:bd:a9:0e:c0:28:cb: 1d:c6:df:7d:82:c1:f7:55:ed:92:bf:30:d1:41:98:d5:07:c5: 1b:44:51:f6:ba:a0:c6:df:ce:3c:30:fe:27:40:f5:b7:3e:1d: 2f:21:6b:0e:94:1a:d6:1d:6e:43:be:0e:e2:da:b9:af:1e:ed: 61:6d:bd:5a:6d:71:3c:1b:c5:d0:d8:3c:37:9f:1c:97:ca:4e: 88:9e:e0:e7:9b:28:04:67:5d:66:8e:5c:82:a0:14:32:ad:2f: 6f:c1:e3:ba:cb:5a:be:09:57:bb:86:1e:f4:7b:06:f8:f7:2c: 1a:d6:99:25:70:e4:60:62:71:14:f8:13:ad:31:88:c7:13:33: 88:9e:73:d2:5c:d0:f8:b6:a4:92:29:d0:48:ea:ee:af:64:f9: 91:72:9b:1b:bf:57:a2:10:b6:02:c1:01:67:d0:14:39:7d:38: db:46:80:44:1f:88:ca:61:40:ad:f2:92:37:10:5f:82:1f:26: e6:79:ad:91:df:0f:02:4d:f1:03:a5:c6:da:d6:00:65:1d:23: 5a:eb:0c:10:9c:5d:0d:ae:3f:e4:91:8f:be:94:48:d5:f7:88: 37:f9:b2:4d -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFeMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODVG M0JGRDFBMTQwOTBDNDgyOUE1QTMxM0E0RDMxRjlDQzhGMzEyRjAeFw0yNDAzMTMw MTIxMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE2NDcxNTc5RjQ0Nzcz Q0Y3NjRBOTRFREUyNkY3NUYwOTM0QTk2QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQZn81fbPGZc9VI0KpZxU0jhKIzrl3AQJzEQ+ga6BuaYSi8D+l qSaLIp28RzCTB4tuVLdd1urmPniujn8MMOpdgpQVprtw21CmVCyao1d9huS1cxbV mJmqS/BQ/TtM7ZopuOWdDWwWiuO+HPbXcPTN4L6TYT6y24KSb261AQt+Ni3f6u1r hJhhVCjcg0ecZF7GMgbDAJ9FebcVQLBD0Ckv9laZA5tIgK5Ujpb1wT47a35fLtYQ 4jBQKPMMp4YBdKd/CjnRXCb4WTCCYSNDwekArfvmfI9QNp54IsoEubAnaItGHlk8 rBHd1wvS2Yyx66yu0HIuDsMPbx0xw7fQX5RjAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUpkcVefRHc892SpTt4m918JNKlrcwHwYDVR0jBBgwFoAUhfO/0aFAkMSCmlox Ok0x+cyPMS8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEy L2hmT18wYUZBa01TQ21sb3hPazB4LWN5UE1TOC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvaGZPXzBhRkFrTVNDbWxveE9rMHgtY3lQTVM4LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEyL3BrY1ZlZlJIYzg5MlNw VHQ0bTkxOEpOS2xyYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ4H6QwDQYJKoZIhvcNAQELBQADggEBAEmq3/y74vHrRvjUIyw+B7r0UiQPoxMv UKjqd8dYur2pDsAoyx3G332CwfdV7ZK/MNFBmNUHxRtEUfa6oMbfzjww/idA9bc+ HS8haw6UGtYdbkO+DuLaua8e7WFtvVptcTwbxdDYPDefHJfKToie4OebKARnXWaO XIKgFDKtL2/B47rLWr4JV7uGHvR7Bvj3LBrWmSVw5GBicRT4E60xiMcTM4iec9Jc 0Pi2pJIp0Ejq7q9k+ZFymxu/V6IQtgLBAWfQFDl9ONtGgEQfiMphQK3ykjcQX4If JuZ5rZHfDwJN8QOlxtrWAGUdI1rrDBCcXQ2uP+SRj76USNX3iDf5sk0= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:44 2024 by rpki-client on console-ams.rpki-client.org