$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/312/ynIw3K0beo2o8_quJoSn237kayI.roa File: ynIw3K0beo2o8_quJoSn237kayI.roa (raw, json) Hash identifier: Qsx9O+fM14gWY4ltkpIpWfNY6tK8QWOnvVA/6W630Ug= Subject key identifier: CA:72:30:DC:AD:1B:7A:8D:A8:F3:FA:AE:26:84:A7:DB:7E:E4:6B:22 Certificate issuer: /CN=85F3BFD1A14090C4829A5A313A4D31F9CC8F312F Certificate serial: 15E4 Authority key identifier: 85:F3:BF:D1:A1:40:90:C4:82:9A:5A:31:3A:4D:31:F9:CC:8F:31:2F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/ynIw3K0beo2o8_quJoSn237kayI.roa Signing time: Wed 13 Mar 2024 01:21:01 +0000 ROA not before: Wed 13 Mar 2024 01:21:01 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 134764 IP address blocks: 120.31.164.0/22 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/hfO_0aFAkMSCmloxOk0x-cyPMS8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/hfO_0aFAkMSCmloxOk0x-cyPMS8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:21:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5604 (0x15e4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85F3BFD1A14090C4829A5A313A4D31F9CC8F312F Validity Not Before: Mar 13 01:21:01 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=CA7230DCAD1B7A8DA8F3FAAE2684A7DB7EE46B22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:b7:ae:2c:7a:38:d4:3c:01:cf:09:e7:6e:2f: 51:5c:20:14:6f:6e:86:ba:7f:2f:82:27:7b:53:0a: e5:33:de:2d:cb:6f:79:df:f7:bd:db:aa:b4:50:40: 04:07:d2:51:2c:dc:61:ce:3f:d1:22:a2:da:37:e1: 8c:03:04:c6:5f:ee:de:80:fe:52:08:9a:d1:fe:e9: 58:65:d8:0d:c7:63:68:32:dc:f8:b4:c4:b0:1c:c0: 15:39:39:b5:ee:f9:19:ee:ea:b1:fc:37:18:a7:7e: 38:10:75:6f:13:b6:38:44:f6:b1:93:3a:9a:8a:a1: 38:f0:45:8b:70:8f:2d:c3:0d:c7:70:94:ff:d2:5b: 10:54:d4:99:ec:48:37:0e:50:ce:d8:40:83:5c:68: dd:e1:9e:86:3e:79:16:e4:76:07:46:d2:dd:d9:32: 79:c7:50:41:f1:f2:68:99:6a:be:9c:87:25:e6:c6: eb:d1:7b:cf:33:a6:bf:57:9a:a1:07:6b:a3:df:66: 99:14:1d:28:54:b9:c3:32:d9:48:c0:0a:57:38:a7: ca:ff:f5:43:4f:d9:dc:63:c8:c9:4e:09:8e:b5:c1: bb:e9:f1:99:c8:35:52:d8:08:a7:fb:1e:99:81:95: c3:d7:9d:48:80:98:63:ce:3c:d9:c2:45:5a:d6:db: 08:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:72:30:DC:AD:1B:7A:8D:A8:F3:FA:AE:26:84:A7:DB:7E:E4:6B:22 X509v3 Authority Key Identifier: keyid:85:F3:BF:D1:A1:40:90:C4:82:9A:5A:31:3A:4D:31:F9:CC:8F:31:2F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/hfO_0aFAkMSCmloxOk0x-cyPMS8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/ynIw3K0beo2o8_quJoSn237kayI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 120.31.164.0/22 Signature Algorithm: sha256WithRSAEncryption b2:fb:05:5e:0e:4f:ce:4e:3d:4b:55:43:03:10:58:be:fc:49: 6a:2c:5a:fd:96:53:70:53:e1:90:81:34:3c:db:c9:10:ba:48: 1c:34:6b:8f:92:d5:9c:60:d9:36:b6:62:13:3b:4f:7e:b4:ca: 46:54:10:ec:67:c3:03:18:c2:35:df:2c:7b:89:5c:90:8e:6d: b4:35:5e:c5:bd:dd:e2:02:cc:48:29:4b:5f:48:47:af:a9:3e: 68:c5:cb:66:3b:df:67:9f:77:96:06:ab:26:d7:1f:0b:9f:85: 1a:0b:83:69:e2:b1:4f:41:fb:ae:25:ec:2a:01:ae:df:5a:1d: a8:4d:a5:2c:5b:21:df:85:29:55:94:db:67:a2:f8:cb:b6:95: d1:03:39:62:d1:c3:08:f8:58:99:d7:ca:bd:97:e8:ac:a3:21: 48:3e:04:11:12:85:ce:60:c0:95:38:26:c2:2b:e3:55:1c:ea: b5:88:f4:84:7c:e0:01:17:e3:c7:2c:8d:41:b5:80:f5:2d:fc: 64:08:1b:53:d4:21:df:8e:9e:d5:d2:65:e7:db:2b:a8:1e:a7: f4:00:47:1b:f5:b8:fd:26:b2:88:92:e5:15:18:14:a3:7b:7c: 17:e4:48:16:e2:fd:d3:17:d7:68:2c:69:76:b7:9c:44:b3:35: 01:9f:4f:03 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFeQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODVG M0JGRDFBMTQwOTBDNDgyOUE1QTMxM0E0RDMxRjlDQzhGMzEyRjAeFw0yNDAzMTMw MTIxMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENBNzIzMERDQUQxQjdB OERBOEYzRkFBRTI2ODRBN0RCN0VFNDZCMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGt64sejjUPAHPCeduL1FcIBRvboa6fy+CJ3tTCuUz3i3Lb3nf 973bqrRQQAQH0lEs3GHOP9Eioto34YwDBMZf7t6A/lIImtH+6Vhl2A3HY2gy3Pi0 xLAcwBU5ObXu+Rnu6rH8NxinfjgQdW8TtjhE9rGTOpqKoTjwRYtwjy3DDcdwlP/S WxBU1JnsSDcOUM7YQINcaN3hnoY+eRbkdgdG0t3ZMnnHUEHx8miZar6chyXmxuvR e88zpr9XmqEHa6PfZpkUHShUucMy2UjAClc4p8r/9UNP2dxjyMlOCY61wbvp8ZnI NVLYCKf7HpmBlcPXnUiAmGPOPNnCRVrW2wiFAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUynIw3K0beo2o8/quJoSn237kayIwHwYDVR0jBBgwFoAUhfO/0aFAkMSCmlox Ok0x+cyPMS8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEy L2hmT18wYUZBa01TQ21sb3hPazB4LWN5UE1TOC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvaGZPXzBhRkFrTVNDbWxveE9rMHgtY3lQTVM4LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEyL3luSXczSzBiZW8ybzhf cXVKb1NuMjM3a2F5SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ4H6QwDQYJKoZIhvcNAQELBQADggEBALL7BV4OT85OPUtVQwMQWL78SWosWv2W U3BT4ZCBNDzbyRC6SBw0a4+S1Zxg2Ta2YhM7T360ykZUEOxnwwMYwjXfLHuJXJCO bbQ1XsW93eICzEgpS19IR6+pPmjFy2Y732efd5YGqybXHwufhRoLg2nisU9B+64l 7CoBrt9aHahNpSxbId+FKVWU22ei+Mu2ldEDOWLRwwj4WJnXyr2X6KyjIUg+BBES hc5gwJU4JsIr41Uc6rWI9IR84AEX48csjUG1gPUt/GQIG1PUId+OntXSZefbK6ge p/QARxv1uP0msoiS5RUYFKN7fBfkSBbi/dMX12gsaXa3nESzNQGfTwM= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:44 2024 by rpki-client on console-ams.rpki-client.org