$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/3AKrpxxeglOhG4NWeRWZqa8rz_I.roa File: 3AKrpxxeglOhG4NWeRWZqa8rz_I.roa (raw, json) Hash identifier: eqyGLVFAv/pYgI7DkQIsWOP7fHw7K6nVhVWVtb1B66M= Subject key identifier: DC:02:AB:A7:1C:5E:82:53:A1:1B:83:56:79:15:99:A9:AF:2B:CF:F2 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1250 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/3AKrpxxeglOhG4NWeRWZqa8rz_I.roa Signing time: Tue 20 Aug 2024 12:56:46 +0000 ROA not before: Tue 20 Aug 2024 12:56:46 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 7018 IP address blocks: 180.223.104.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 03:52:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4688 (0x1250) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Aug 20 12:56:46 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=DC02ABA71C5E8253A11B8356791599A9AF2BCFF2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:ca:38:26:d0:3c:63:72:f6:46:83:35:14:85: f7:0c:d7:75:f9:46:43:28:22:05:53:47:bd:dc:06: e1:1a:9b:ed:79:35:53:82:73:3c:b2:7b:51:8b:ec: e8:86:ee:67:09:fb:88:5f:52:48:18:47:d6:75:06: 50:37:94:30:ea:0e:a7:47:53:fc:f8:65:46:c8:58: 2d:e6:7b:4b:f8:31:8e:43:15:1e:36:40:f2:c0:31: e9:e7:a4:ce:3c:9c:bb:b6:4e:d9:39:b4:87:ad:d0: 59:0f:69:2b:6c:26:cc:59:8a:07:3f:a8:91:69:f2: c3:1a:0f:6e:6b:c9:b7:68:2e:a6:88:c7:50:6c:e1: 92:46:79:aa:6f:05:7a:66:ab:93:ad:1a:4e:86:a3: 7d:eb:a1:1d:3b:e0:a1:4a:a4:e5:0a:87:0b:28:0e: d5:d5:60:32:ef:7c:61:49:26:33:7d:ee:44:9a:62: 2a:4f:8c:ff:6e:3e:73:ff:2a:fb:7d:7b:1f:59:ac: a8:19:5d:39:4f:ef:77:2b:7c:16:20:b9:29:c5:c4: f4:5f:2e:f8:66:de:c1:2a:4d:15:7d:54:59:5b:ae: 59:63:7b:79:37:5f:57:57:eb:d5:4a:15:da:b3:08: 41:e4:0d:c1:26:dd:e4:f2:3c:b8:9a:d6:f9:fa:66: 3a:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:02:AB:A7:1C:5E:82:53:A1:1B:83:56:79:15:99:A9:AF:2B:CF:F2 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/3AKrpxxeglOhG4NWeRWZqa8rz_I.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.104.0/21 Signature Algorithm: sha256WithRSAEncryption a9:6b:19:ae:93:18:0a:5a:28:5b:e7:46:84:f1:fd:5a:2a:7c: 09:83:58:ed:cc:32:38:e8:9b:0e:88:38:8d:ef:56:c2:12:26: 44:80:0c:31:4f:45:b9:46:90:41:94:62:09:34:fc:60:d6:ba: d3:a9:6b:2f:0e:9e:8e:ac:8d:77:b6:4a:b5:c4:bd:30:ac:7d: 2b:a8:d7:1f:bb:15:70:b5:06:a2:ed:4b:1c:e6:da:c5:2c:f9: 07:0a:02:8f:4f:54:7b:e7:5a:3b:43:6d:b2:b2:44:cf:88:15: 66:6c:cc:e9:ea:f3:d3:fe:ac:a7:e5:10:58:82:0f:c1:f5:a9: b5:23:7f:70:35:90:85:02:0f:fd:7a:d0:4a:22:17:f6:16:93: 1a:3a:12:c9:73:9b:5e:45:b9:dd:85:16:2b:9c:34:cf:cb:e7: 15:6b:de:76:1d:cf:ed:fd:4f:7e:3f:8d:f6:6f:d8:13:1d:7b: 8c:81:42:5a:de:4b:c3:ac:3d:f3:87:b1:10:bc:c0:0e:00:c8: f3:83:a7:67:c4:f2:8d:c0:33:0a:bd:f6:53:f5:85:bb:e2:c4: dc:16:5a:07:c3:46:91:00:14:2a:69:21:b6:d5:d7:86:2d:d4: 42:d2:9d:67:41:f5:ef:e3:8f:b7:db:13:57:1c:36:bc:2c:bf: f4:4f:4b:ae -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICElAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDA4MjAx MjU2NDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERDMDJBQkE3MUM1RTgy NTNBMTFCODM1Njc5MTU5OUE5QUYyQkNGRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDqyjgm0DxjcvZGgzUUhfcM13X5RkMoIgVTR73cBuEam+15NVOC czyye1GL7OiG7mcJ+4hfUkgYR9Z1BlA3lDDqDqdHU/z4ZUbIWC3me0v4MY5DFR42 QPLAMennpM48nLu2Ttk5tIet0FkPaStsJsxZigc/qJFp8sMaD25rybdoLqaIx1Bs 4ZJGeapvBXpmq5OtGk6Go33roR074KFKpOUKhwsoDtXVYDLvfGFJJjN97kSaYipP jP9uPnP/Kvt9ex9ZrKgZXTlP73crfBYguSnFxPRfLvhm3sEqTRV9VFlbrllje3k3 X1dX69VKFdqzCEHkDcEm3eTyPLia1vn6Zjr/AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU3AKrpxxeglOhG4NWeRWZqa8rz/IwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvM0FLcnB4eGVnbE9o RzROV2VSV1pxYThyel9JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7TfaDANBgkqhkiG9w0BAQsFAAOCAQEAqWsZrpMYClooW+dGhPH9Wip8CYNY 7cwyOOibDog4je9WwhImRIAMMU9FuUaQQZRiCTT8YNa606lrLw6ejqyNd7ZKtcS9 MKx9K6jXH7sVcLUGou1LHObaxSz5BwoCj09Ue+daO0NtsrJEz4gVZmzM6erz0/6s p+UQWIIPwfWptSN/cDWQhQIP/XrQSiIX9haTGjoSyXObXkW53YUWK5w0z8vnFWve dh3P7f1Pfj+N9m/YEx17jIFCWt5Lw6w984exELzADgDI84OnZ8TyjcAzCr32U/WF u+LE3BZaB8NGkQAUKmkhttXXhi3UQtKdZ0H17+OPt9sTVxw2vCy/9E9Lrg== -----END CERTIFICATE-----Generated at Sun Nov 24 23:59:21 2024 by rpki-client on console-fra.rpki-client.org