$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/4zkWDdlmYrkToUTjEtJ4FEzEZHc.roa File: 4zkWDdlmYrkToUTjEtJ4FEzEZHc.roa (raw, json) Hash identifier: wO+nKs6Owz2/qljZvhvDLHD/IqekmywHIUGp6uGCoZE= Subject key identifier: E3:39:16:0D:D9:66:62:B9:13:A1:44:E3:12:D2:78:14:4C:C4:64:77 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 0FD8 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/4zkWDdlmYrkToUTjEtJ4FEzEZHc.roa Signing time: Thu 25 Apr 2024 12:01:18 +0000 ROA not before: Thu 25 Apr 2024 12:01:18 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 7018 IP address blocks: 180.223.64.0/21 maxlen: 24 180.223.72.0/21 maxlen: 24 180.223.80.0/21 maxlen: 24 180.223.88.0/21 maxlen: 24 180.223.96.0/22 maxlen: 24 180.223.100.0/22 maxlen: 24 180.223.104.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 May 2024 10:25:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4056 (0xfd8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Apr 25 12:01:18 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=E339160DD96662B913A144E312D278144CC46477 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:e7:df:c4:77:39:73:ee:29:1b:9f:df:14:6d: 20:7a:99:b9:11:39:e7:3a:27:b3:88:bc:80:03:6e: 63:62:2f:ce:63:da:8c:db:f0:65:a7:ca:91:0a:23: d4:40:6b:e5:b5:2c:6f:84:38:e3:38:53:ea:13:24: f5:62:a6:f8:42:61:d3:21:c2:c7:36:12:38:d1:35: 0f:52:77:b4:87:2f:cf:c3:98:db:0e:79:82:c6:9a: 89:a1:ce:77:ae:47:c0:4e:89:1f:02:91:a4:0f:78: ac:e7:d4:15:18:33:3d:7d:96:1b:52:22:ae:9b:af: 03:ac:c1:55:69:2f:dd:1c:9b:29:2e:f1:ea:db:1f: 0c:de:e1:6a:97:cc:c7:2d:71:23:ed:e6:fe:51:1e: 0e:93:50:a3:27:d7:78:14:1f:21:18:81:2d:c2:af: b6:31:10:2a:c9:16:f3:14:7e:fe:fe:a4:da:53:88: e2:03:30:30:5e:62:5e:26:c1:c6:00:25:df:f0:88: 6d:e2:4e:3e:d9:e8:37:30:5f:93:b0:af:27:eb:a2: af:b6:4d:8a:91:7e:15:e0:f1:10:2a:d8:46:c9:fc: b7:c8:c1:34:ea:14:b9:ac:a8:90:85:77:17:c6:b0: f0:00:b3:5d:eb:58:12:b2:32:3a:4c:98:42:ff:7f: b0:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:39:16:0D:D9:66:62:B9:13:A1:44:E3:12:D2:78:14:4C:C4:64:77 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/4zkWDdlmYrkToUTjEtJ4FEzEZHc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.64.0-180.223.111.255 Signature Algorithm: sha256WithRSAEncryption 5c:7d:3f:7f:1c:39:bc:5d:7e:09:98:03:1b:3c:a1:9a:46:6a: 90:9a:86:37:23:05:10:dd:56:24:71:97:14:95:23:45:c9:78: 86:07:bd:e4:ce:d9:c1:1c:a2:48:13:46:72:c6:3c:f6:c6:06: c0:ee:11:ce:32:bb:bc:ef:cb:38:09:98:dc:07:1c:8a:54:ff: 44:ae:d9:a7:2d:c2:fc:45:95:60:4a:7e:d3:a6:ae:ca:ae:50: 70:15:50:7a:dc:13:cc:2a:74:be:e3:e3:d8:3d:74:bd:39:03: a7:7d:ee:53:89:c0:d9:9c:73:c9:7f:1d:64:79:2a:11:c7:66: 53:e9:8b:3b:4a:db:6c:ef:fe:de:89:d4:27:54:a0:92:e1:d8: a8:9a:62:08:fd:bb:07:5e:97:f7:cb:8f:de:30:0d:ae:d2:3c: 20:85:04:22:ed:f5:a1:98:58:e8:61:fb:9b:ec:d0:cb:ae:86: 72:4b:37:88:42:f0:ec:b1:4c:04:0e:b1:7d:10:15:5c:1b:e0: 58:2b:63:49:8a:ac:35:6b:03:b7:af:1d:bb:8e:be:b0:28:4e: 49:b9:03:12:0e:b1:e7:e6:9b:de:ae:7a:1b:90:10:12:82:2b: 2b:b3:c3:f3:94:41:8f:4f:cd:90:a6:3f:04:78:8f:45:b4:f8: 66:43:85:99 -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgICD9gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDA0MjUx MjAxMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUzMzkxNjBERDk2NjYy QjkxM0ExNDRFMzEyRDI3ODE0NENDNDY0NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJ59/Edzlz7ikbn98UbSB6mbkROec6J7OIvIADbmNiL85j2ozb 8GWnypEKI9RAa+W1LG+EOOM4U+oTJPVipvhCYdMhwsc2EjjRNQ9Sd7SHL8/DmNsO eYLGmomhzneuR8BOiR8CkaQPeKzn1BUYMz19lhtSIq6brwOswVVpL90cmyku8erb Hwze4WqXzMctcSPt5v5RHg6TUKMn13gUHyEYgS3Cr7YxECrJFvMUfv7+pNpTiOID MDBeYl4mwcYAJd/wiG3iTj7Z6DcwX5Owryfroq+2TYqRfhXg8RAq2EbJ/LfIwTTq FLmsqJCFdxfGsPAAs13rWBKyMjpMmEL/f7CPAgMBAAGjggH7MIIB9zAdBgNVHQ4E FgQU4zkWDdlmYrkToUTjEtJ4FEzEZHcwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvNHprV0RkbG1ZcmtU b1VUakV0SjRGRXpFWkhjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEw DjAMAwQGtN9AAwQEtN9gMA0GCSqGSIb3DQEBCwUAA4IBAQBcfT9/HDm8XX4JmAMb PKGaRmqQmoY3IwUQ3VYkcZcUlSNFyXiGB73kztnBHKJIE0Zyxjz2xgbA7hHOMru8 78s4CZjcBxyKVP9ErtmnLcL8RZVgSn7Tpq7KrlBwFVB63BPMKnS+4+PYPXS9OQOn fe5TicDZnHPJfx1keSoRx2ZT6Ys7Stts7/7eidQnVKCS4diommII/bsHXpf3y4/e MA2u0jwghQQi7fWhmFjoYfub7NDLroZySzeIQvDssUwEDrF9EBVcG+BYK2NJiqw1 awO3rx27jr6wKE5JuQMSDrHn5pvernobkBASgisrs8PzlEGPT82Qpj8EeI9FtPhm Q4WZ -----END CERTIFICATE-----Generated at Sat May 18 05:20:13 2024 by rpki-client on console-fra.rpki-client.org