$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/Zxfwg1jqSXYUk_Dudf_0uN6d554.roa File: Zxfwg1jqSXYUk_Dudf_0uN6d554.roa (raw, json) Hash identifier: 8aUTqunXY7vdfyiinZg7j4FNYNmCbkTFe/7GxfrX/BM= Subject key identifier: 67:17:F0:83:58:EA:49:76:14:93:F0:EE:75:FF:F4:B8:DE:9D:E7:9E Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1244 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/Zxfwg1jqSXYUk_Dudf_0uN6d554.roa Signing time: Tue 20 Aug 2024 12:56:42 +0000 ROA not before: Tue 20 Aug 2024 12:56:42 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 7018 IP address blocks: 180.223.64.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 02:23:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4676 (0x1244) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Aug 20 12:56:42 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=6717F08358EA49761493F0EE75FFF4B8DE9DE79E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:2c:34:5c:df:ae:e7:b6:d1:48:6d:7d:eb:2c: 87:ab:6a:02:5b:3a:a7:19:e9:53:63:7a:07:a2:db: e5:a6:e7:f0:70:80:ff:6f:c8:63:cc:5c:ef:e5:02: b4:cd:8b:35:ea:82:eb:57:1f:4a:e8:c1:ee:ea:73: 27:4c:84:7f:39:14:c8:1c:65:86:38:48:e7:d3:d9: 26:cc:9a:f1:65:ef:a7:3f:37:61:75:58:75:33:cf: c8:d3:5b:fb:ca:ad:47:8e:39:f6:bc:ab:e0:0c:5b: a4:f2:e1:8c:fb:78:4b:47:c5:bd:cd:48:f5:bf:ce: 41:fc:98:e6:48:22:32:df:03:ea:c0:3d:53:5f:73: 44:3e:df:53:3b:7d:ba:5e:8f:6d:6e:8f:dd:d4:e9: 0d:93:dc:33:f6:6b:c1:62:7d:fc:4e:8c:43:4c:d4: 87:57:39:9c:6c:92:63:be:2d:06:2d:01:fa:ab:d0: 98:8c:9c:d8:22:02:78:28:99:d4:18:98:97:b2:0f: 93:86:16:a3:f9:03:fc:97:28:3a:17:ee:cb:64:95: 8a:03:59:c5:29:8b:93:3f:88:5a:d0:7b:b5:33:f4: 5e:49:4d:c4:0e:c7:54:26:ae:78:94:35:57:34:3c: 82:8f:4f:36:9e:aa:2b:ae:13:66:0e:e0:37:1e:f6: a1:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:17:F0:83:58:EA:49:76:14:93:F0:EE:75:FF:F4:B8:DE:9D:E7:9E X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/Zxfwg1jqSXYUk_Dudf_0uN6d554.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.64.0/21 Signature Algorithm: sha256WithRSAEncryption a6:2d:b4:f1:64:b8:91:5d:c4:59:ec:0e:e5:fe:13:9b:c5:1a: 2c:42:ed:c8:83:c6:54:5e:df:91:b1:21:88:ad:a1:13:80:db: 92:bd:7e:40:26:cc:85:e6:ed:ae:4f:19:da:0f:af:e6:8a:cf: 68:17:66:95:73:29:e5:40:94:d5:fd:a4:83:b3:7e:36:0e:4f: 2b:6c:f5:f0:3a:ee:c3:0f:1f:6e:8a:6a:77:cc:97:88:d7:92: 70:9c:bf:cd:17:07:13:2f:5e:0d:fd:69:cc:5d:43:f0:e6:da: d7:f2:e6:46:46:e9:13:de:2c:a7:ee:f7:6f:47:5d:fd:b2:a8: 41:89:86:63:63:f4:91:9a:76:8f:d9:52:25:32:5d:d1:8f:cd: cf:ab:95:ec:d7:84:e7:2b:07:94:5d:4e:22:51:42:c7:17:5f: be:b1:08:84:04:93:c8:a1:83:52:38:67:21:32:e2:0f:c5:53: 92:b9:f9:e4:1b:02:11:41:40:9e:ce:de:bc:97:e5:2d:79:ee: 49:0f:c9:66:65:31:9e:9f:c5:8e:f2:f7:fc:64:96:e6:b8:57: 36:f2:78:26:b3:d3:1c:3d:7b:20:2e:bf:cd:e7:f5:74:31:7a: 89:49:f7:de:70:2c:ad:fd:f1:ec:d4:e9:a5:57:04:bd:51:cc: 1e:9f:84:02 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEkQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDA4MjAx MjU2NDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY3MTdGMDgzNThFQTQ5 NzYxNDkzRjBFRTc1RkZGNEI4REU5REU3OUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+LDRc367nttFIbX3rLIeragJbOqcZ6VNjegei2+Wm5/BwgP9v yGPMXO/lArTNizXqgutXH0rowe7qcydMhH85FMgcZYY4SOfT2SbMmvFl76c/N2F1 WHUzz8jTW/vKrUeOOfa8q+AMW6Ty4Yz7eEtHxb3NSPW/zkH8mOZIIjLfA+rAPVNf c0Q+31M7fbpej21uj93U6Q2T3DP2a8FiffxOjENM1IdXOZxskmO+LQYtAfqr0JiM nNgiAngomdQYmJeyD5OGFqP5A/yXKDoX7stklYoDWcUpi5M/iFrQe7Uz9F5JTcQO x1QmrniUNVc0PIKPTzaeqiuuE2YO4Dce9qEPAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUZxfwg1jqSXYUk/Dudf/0uN6d554wHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvWnhmd2cxanFTWFlV a19EdWRmXzB1TjZkNTU0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7TfQDANBgkqhkiG9w0BAQsFAAOCAQEApi208WS4kV3EWewO5f4Tm8UaLELt yIPGVF7fkbEhiK2hE4Dbkr1+QCbMhebtrk8Z2g+v5orPaBdmlXMp5UCU1f2kg7N+ Ng5PK2z18Druww8fbopqd8yXiNeScJy/zRcHEy9eDf1pzF1D8Oba1/LmRkbpE94s p+73b0dd/bKoQYmGY2P0kZp2j9lSJTJd0Y/Nz6uV7NeE5ysHlF1OIlFCxxdfvrEI hASTyKGDUjhnITLiD8VTkrn55BsCEUFAns7evJflLXnuSQ/JZmUxnp/FjvL3/GSW 5rhXNvJ4JrPTHD17IC6/zef1dDF6iUn33nAsrf3x7NTppVcEvVHMHp+EAg== -----END CERTIFICATE-----Generated at Fri Nov 22 02:02:47 2024 by rpki-client on console-ams.rpki-client.org