$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/c_xK-3L1H5aq4hkqGimx6fiNR34.roa File: c_xK-3L1H5aq4hkqGimx6fiNR34.roa (raw, json) Hash identifier: S3I+CTElceBgERjFByP02U9n9x51lrs9o7yUJBeBIuo= Subject key identifier: 73:FC:4A:FB:72:F5:1F:96:AA:E2:19:2A:1A:29:B1:E9:F8:8D:47:7E Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1246 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/c_xK-3L1H5aq4hkqGimx6fiNR34.roa Signing time: Tue 20 Aug 2024 12:56:43 +0000 ROA not before: Tue 20 Aug 2024 12:56:43 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 984 IP address blocks: 180.223.126.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 06:23:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4678 (0x1246) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Aug 20 12:56:43 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=73FC4AFB72F51F96AAE2192A1A29B1E9F88D477E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:a6:d3:cf:5e:a2:4a:d1:d1:e1:96:2c:81:f4: 09:86:3c:01:f1:12:20:db:89:ef:1f:ad:e0:59:1e: 29:5b:9a:d8:3c:7a:c3:98:e5:2d:f3:b7:64:12:45: 02:80:25:06:3f:94:07:bd:7f:c9:29:94:98:1a:6c: 7e:0d:93:a5:0c:d8:15:31:e1:ae:1b:bf:77:f1:6b: 23:45:56:ff:5d:2f:f5:49:f4:e4:f4:f9:32:fa:70: 51:bb:68:d5:fb:fe:0e:2c:57:20:7d:c4:3a:84:54: c8:b9:47:b7:32:fe:d8:d3:39:8e:1d:42:ba:c4:34: c8:b6:4d:f1:b9:69:35:5d:52:f0:e0:d0:e3:49:c9: 9b:84:0a:84:f4:6b:2b:18:42:5d:88:12:86:0e:ce: 1c:67:c7:26:a1:ed:1a:63:cd:57:a7:5f:f0:14:f0: b7:2c:e4:e7:ec:92:ba:29:cc:17:c5:bd:95:04:8b: 91:fb:1d:f4:c7:9f:f2:e9:8b:70:ac:a4:f6:33:8e: ce:4e:de:b0:7d:11:73:34:6c:f1:04:e0:77:9d:45: f6:70:c7:cc:cd:be:0c:2a:3c:89:5a:52:d0:2c:57: b3:d9:7c:72:fe:b3:14:fd:a7:c3:9e:e8:d4:76:14: d2:53:6d:ad:e6:9c:bd:52:f0:2c:7f:99:a9:61:91: 27:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:FC:4A:FB:72:F5:1F:96:AA:E2:19:2A:1A:29:B1:E9:F8:8D:47:7E X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/c_xK-3L1H5aq4hkqGimx6fiNR34.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.126.0/24 Signature Algorithm: sha256WithRSAEncryption c1:d8:26:55:8c:c7:63:eb:40:97:d7:67:7c:31:f1:56:31:86: 40:b7:22:ae:d5:8c:6f:76:2b:1f:9f:f0:53:f5:8c:16:63:ae: ba:a9:d1:9c:9c:11:e5:92:f1:13:c3:67:f5:42:d5:94:a6:7c: 0d:73:87:ab:03:97:3c:ad:e4:5c:17:21:b2:6d:d0:af:6a:26: 6b:40:a9:be:2c:71:6a:94:d9:3e:2d:6a:aa:2c:b3:10:23:77: 1c:27:80:79:59:47:ee:9c:9b:e9:8e:3c:d1:ec:87:62:56:bb: 09:b9:e0:be:3e:7f:98:e8:81:25:46:fe:55:1f:8c:d7:b7:b4: 00:d6:1c:69:58:3d:2d:f3:a5:43:a5:cb:12:a2:cf:56:ef:f3: 89:7c:40:5d:db:50:6c:18:fe:ad:a1:8d:24:1f:11:3a:8d:48: 70:e4:97:56:96:99:28:cc:e2:19:ef:ce:04:a7:5b:c7:5d:d1: 41:02:8f:36:9f:e6:39:b2:1d:14:0b:ad:49:7e:f7:16:b9:f2: d0:c6:81:ce:2a:76:d9:a4:04:f0:26:0b:be:24:68:6a:84:cb: b9:e2:5a:47:98:0e:1d:3e:45:b1:53:cd:6a:c6:f1:70:82:8b: 9d:77:9c:02:d3:25:3a:56:2c:28:a6:55:84:81:ad:18:bb:0f: 56:fb:fb:b7 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEkYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDA4MjAx MjU2NDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDczRkM0QUZCNzJGNTFG OTZBQUUyMTkyQTFBMjlCMUU5Rjg4RDQ3N0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2ptPPXqJK0dHhliyB9AmGPAHxEiDbie8freBZHilbmtg8esOY 5S3zt2QSRQKAJQY/lAe9f8kplJgabH4Nk6UM2BUx4a4bv3fxayNFVv9dL/VJ9OT0 +TL6cFG7aNX7/g4sVyB9xDqEVMi5R7cy/tjTOY4dQrrENMi2TfG5aTVdUvDg0ONJ yZuECoT0aysYQl2IEoYOzhxnxyah7RpjzVenX/AU8Lcs5OfskropzBfFvZUEi5H7 HfTHn/Lpi3CspPYzjs5O3rB9EXM0bPEE4HedRfZwx8zNvgwqPIlaUtAsV7PZfHL+ sxT9p8Oe6NR2FNJTba3mnL1S8Cx/malhkSc5AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUc/xK+3L1H5aq4hkqGimx6fiNR34wHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvY194Sy0zTDFINWFx NGhrcUdpbXg2ZmlOUjM0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTffjANBgkqhkiG9w0BAQsFAAOCAQEAwdgmVYzHY+tAl9dnfDHxVjGGQLci rtWMb3YrH5/wU/WMFmOuuqnRnJwR5ZLxE8Nn9ULVlKZ8DXOHqwOXPK3kXBchsm3Q r2oma0CpvixxapTZPi1qqiyzECN3HCeAeVlH7pyb6Y480eyHYla7Cbngvj5/mOiB JUb+VR+M17e0ANYcaVg9LfOlQ6XLEqLPVu/ziXxAXdtQbBj+raGNJB8ROo1IcOSX VpaZKMziGe/OBKdbx13RQQKPNp/mObIdFAutSX73Frny0MaBzip22aQE8CYLviRo aoTLueJaR5gOHT5FsVPNasbxcIKLnXecAtMlOlYsKKZVhIGtGLsPVvv7tw== -----END CERTIFICATE-----Generated at Fri Nov 22 05:50:43 2024 by rpki-client on console-fra.rpki-client.org