$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/gY1QWEuD4LsooTe6TT5BeIwzZbg.roa File: gY1QWEuD4LsooTe6TT5BeIwzZbg.roa (raw, json) Hash identifier: 3o9A7+Lp2jKIC3PyVWEXuCzjAMOqBBvvneo8+HDg74A= Subject key identifier: 81:8D:50:58:4B:83:E0:BB:28:A1:37:BA:4D:3E:41:78:8C:33:65:B8 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 125A Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/gY1QWEuD4LsooTe6TT5BeIwzZbg.roa Signing time: Wed 21 Aug 2024 13:13:32 +0000 ROA not before: Wed 21 Aug 2024 13:13:32 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 398704 IP address blocks: 180.223.252.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4698 (0x125a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Aug 21 13:13:32 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=818D50584B83E0BB28A137BA4D3E41788C3365B8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:26:47:03:43:9e:16:4a:73:36:f2:c5:2d:f3: 5e:d9:1e:c9:42:7c:1b:03:f9:ea:05:1b:ed:0b:07: f0:f2:e6:8c:f0:31:cc:9b:a0:7e:c1:27:d8:8f:72: 2f:97:8f:5f:41:94:c3:3a:15:ef:b7:93:14:2f:e2: 08:7f:7a:f5:c1:e5:b7:40:d5:e6:67:c3:fd:12:8e: 96:0f:61:57:a8:60:60:ea:f8:7a:ac:b7:f8:03:62: 72:ea:fb:be:7c:19:52:dd:8e:41:26:1e:99:1b:bf: 6b:ee:5e:35:68:ad:8c:a3:de:07:99:5a:64:15:49: 14:6b:59:95:d6:71:84:e1:9c:b8:cb:1d:0b:bc:38: 81:8c:5b:3c:c2:84:ea:c3:d2:db:cc:0e:08:f7:9b: 1c:ce:a6:c0:69:49:3e:f3:8f:18:21:1a:28:87:1e: fc:8a:27:92:23:4f:08:16:c3:bc:95:f5:77:05:84: 42:06:fd:8b:56:0a:6d:5e:58:a2:de:a9:56:0e:95: 23:df:97:af:0f:ec:81:f3:80:31:df:59:e0:e0:99: e5:43:4d:39:65:96:ee:78:ab:35:5d:47:aa:23:32: b3:8d:ed:3b:25:02:f9:f8:e0:52:47:fe:d2:44:c3: ad:88:54:35:48:72:68:e2:d3:01:ec:22:cb:43:a1: 47:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:8D:50:58:4B:83:E0:BB:28:A1:37:BA:4D:3E:41:78:8C:33:65:B8 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/gY1QWEuD4LsooTe6TT5BeIwzZbg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.252.0/22 Signature Algorithm: sha256WithRSAEncryption bf:44:c1:6c:d0:9b:60:64:27:46:10:cf:29:94:c0:c5:8e:26: 4d:de:6d:34:24:37:14:00:16:c0:df:6f:a8:0a:f2:d6:15:a0: e9:55:39:d7:99:a2:44:fa:48:fa:34:df:06:91:39:8a:64:97: ea:7b:ef:c9:b4:56:42:94:cd:b0:c2:01:cb:50:ed:77:95:da: 2b:ee:5a:a0:2f:ec:54:4b:7f:f9:3d:c6:ae:77:32:14:08:4f: d9:db:60:80:c3:f8:19:05:b7:50:91:f6:68:58:11:11:18:94: 35:55:c6:b6:97:49:c8:9f:3c:82:a0:2b:ab:3b:67:20:97:0d: 36:0c:41:20:ff:f8:ec:62:34:35:ac:ce:b2:4a:a5:12:4d:55: 49:08:33:a4:9c:22:ed:af:a7:b7:85:84:2c:8b:9b:92:38:78: 44:d3:31:37:4d:19:1c:91:e1:d8:fc:6a:f8:78:75:19:8a:90: e5:cb:8f:fe:a2:9f:42:71:96:ab:19:06:88:f7:fe:71:40:62: f2:be:69:2f:0d:b1:f9:25:c9:43:19:2a:ad:1f:1c:d0:2f:23: bc:2a:b1:34:be:a4:e3:57:d2:c8:75:39:74:9b:3f:12:99:fd: 6f:a1:d9:06:65:89:85:c2:1f:68:4c:6a:41:d8:69:ad:3c:f9: a3:c7:6f:37 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICElowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDA4MjEx MzEzMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgxOEQ1MDU4NEI4M0Uw QkIyOEExMzdCQTREM0U0MTc4OEMzMzY1QjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWJkcDQ54WSnM28sUt817ZHslCfBsD+eoFG+0LB/Dy5ozwMcyb oH7BJ9iPci+Xj19BlMM6Fe+3kxQv4gh/evXB5bdA1eZnw/0SjpYPYVeoYGDq+Hqs t/gDYnLq+758GVLdjkEmHpkbv2vuXjVorYyj3geZWmQVSRRrWZXWcYThnLjLHQu8 OIGMWzzChOrD0tvMDgj3mxzOpsBpST7zjxghGiiHHvyKJ5IjTwgWw7yV9XcFhEIG /YtWCm1eWKLeqVYOlSPfl68P7IHzgDHfWeDgmeVDTTlllu54qzVdR6ojMrON7Tsl Avn44FJH/tJEw62IVDVIcmji0wHsIstDoUfhAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUgY1QWEuD4LsooTe6TT5BeIwzZbgwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvZ1kxUVdFdUQ0THNv b1RlNlRUNUJlSXd6WmJnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArTf/DANBgkqhkiG9w0BAQsFAAOCAQEAv0TBbNCbYGQnRhDPKZTAxY4mTd5t NCQ3FAAWwN9vqAry1hWg6VU515miRPpI+jTfBpE5imSX6nvvybRWQpTNsMIBy1Dt d5XaK+5aoC/sVEt/+T3GrncyFAhP2dtggMP4GQW3UJH2aFgRERiUNVXGtpdJyJ88 gqArqztnIJcNNgxBIP/47GI0NazOskqlEk1VSQgzpJwi7a+nt4WELIubkjh4RNMx N00ZHJHh2Pxq+Hh1GYqQ5cuP/qKfQnGWqxkGiPf+cUBi8r5pLw2x+SXJQxkqrR8c 0C8jvCqxNL6k41fSyHU5dJs/Epn9b6HZBmWJhcIfaExqQdhprTz5o8dvNw== -----END CERTIFICATE-----Generated at Fri Nov 22 06:38:11 2024 by rpki-client on console-ams.rpki-client.org