$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/kI1QW5z3Gz7_EVTJ21Es-pzxSos.roa File: kI1QW5z3Gz7_EVTJ21Es-pzxSos.roa (raw, json) Hash identifier: ZMT1oRzuc8lEt6/2jcIDTmesqE2C9FxObZh/imLda5U= Subject key identifier: 90:8D:50:5B:9C:F7:1B:3E:FF:11:54:C9:DB:51:2C:FA:9C:F1:4A:8B Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 0F33 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/kI1QW5z3Gz7_EVTJ21Es-pzxSos.roa Signing time: Mon 25 Mar 2024 08:12:10 +0000 ROA not before: Mon 25 Mar 2024 08:12:10 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 45250 IP address blocks: 180.223.16.0/21 maxlen: 24 180.223.24.0/21 maxlen: 24 180.223.40.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 17 May 2024 09:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3891 (0xf33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Mar 25 08:12:10 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=908D505B9CF71B3EFF1154C9DB512CFA9CF14A8B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ec:91:77:3f:6c:e7:b8:b5:c3:94:ca:54:8d: ec:b8:74:86:e3:4c:80:94:5b:6e:db:95:de:41:bc: ec:a0:32:ee:5c:e3:51:5f:c6:b2:e3:f5:82:c7:49: 8e:3e:c7:56:74:ec:d5:f0:d7:d8:15:a1:97:17:d8: a6:78:96:f0:98:3f:27:c2:3e:83:64:f1:2e:a9:b8: d6:81:ab:f0:dc:6f:ce:12:1f:91:1a:3e:9f:ca:f3: 93:cb:e7:65:30:e0:b5:1b:7b:70:13:ae:6c:c7:20: 2f:fc:d7:d1:d9:70:7f:1e:5d:f3:74:42:98:30:12: a8:ac:23:e0:fa:4d:f8:18:b8:2a:59:ee:e2:60:ef: 3c:94:dd:a9:c8:29:55:b7:9d:b6:fd:16:f0:07:a6: c6:c7:38:00:36:d9:96:ef:f1:6d:cd:5f:7f:c8:5c: fe:f7:96:95:24:d2:2b:82:1c:87:66:50:d6:39:aa: da:40:88:54:25:c8:6f:62:c5:bc:8c:86:e3:d5:3d: a1:0e:27:10:b1:e2:a9:86:58:c6:6a:d5:16:91:6f: 2c:0c:7b:49:ce:45:a7:89:31:fb:a5:39:26:de:0d: e2:88:10:56:34:d5:a5:e0:1e:77:7a:eb:b3:fd:8b: a7:97:c0:cf:46:84:4d:89:ee:6b:9d:bb:ab:7c:95: 75:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:8D:50:5B:9C:F7:1B:3E:FF:11:54:C9:DB:51:2C:FA:9C:F1:4A:8B X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/kI1QW5z3Gz7_EVTJ21Es-pzxSos.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.16.0/20 180.223.40.0/21 Signature Algorithm: sha256WithRSAEncryption 2a:ac:3f:1c:f6:b4:9c:2f:20:da:16:e0:75:b7:de:3f:b4:47: 10:cd:96:19:ac:1f:19:47:6a:4d:2c:38:e6:38:17:16:51:02: 1e:cc:36:76:18:53:e8:99:0e:2a:d2:ea:39:a9:21:40:c6:4a: 57:c0:c4:57:df:b5:e0:51:b2:3e:c4:99:96:77:e8:65:df:29: 19:3f:26:c3:97:e2:c3:43:90:10:dc:ca:a6:f8:56:55:74:bd: d4:8d:26:a2:04:dd:91:91:72:72:c7:82:24:04:14:fb:5f:96: fd:c8:15:9c:d7:43:b3:dc:6e:7e:4b:34:50:b2:10:82:62:14: 73:39:45:4b:11:ef:3e:82:ad:9e:29:03:a8:d6:f2:c3:21:06: d3:8c:54:5a:a3:37:f3:e0:2e:97:1e:9b:4e:58:4f:06:ed:5c: 8d:ee:38:8a:f1:cc:c6:7d:6a:7c:11:0c:cf:3f:bb:0e:c1:05: 23:d1:49:16:5a:94:29:a1:5e:11:00:c0:17:98:ad:c2:82:6a: 62:51:d9:85:17:01:a4:67:d3:4e:03:48:35:d5:a1:44:1e:5d: a3:03:38:18:32:63:a6:17:5b:6c:60:56:eb:53:ca:94:98:c8: dc:20:c9:0c:71:49:36:d1:8f:02:ab:dd:8c:3a:3f:28:4f:2a: 77:95:fe:81 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgICDzMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDAzMjUw ODEyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwOEQ1MDVCOUNGNzFC M0VGRjExNTRDOURCNTEyQ0ZBOUNGMTRBOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDF7JF3P2znuLXDlMpUjey4dIbjTICUW27bld5BvOygMu5c41Ff xrLj9YLHSY4+x1Z07NXw19gVoZcX2KZ4lvCYPyfCPoNk8S6puNaBq/Dcb84SH5Ea Pp/K85PL52Uw4LUbe3ATrmzHIC/819HZcH8eXfN0QpgwEqisI+D6TfgYuCpZ7uJg 7zyU3anIKVW3nbb9FvAHpsbHOAA22Zbv8W3NX3/IXP73lpUk0iuCHIdmUNY5qtpA iFQlyG9ixbyMhuPVPaEOJxCx4qmGWMZq1RaRbywMe0nORaeJMfulOSbeDeKIEFY0 1aXgHnd667P9i6eXwM9GhE2J7mudu6t8lXXvAgMBAAGjggH5MIIB9TAdBgNVHQ4E FgQUkI1QW5z3Gz7/EVTJ21Es+pzxSoswHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAva0kxUVc1ejNHejdf RVZUSjIxRXMtcHp4U29zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw DAMEBLTfEAMEA7TfKDANBgkqhkiG9w0BAQsFAAOCAQEAKqw/HPa0nC8g2hbgdbfe P7RHEM2WGawfGUdqTSw45jgXFlECHsw2dhhT6JkOKtLqOakhQMZKV8DEV9+14FGy PsSZlnfoZd8pGT8mw5fiw0OQENzKpvhWVXS91I0mogTdkZFycseCJAQU+1+W/cgV nNdDs9xufks0ULIQgmIUczlFSxHvPoKtnikDqNbywyEG04xUWqM38+Aulx6bTlhP Bu1cje44ivHMxn1qfBEMzz+7DsEFI9FJFlqUKaFeEQDAF5itwoJqYlHZhRcBpGfT TgNINdWhRB5dowM4GDJjphdbbGBW61PKlJjI3CDJDHFJNtGPAqvdjDo/KE8qd5X+ gQ== -----END CERTIFICATE-----Generated at Fri May 17 06:19:01 2024 by rpki-client on console-fra.rpki-client.org