$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/tmkYROUx5FyAk5XQgbIsLp1KU3k.roa File: tmkYROUx5FyAk5XQgbIsLp1KU3k.roa (raw, json) Hash identifier: AcM33/2djmpquu2dqvhb3XGefRwAg8tkD+zDWkZ9Vdg= Subject key identifier: B6:69:18:44:E5:31:E4:5C:80:93:95:D0:81:B2:2C:2E:9D:4A:53:79 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 13D4 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/tmkYROUx5FyAk5XQgbIsLp1KU3k.roa Signing time: Wed 30 Oct 2024 12:43:40 +0000 ROA not before: Wed 30 Oct 2024 12:43:40 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 984 IP address blocks: 180.223.127.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 06:23:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5076 (0x13d4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Oct 30 12:43:40 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=B6691844E531E45C809395D081B22C2E9D4A5379 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:44:af:f4:78:d8:2c:85:38:52:7a:81:8e:15: e9:8a:7c:cf:f5:99:dc:5d:d4:df:f5:d7:33:1a:9e: a9:41:a8:a5:2a:5d:71:62:24:fc:f9:3d:fb:ec:e5: c6:6a:ab:ff:8e:6e:92:e2:f7:9b:22:0d:ab:d9:89: d9:47:75:c8:d5:f1:7d:23:ca:f4:c7:6d:2b:f6:33: 1e:31:0f:57:ab:e1:22:1d:9a:de:28:f6:d3:f4:f9: 88:ba:69:f4:b8:3b:44:3f:8f:78:61:f9:e4:9b:ce: 4a:66:6a:9b:dd:64:1c:77:40:9a:31:18:81:a8:16: 42:a4:c2:11:3a:0a:f7:8a:87:cf:10:44:fd:f2:ee: c5:02:35:6c:62:4d:22:cd:d6:0e:d6:8d:13:66:1a: f1:37:e8:49:47:da:73:14:d1:55:e9:14:08:c6:d7: 57:92:c4:83:ca:43:a3:f2:8b:7c:44:c5:ba:86:c4: 1e:ea:26:88:5a:4e:e6:a1:23:67:a1:bd:48:e1:d0: bf:15:65:2a:8d:79:7e:74:1a:17:1b:1f:26:d0:2d: 85:77:66:1d:0b:3b:33:7e:18:cc:79:f1:1b:fd:bc: c1:b5:83:f2:54:c5:da:99:92:45:50:f8:1e:f5:d1: f3:17:6c:a4:dd:cf:aa:96:17:6b:67:88:8c:c2:ef: de:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:69:18:44:E5:31:E4:5C:80:93:95:D0:81:B2:2C:2E:9D:4A:53:79 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/tmkYROUx5FyAk5XQgbIsLp1KU3k.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.127.0/24 Signature Algorithm: sha256WithRSAEncryption 81:c9:c1:61:28:ad:57:4c:87:5e:3c:f1:56:b6:72:2d:7b:17: b2:f7:7f:80:f1:f1:dd:80:4c:df:af:27:0b:b4:b0:ee:2f:8d: 69:4d:55:b9:ef:a6:63:b2:37:5e:9b:41:a5:32:8b:31:18:4f: 53:2a:1f:59:66:d2:92:fc:d7:ec:79:b5:80:35:72:4d:fd:74: d1:71:25:4d:61:3c:40:fa:56:01:85:b3:56:2b:6b:d7:b7:9a: 1f:98:5c:81:b7:33:0a:af:a6:94:b8:91:b6:9c:b1:fa:81:d8: 7d:6c:20:d3:89:88:4f:6e:c2:74:9a:59:20:07:33:38:79:7c: aa:cc:5a:21:c8:fb:7f:7e:f4:7d:1a:01:a0:6b:ed:3b:5f:69: 82:99:2b:04:1e:e6:50:dd:e4:60:b9:29:09:bc:12:96:b6:9f: c3:ac:2d:bc:a1:45:59:5e:6c:15:fb:44:99:72:a0:fa:59:1b: 01:f9:5a:95:2e:69:b4:55:e5:49:b4:d6:37:aa:7d:4c:c5:03: dd:89:1e:e1:33:df:4d:ed:f4:ed:e6:a9:46:03:ee:d1:50:75: 99:7a:30:c0:ba:c2:cb:11:21:80:d3:ee:85:55:69:70:13:4f: aa:a2:0b:b3:96:20:02:90:e1:3f:23:6e:61:41:f4:f2:38:c2: 38:9f:5c:7f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE9QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDEwMzAx MjQzNDBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEI2NjkxODQ0RTUzMUU0 NUM4MDkzOTVEMDgxQjIyQzJFOUQ0QTUzNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCRK/0eNgshThSeoGOFemKfM/1mdxd1N/11zManqlBqKUqXXFi JPz5Pfvs5cZqq/+ObpLi95siDavZidlHdcjV8X0jyvTHbSv2Mx4xD1er4SIdmt4o 9tP0+Yi6afS4O0Q/j3hh+eSbzkpmapvdZBx3QJoxGIGoFkKkwhE6CveKh88QRP3y 7sUCNWxiTSLN1g7WjRNmGvE36ElH2nMU0VXpFAjG11eSxIPKQ6Pyi3xExbqGxB7q JohaTuahI2ehvUjh0L8VZSqNeX50GhcbHybQLYV3Zh0LOzN+GMx58Rv9vMG1g/JU xdqZkkVQ+B710fMXbKTdz6qWF2tniIzC797TAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUtmkYROUx5FyAk5XQgbIsLp1KU3kwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvdG1rWVJPVXg1RnlB azVYUWdiSXNMcDFLVTNrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTffzANBgkqhkiG9w0BAQsFAAOCAQEAgcnBYSitV0yHXjzxVrZyLXsXsvd/ gPHx3YBM368nC7Sw7i+NaU1Vue+mY7I3XptBpTKLMRhPUyofWWbSkvzX7Hm1gDVy Tf100XElTWE8QPpWAYWzVitr17eaH5hcgbczCq+mlLiRtpyx+oHYfWwg04mIT27C dJpZIAczOHl8qsxaIcj7f370fRoBoGvtO19pgpkrBB7mUN3kYLkpCbwSlrafw6wt vKFFWV5sFftEmXKg+lkbAflalS5ptFXlSbTWN6p9TMUD3Yke4TPfTe307eapRgPu 0VB1mXowwLrCyxEhgNPuhVVpcBNPqqILs5YgApDhPyNuYUH08jjCOJ9cfw== -----END CERTIFICATE-----Generated at Fri Nov 22 04:51:45 2024 by rpki-client on console-ams.rpki-client.org