$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/Y2ZKD-A30k3bDBgJvwCgTOSEfgE.roa File: Y2ZKD-A30k3bDBgJvwCgTOSEfgE.roa (raw, json) Hash identifier: 9hA3D9MXarvGgUQCQ8E1yH6YN9fGRixIrfBTcD/M2r0= Subject key identifier: 63:66:4A:0F:E0:37:D2:4D:DB:0C:18:09:BF:00:A0:4C:E4:84:7E:01 Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Certificate serial: C3 Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/Y2ZKD-A30k3bDBgJvwCgTOSEfgE.roa Signing time: Tue 30 Jul 2024 01:30:29 +0000 ROA not before: Tue 30 Jul 2024 01:30:29 +0000 ROA not after: Tue 24 Jun 2025 01:23:54 +0000 asID: 146762 IP address blocks: 114.111.176.0/24 maxlen: 24 114.111.177.0/24 maxlen: 24 114.111.178.0/24 maxlen: 24 114.111.179.0/24 maxlen: 24 114.111.180.0/24 maxlen: 24 114.111.181.0/24 maxlen: 24 114.111.182.0/24 maxlen: 24 114.111.183.0/24 maxlen: 24 114.111.184.0/24 maxlen: 24 114.111.185.0/24 maxlen: 24 114.111.186.0/24 maxlen: 24 114.111.187.0/24 maxlen: 24 114.111.188.0/24 maxlen: 24 114.111.189.0/24 maxlen: 24 114.111.190.0/24 maxlen: 24 114.111.191.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:24:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 195 (0xc3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Validity Not Before: Jul 30 01:30:29 2024 GMT Not After : Jun 24 01:23:54 2025 GMT Subject: CN=63664A0FE037D24DDB0C1809BF00A04CE4847E01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:1a:a3:35:35:b7:c2:bb:08:28:3a:4c:21:84: 94:28:e3:65:d2:61:dd:97:b2:01:e5:ac:3f:9c:a4: db:1b:69:d0:74:6d:97:05:92:7b:15:67:8f:da:cb: 54:81:cb:7c:f4:82:d4:f8:b9:ed:7e:fc:9c:17:97: 2a:70:c0:f5:1e:8d:ae:01:3d:50:2e:91:78:f5:b1: ec:1e:5c:04:60:aa:bb:eb:da:74:32:91:da:63:68: 2f:a2:25:a1:4e:6b:d2:7e:83:9d:58:b4:a3:a2:c3: 67:df:0c:6c:c9:d8:ed:53:36:96:be:25:aa:d8:a2: 4e:f3:32:1c:8c:f3:94:4f:74:45:25:f6:42:8e:56: 6d:4d:31:88:aa:95:a6:98:ef:06:99:fc:ab:85:1b: 3a:6c:ab:13:07:a4:9e:0b:96:cb:02:22:2b:26:68: 27:91:4d:70:22:20:c3:65:b8:a1:61:1c:14:81:cd: 33:9a:6e:ae:88:b8:ca:86:f8:cf:a4:cc:68:3a:84: 8f:a0:04:7f:97:4e:1e:b0:9c:1a:9b:f9:9c:19:19: 3b:1a:bb:4e:57:c3:5c:16:95:3c:d0:15:bd:6a:b9: 13:f5:fd:b9:b5:30:74:5a:4c:32:91:8c:6c:7b:39: 45:31:8f:aa:17:e6:b9:a8:69:9a:e0:76:72:c5:a3: df:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:66:4A:0F:E0:37:D2:4D:DB:0C:18:09:BF:00:A0:4C:E4:84:7E:01 X509v3 Authority Key Identifier: keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/Y2ZKD-A30k3bDBgJvwCgTOSEfgE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.111.176.0/20 Signature Algorithm: sha256WithRSAEncryption 7a:41:be:86:1a:fd:cc:a5:85:33:72:9a:2b:14:46:45:61:ab: 80:e1:16:e4:05:7d:e6:ae:18:d0:52:36:69:fa:21:6d:0d:6a: e3:af:11:e7:6e:0a:e4:de:e8:0d:fc:83:ac:c5:39:48:3f:2a: 16:5c:a3:dd:5f:1a:6f:7b:d0:1a:6b:d0:d2:a9:63:a3:7a:b4: 75:42:de:28:1d:7a:55:d6:65:11:3c:7a:c8:af:53:fa:1e:0b: 55:59:8e:ea:28:a3:cc:48:84:6d:e5:7e:41:96:b1:fa:d1:01: 18:b6:53:46:b7:de:ea:70:e0:8e:40:8e:b6:23:1b:cd:41:b4: dc:b6:1c:fd:35:1f:6e:62:8f:1b:39:e7:81:86:54:f6:00:9a: af:0a:fc:c5:53:e2:db:c3:3c:d1:78:1f:6a:4c:eb:2b:6f:3b: 7a:89:f2:d9:a9:c0:ce:41:d5:c3:6f:d6:8d:c1:a5:e3:2a:ee: 40:dd:bf:b4:fa:ac:b1:d2:e6:48:1c:43:a2:cc:ea:54:45:20: 43:6a:c1:5c:10:99:41:e6:f6:55:6d:d7:44:1b:15:f2:b8:16: e8:94:42:97:3b:d6:e2:55:b8:7b:e6:c9:ad:98:c6:e5:23:41: 7d:41:f4:90:54:7e:7a:8c:76:7e:bb:fa:31:b2:33:fb:3d:5d: ac:e6:51:d3 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAMMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNDA3MzAw MTMwMjlaFw0yNTA2MjQwMTIzNTRaMDMxMTAvBgNVBAMTKDYzNjY0QTBGRTAzN0Qy NEREQjBDMTgwOUJGMDBBMDRDRTQ4NDdFMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWGqM1NbfCuwgoOkwhhJQo42XSYd2XsgHlrD+cpNsbadB0bZcF knsVZ4/ay1SBy3z0gtT4ue1+/JwXlypwwPUeja4BPVAukXj1seweXARgqrvr2nQy kdpjaC+iJaFOa9J+g51YtKOiw2ffDGzJ2O1TNpa+JarYok7zMhyM85RPdEUl9kKO Vm1NMYiqlaaY7waZ/KuFGzpsqxMHpJ4LlssCIismaCeRTXAiIMNluKFhHBSBzTOa bq6IuMqG+M+kzGg6hI+gBH+XTh6wnBqb+ZwZGTsau05Xw1wWlTzQFb1quRP1/bm1 MHRaTDKRjGx7OUUxj6oX5rmoaZrgdnLFo9/XAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUY2ZKD+A30k3bDBgJvwCgTOSEfgEwHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvWTJaS0QtQTMwazNi REJnSnZ3Q2dUT1NFZmdFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBHJvsDANBgkqhkiG9w0BAQsFAAOCAQEAekG+hhr9zKWFM3KaKxRGRWGrgOEW 5AV95q4Y0FI2afohbQ1q468R524K5N7oDfyDrMU5SD8qFlyj3V8ab3vQGmvQ0qlj o3q0dULeKB16VdZlETx6yK9T+h4LVVmO6iijzEiEbeV+QZax+tEBGLZTRrfe6nDg jkCOtiMbzUG03LYc/TUfbmKPGznngYZU9gCarwr8xVPi28M80XgfakzrK287eony 2anAzkHVw2/WjcGl4yruQN2/tPqssdLmSBxDoszqVEUgQ2rBXBCZQeb2VW3XRBsV 8rgW6JRClzvW4lW4e+bJrZjG5SNBfUH0kFR+eox2frv6MbIz+z1drOZR0w== -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:41 2024 by rpki-client on console-ams.rpki-client.org