$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3246/xA1ExRCLTB0US-v9AemsR7Tw1AE.roa File: xA1ExRCLTB0US-v9AemsR7Tw1AE.roa (raw, json) Hash identifier: C1h8BK9fIROK4WCFyDC6MvAzWQD9AJjZBPEUZosVPcM= Subject key identifier: C4:0D:44:C5:10:8B:4C:1D:14:4B:EB:FD:01:E9:AC:47:B4:F0:D4:01 Certificate issuer: /CN=2CB67186E296C89E1F34779ED66A077F7E050CCB Certificate serial: 035A Authority key identifier: 2C:B6:71:86:E2:96:C8:9E:1F:34:77:9E:D6:6A:07:7F:7E:05:0C:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLZxhuKWyJ4fNHee1moHf34FDMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/xA1ExRCLTB0US-v9AemsR7Tw1AE.roa Signing time: Fri 24 May 2024 09:32:04 +0000 ROA not before: Fri 24 May 2024 09:32:04 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 211392 IP address blocks: 210.87.72.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/LLZxhuKWyJ4fNHee1moHf34FDMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/LLZxhuKWyJ4fNHee1moHf34FDMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLZxhuKWyJ4fNHee1moHf34FDMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 858 (0x35a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2CB67186E296C89E1F34779ED66A077F7E050CCB Validity Not Before: May 24 09:32:04 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=C40D44C5108B4C1D144BEBFD01E9AC47B4F0D401 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:a8:b7:c7:df:09:35:9b:96:38:39:28:a4:81: f2:87:45:b6:71:03:df:7f:e1:40:70:16:6e:12:91: f5:34:e5:37:a8:c0:5d:3d:d2:08:bf:19:4b:78:6f: b9:89:1e:78:8e:57:4b:40:fe:ba:7b:55:a2:96:21: 96:c1:e6:56:52:b5:55:fb:9f:38:70:d4:89:88:af: ed:a9:f3:3b:d0:e6:52:5f:3e:ac:c8:14:52:6a:8e: 61:0f:eb:6f:b8:39:0b:f1:8e:6d:4f:14:ae:60:c7: cc:57:f4:d5:ea:70:50:c7:be:ab:d9:fe:1d:44:04: 6d:bb:86:b3:65:d0:52:f9:1c:44:ee:a3:5e:1f:02: ed:af:27:90:5f:c9:f8:73:78:83:9c:05:0e:25:40: a0:2e:d0:2a:22:0d:01:2e:03:16:52:5e:8c:1b:8a: ac:1c:0f:67:90:20:3a:52:b6:7d:fa:84:14:8e:72: 96:b6:93:57:d3:fe:81:d9:a2:f2:0e:75:e9:1c:35: 5b:1a:f9:c5:a5:8e:3b:ef:39:75:b4:ea:3a:7d:2e: 94:5b:c6:9d:28:29:10:31:01:75:53:c4:ce:4b:22: 8d:ff:73:9b:3f:4f:88:51:d6:9a:fc:20:73:5b:53: d2:11:b3:0e:ea:27:7a:57:0f:54:94:93:62:f4:8e: 7a:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:0D:44:C5:10:8B:4C:1D:14:4B:EB:FD:01:E9:AC:47:B4:F0:D4:01 X509v3 Authority Key Identifier: keyid:2C:B6:71:86:E2:96:C8:9E:1F:34:77:9E:D6:6A:07:7F:7E:05:0C:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/LLZxhuKWyJ4fNHee1moHf34FDMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLZxhuKWyJ4fNHee1moHf34FDMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/xA1ExRCLTB0US-v9AemsR7Tw1AE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.87.72.0/23 Signature Algorithm: sha256WithRSAEncryption 90:fe:69:eb:23:ff:2c:01:6e:a8:37:08:02:dc:a7:b8:29:23: f3:c3:65:68:78:06:5d:e7:95:ea:9e:23:ac:11:78:79:18:99: 66:6f:ad:d6:3b:02:b9:55:c5:1b:bf:b9:fc:50:f8:8d:1a:f9: e1:75:d1:fc:8d:1c:ee:ad:b7:bb:65:75:9a:cc:59:23:c9:0e: 4f:86:dd:16:93:b6:28:bf:45:9e:f7:f0:50:29:b7:f8:3e:10: 73:e2:ff:a7:d1:b3:09:79:c7:39:83:0a:23:ad:d5:b5:2e:26: 38:66:8a:61:77:14:6b:90:33:bc:77:29:26:b1:41:94:db:79: 69:73:d7:89:41:5d:29:8a:74:74:b6:8b:1f:9e:7a:05:54:eb: 74:4c:38:a8:cc:31:40:bd:ee:6a:9d:dc:0c:e4:ff:e3:92:90: 5b:10:62:51:94:51:c9:c0:47:a2:9d:5e:b4:b2:b0:d3:f2:f4: e4:89:f1:43:25:3c:e6:c8:7f:ce:4e:b9:63:28:47:40:55:10: be:4f:97:f5:b9:4f:48:76:fe:2a:bb:c4:ee:6c:90:24:2d:c5: 4d:e2:1f:66:80:23:f1:aa:96:1c:a0:5f:bb:97:e0:64:70:99: f5:9e:fa:7d:dd:a7:72:64:a8:e0:d0:fb:1e:85:1b:60:00:b9: 2b:4a:b1:9b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICA1owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkNC NjcxODZFMjk2Qzg5RTFGMzQ3NzlFRDY2QTA3N0Y3RTA1MENDQjAeFw0yNDA1MjQw OTMyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM0MEQ0NEM1MTA4QjRD MUQxNDRCRUJGRDAxRTlBQzQ3QjRGMEQ0MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAqLfH3wk1m5Y4OSikgfKHRbZxA99/4UBwFm4SkfU05TeowF09 0gi/GUt4b7mJHniOV0tA/rp7VaKWIZbB5lZStVX7nzhw1ImIr+2p8zvQ5lJfPqzI FFJqjmEP62+4OQvxjm1PFK5gx8xX9NXqcFDHvqvZ/h1EBG27hrNl0FL5HETuo14f Au2vJ5BfyfhzeIOcBQ4lQKAu0CoiDQEuAxZSXowbiqwcD2eQIDpStn36hBSOcpa2 k1fT/oHZovIOdekcNVsa+cWljjvvOXW06jp9LpRbxp0oKRAxAXVTxM5LIo3/c5s/ T4hR1pr8IHNbU9IRsw7qJ3pXD1SUk2L0jnrbAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUxA1ExRCLTB0US+v9AemsR7Tw1AEwHwYDVR0jBBgwFoAULLZxhuKWyJ4fNHee 1moHf34FDMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI0 Ni9MTFp4aHVLV3lKNGZOSGVlMW1vSGYzNEZETXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0xMWnhodUtXeUo0Zk5IZWUxbW9IZjM0RkRNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNDYveEExRXhSQ0xUQjBV Uy12OUFlbXNSN1R3MUFFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAdJXSDANBgkqhkiG9w0BAQsFAAOCAQEAkP5p6yP/LAFuqDcIAtynuCkj88Nl aHgGXeeV6p4jrBF4eRiZZm+t1jsCuVXFG7+5/FD4jRr54XXR/I0c7q23u2V1msxZ I8kOT4bdFpO2KL9FnvfwUCm3+D4Qc+L/p9GzCXnHOYMKI63VtS4mOGaKYXcUa5Az vHcpJrFBlNt5aXPXiUFdKYp0dLaLH556BVTrdEw4qMwxQL3uap3cDOT/45KQWxBi UZRRycBHop1etLKw0/L05InxQyU85sh/zk65YyhHQFUQvk+X9blPSHb+KrvE7myQ JC3FTeIfZoAj8aqWHKBfu5fgZHCZ9Z76fd2ncmSo4ND7HoUbYAC5K0qxmw== -----END CERTIFICATE-----Generated at Fri Nov 22 06:38:11 2024 by rpki-client on console-ams.rpki-client.org