$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3246/yjTJ9rZ_gnUQqpbdzmBlXj0Sbfs.roa File: yjTJ9rZ_gnUQqpbdzmBlXj0Sbfs.roa (raw, json) Hash identifier: JgvlWkie5QPJoEmkANmFFI8EcaypCpMwPw34bnnFwFQ= Subject key identifier: CA:34:C9:F6:B6:7F:82:75:10:AA:96:DD:CE:60:65:5E:3D:12:6D:FB Certificate issuer: /CN=2CB67186E296C89E1F34779ED66A077F7E050CCB Certificate serial: 0358 Authority key identifier: 2C:B6:71:86:E2:96:C8:9E:1F:34:77:9E:D6:6A:07:7F:7E:05:0C:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLZxhuKWyJ4fNHee1moHf34FDMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/yjTJ9rZ_gnUQqpbdzmBlXj0Sbfs.roa Signing time: Fri 24 May 2024 09:31:57 +0000 ROA not before: Fri 24 May 2024 09:31:57 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 211392 IP address blocks: 210.87.72.0/24 maxlen: 24 210.87.73.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/LLZxhuKWyJ4fNHee1moHf34FDMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/LLZxhuKWyJ4fNHee1moHf34FDMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLZxhuKWyJ4fNHee1moHf34FDMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 856 (0x358) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2CB67186E296C89E1F34779ED66A077F7E050CCB Validity Not Before: May 24 09:31:57 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=CA34C9F6B67F827510AA96DDCE60655E3D126DFB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:78:8f:88:0e:52:bf:09:3c:6c:a2:ab:7c:76: 3c:de:68:12:0e:38:9d:99:25:b0:5d:b6:9a:bd:01: fd:a1:24:ec:f0:42:53:f3:ec:c3:3a:33:d6:56:13: 37:3b:2b:6a:6f:6e:e1:5b:63:52:a5:ad:28:e4:26: 45:93:44:26:52:4b:b3:5f:57:9f:25:89:61:80:c4: dc:62:17:e2:01:6d:e9:7c:63:98:b1:69:fb:f8:f2: cd:4c:60:e2:f5:cd:9f:5b:66:2e:46:02:5d:09:9d: aa:0a:70:b9:8e:3e:da:2f:ab:f7:e8:27:8e:23:f0: 75:15:99:b0:4c:d7:d8:da:c6:b3:9f:d4:b2:97:7d: 7f:de:49:cf:e0:41:a8:16:78:8f:ca:db:85:0c:e6: ea:66:9a:65:e4:5c:5d:75:11:30:e4:dd:5c:b7:31: ea:ff:5c:d3:f6:69:af:73:43:b1:5f:c7:b9:b2:ae: 0b:3b:72:fe:09:bf:3e:c7:39:36:42:89:4e:37:35: 22:b1:3d:3c:0e:a0:b0:f6:04:35:29:ea:5f:e1:4a: 8a:11:e9:b2:2c:7f:f2:53:68:19:26:2f:64:f3:2a: 6f:2f:6b:8f:71:05:7b:09:4a:a3:75:17:98:62:16: 07:8a:63:84:e2:8f:20:a7:26:b6:13:fd:a7:56:e4: 94:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:34:C9:F6:B6:7F:82:75:10:AA:96:DD:CE:60:65:5E:3D:12:6D:FB X509v3 Authority Key Identifier: keyid:2C:B6:71:86:E2:96:C8:9E:1F:34:77:9E:D6:6A:07:7F:7E:05:0C:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/LLZxhuKWyJ4fNHee1moHf34FDMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLZxhuKWyJ4fNHee1moHf34FDMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/yjTJ9rZ_gnUQqpbdzmBlXj0Sbfs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.87.72.0/23 Signature Algorithm: sha256WithRSAEncryption 40:fe:fc:cf:28:66:29:e1:fa:2c:2d:83:34:78:3c:e0:31:64: 1f:8f:f5:ed:8b:57:d9:66:61:01:9b:6d:eb:5a:a1:92:85:33: d7:6d:5b:6c:7d:57:bc:2d:e0:f9:99:3f:4b:cd:38:c7:b2:b1: c2:5c:01:55:be:5e:56:41:1e:29:53:e1:cd:6f:1e:38:2b:ea: 7a:a0:62:88:d5:26:71:7f:ad:92:8d:48:fd:bd:25:16:dc:72: e1:8d:6c:3b:40:6c:70:17:61:62:9e:3e:9d:b3:c7:4b:63:24: cd:de:c6:84:7c:48:9d:78:b4:ad:e8:8c:ad:9a:57:d2:47:75: 51:52:7f:b2:6a:57:21:b2:2f:53:45:84:a6:4a:99:28:25:d2: 6d:b8:32:c1:3c:73:37:40:6e:d8:d0:e5:53:e9:95:97:6d:25: 21:cb:88:52:bc:be:06:b1:0b:ba:2d:ed:59:c3:00:17:0a:be: c6:f8:d4:20:9f:03:cf:e3:bc:6e:af:12:2b:b1:e5:27:cc:50: 01:51:3b:32:e5:b7:04:f5:61:3b:49:5e:b5:37:3a:48:ba:62: f8:0e:65:ac:6b:32:7c:8e:62:f9:20:ea:5e:c0:f7:94:a6:86: dc:72:76:33:75:b6:e8:8a:0f:40:4c:49:b2:56:ba:38:22:34: 4d:01:35:dc -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICA1gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkNC NjcxODZFMjk2Qzg5RTFGMzQ3NzlFRDY2QTA3N0Y3RTA1MENDQjAeFw0yNDA1MjQw OTMxNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENBMzRDOUY2QjY3Rjgy NzUxMEFBOTZERENFNjA2NTVFM0QxMjZERkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDjeI+IDlK/CTxsoqt8djzeaBIOOJ2ZJbBdtpq9Af2hJOzwQlPz 7MM6M9ZWEzc7K2pvbuFbY1KlrSjkJkWTRCZSS7NfV58liWGAxNxiF+IBbel8Y5ix afv48s1MYOL1zZ9bZi5GAl0JnaoKcLmOPtovq/foJ44j8HUVmbBM19jaxrOf1LKX fX/eSc/gQagWeI/K24UM5upmmmXkXF11ETDk3Vy3Mer/XNP2aa9zQ7Ffx7myrgs7 cv4Jvz7HOTZCiU43NSKxPTwOoLD2BDUp6l/hSooR6bIsf/JTaBkmL2TzKm8va49x BXsJSqN1F5hiFgeKY4TijyCnJrYT/adW5JTJAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUyjTJ9rZ/gnUQqpbdzmBlXj0SbfswHwYDVR0jBBgwFoAULLZxhuKWyJ4fNHee 1moHf34FDMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI0 Ni9MTFp4aHVLV3lKNGZOSGVlMW1vSGYzNEZETXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0xMWnhodUtXeUo0Zk5IZWUxbW9IZjM0RkRNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNDYveWpUSjlyWl9nblVR cXBiZHptQmxYajBTYmZzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAdJXSDANBgkqhkiG9w0BAQsFAAOCAQEAQP78zyhmKeH6LC2DNHg84DFkH4/1 7YtX2WZhAZtt61qhkoUz121bbH1XvC3g+Zk/S804x7KxwlwBVb5eVkEeKVPhzW8e OCvqeqBiiNUmcX+tko1I/b0lFtxy4Y1sO0BscBdhYp4+nbPHS2Mkzd7GhHxInXi0 reiMrZpX0kd1UVJ/smpXIbIvU0WEpkqZKCXSbbgywTxzN0Bu2NDlU+mVl20lIcuI Ury+BrELui3tWcMAFwq+xvjUIJ8Dz+O8bq8SK7HlJ8xQAVE7MuW3BPVhO0letTc6 SLpi+A5lrGsyfI5i+SDqXsD3lKaG3HJ2M3W26IoPQExJsla6OCI0TQE13A== -----END CERTIFICATE-----Generated at Fri Nov 22 07:02:35 2024 by rpki-client on console-fra.rpki-client.org