$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3250/anhawBPuq_1XPPzWxQg-Bim5AoA.roa File: anhawBPuq_1XPPzWxQg-Bim5AoA.roa (raw, json) Hash identifier: c2oScWP4CqP81amT5vbfRl5r2ddDHZ3UkLJlwRNqBY8= Subject key identifier: 6A:78:5A:C0:13:EE:AB:FD:57:3C:FC:D6:C5:08:3E:06:29:B9:02:80 Certificate issuer: /CN=8D34D5981D7B6A00127B9F268748A4E1233E138F Certificate serial: 011F Authority key identifier: 8D:34:D5:98:1D:7B:6A:00:12:7B:9F:26:87:48:A4:E1:23:3E:13:8F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/jTTVmB17agASe58mh0ik4SM-E48.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3250/anhawBPuq_1XPPzWxQg-Bim5AoA.roa Signing time: Sun 18 Feb 2024 14:07:26 +0000 ROA not before: Sun 18 Feb 2024 14:07:26 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 4837 IP address blocks: 36.50.226.0/23 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3250/jTTVmB17agASe58mh0ik4SM-E48.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3250/jTTVmB17agASe58mh0ik4SM-E48.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/jTTVmB17agASe58mh0ik4SM-E48.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 287 (0x11f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8D34D5981D7B6A00127B9F268748A4E1233E138F Validity Not Before: Feb 18 14:07:26 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=6A785AC013EEABFD573CFCD6C5083E0629B90280 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:4c:27:f9:bb:02:f8:48:d4:78:e4:55:32:80: df:5f:91:1a:6e:8b:ee:ff:7c:51:d5:b5:08:9c:7c: eb:d3:9e:e6:76:2f:1c:c7:aa:5a:16:d3:6b:7a:5c: ab:65:0b:d1:2c:cc:7d:59:15:3f:3a:a5:9f:11:b6: 76:39:0d:b9:65:86:90:23:ec:a2:ad:71:ec:28:60: 03:de:2f:34:b8:94:20:f6:22:7c:2d:ce:30:c3:36: 80:d3:ee:6f:70:81:05:99:e4:cb:a0:52:90:3e:77: 13:b4:4e:b6:67:09:9b:7a:b6:c4:47:14:07:61:cd: c5:bf:d1:b9:72:a9:5a:ab:5b:85:46:01:38:98:99: 3e:0d:45:e3:f6:28:4d:be:43:8e:dd:3a:c3:be:2c: 4c:16:79:e5:4b:f9:3a:37:09:79:b7:e9:4d:95:4a: c7:19:37:c2:13:4f:6a:b8:79:67:ac:fb:b6:28:99: 07:f5:16:2b:bc:11:0a:aa:72:d8:94:5b:52:8a:37: 23:e7:d1:eb:6e:93:fa:96:85:80:14:52:23:3b:a7: 60:b0:17:96:96:fd:c6:2d:7b:6e:a9:2c:f9:d5:1f: 93:6f:ad:20:bc:de:b1:97:66:20:cf:b4:5e:2c:35: 00:4a:5b:19:a1:24:cf:6f:fc:e8:46:55:c7:1b:e0: 18:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:78:5A:C0:13:EE:AB:FD:57:3C:FC:D6:C5:08:3E:06:29:B9:02:80 X509v3 Authority Key Identifier: keyid:8D:34:D5:98:1D:7B:6A:00:12:7B:9F:26:87:48:A4:E1:23:3E:13:8F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3250/jTTVmB17agASe58mh0ik4SM-E48.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/jTTVmB17agASe58mh0ik4SM-E48.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3250/anhawBPuq_1XPPzWxQg-Bim5AoA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 36.50.226.0/23 Signature Algorithm: sha256WithRSAEncryption 94:e0:27:ad:4f:2e:27:5f:da:df:4c:58:eb:d9:e0:dc:bc:29: f8:71:cd:47:bf:73:ad:1b:be:e0:61:95:35:d9:2a:ec:08:2b: d3:ca:ab:1c:ef:d2:bf:c9:f1:8a:f8:ef:3f:04:64:a3:6f:1f: 30:80:4d:01:69:47:72:7a:fe:66:92:29:31:6a:19:3e:01:fd: 89:5d:03:54:11:27:c9:c6:5a:5d:28:8c:b2:0c:6f:6f:97:e3: d0:43:fe:0d:9e:43:38:11:2e:2c:00:fb:8b:b4:59:9c:07:4c: f7:73:c2:e0:29:e0:5e:e3:36:79:cb:89:b3:b7:9c:d9:a7:fd: 87:6f:7d:ff:c8:60:0a:fc:56:fc:ad:05:31:e4:16:70:7e:84: 29:a3:32:26:45:0b:2b:99:86:94:99:8b:80:0a:ff:7e:0d:01: c4:95:5e:df:e7:08:51:25:05:b5:c0:47:68:6b:a5:6e:eb:46: 4d:93:29:54:06:87:93:04:35:57:c4:af:1a:c6:34:fe:77:d7: aa:a0:c2:37:ab:f8:da:e6:8f:e2:9c:0e:a2:fd:50:af:26:1e: 43:66:11:f4:f3:bb:70:8c:2b:47:35:bd:0f:62:79:2c:93:6b: e1:29:8d:6c:a2:49:b8:5c:90:89:09:87:a5:26:33:57:04:72: 42:39:68:ca -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEQz NEQ1OTgxRDdCNkEwMDEyN0I5RjI2ODc0OEE0RTEyMzNFMTM4RjAeFw0yNDAyMTgx NDA3MjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZBNzg1QUMwMTNFRUFC RkQ1NzNDRkNENkM1MDgzRTA2MjlCOTAyODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCmTCf5uwL4SNR45FUygN9fkRpui+7/fFHVtQicfOvTnuZ2LxzH qloW02t6XKtlC9EszH1ZFT86pZ8RtnY5DbllhpAj7KKtcewoYAPeLzS4lCD2Inwt zjDDNoDT7m9wgQWZ5MugUpA+dxO0TrZnCZt6tsRHFAdhzcW/0blyqVqrW4VGATiY mT4NReP2KE2+Q47dOsO+LEwWeeVL+To3CXm36U2VSscZN8ITT2q4eWes+7YomQf1 Fiu8EQqqctiUW1KKNyPn0etuk/qWhYAUUiM7p2CwF5aW/cYte26pLPnVH5NvrSC8 3rGXZiDPtF4sNQBKWxmhJM9v/OhGVccb4BjLAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUanhawBPuq/1XPPzWxQg+Bim5AoAwHwYDVR0jBBgwFoAUjTTVmB17agASe58m h0ik4SM+E48wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 MC9qVFRWbUIxN2FnQVNlNThtaDBpazRTTS1FNDguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2pUVFZtQjE3YWdBU2U1OG1oMGlrNFNNLUU0OC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTAvYW5oYXdCUHVxXzFY UFB6V3hRZy1CaW01QW9BLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEASQy4jANBgkqhkiG9w0BAQsFAAOCAQEAlOAnrU8uJ1/a30xY69ng3Lwp+HHN R79zrRu+4GGVNdkq7Agr08qrHO/Sv8nxivjvPwRko28fMIBNAWlHcnr+ZpIpMWoZ PgH9iV0DVBEnycZaXSiMsgxvb5fj0EP+DZ5DOBEuLAD7i7RZnAdM93PC4CngXuM2 ecuJs7ec2af9h299/8hgCvxW/K0FMeQWcH6EKaMyJkULK5mGlJmLgAr/fg0BxJVe 3+cIUSUFtcBHaGulbutGTZMpVAaHkwQ1V8SvGsY0/nfXqqDCN6v42uaP4pwOov1Q ryYeQ2YR9PO7cIwrRzW9D2J5LJNr4SmNbKJJuFyQiQmHpSYzVwRyQjloyg== -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:45 2024 by rpki-client on console-ams.rpki-client.org