$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3252/zdJu4QnKRaHD0_YXIkQaZGeiUro.roa File: zdJu4QnKRaHD0_YXIkQaZGeiUro.roa (raw, json) Hash identifier: +04P1Vm9IRIA9tao6xmvNBnB1mgFbD+JfN92H8hrzlM= Subject key identifier: CD:D2:6E:E1:09:CA:45:A1:C3:D3:F6:17:22:44:1A:64:67:A2:52:BA Certificate issuer: /CN=E6CF46C8583654CB69E2DFC3AE83DDC145E4932A Certificate serial: 56 Authority key identifier: E6:CF:46:C8:58:36:54:CB:69:E2:DF:C3:AE:83:DD:C1:45:E4:93:2A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5s9GyFg2VMtp4t_DroPdwUXkkyo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/zdJu4QnKRaHD0_YXIkQaZGeiUro.roa Signing time: Thu 18 Jan 2024 07:51:51 +0000 ROA not before: Thu 18 Jan 2024 07:51:51 +0000 ROA not after: Wed 01 Jan 2025 02:06:08 +0000 asID: 63538 IP address blocks: 157.10.34.0/23 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/5s9GyFg2VMtp4t_DroPdwUXkkyo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/5s9GyFg2VMtp4t_DroPdwUXkkyo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5s9GyFg2VMtp4t_DroPdwUXkkyo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 16:22:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 86 (0x56) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E6CF46C8583654CB69E2DFC3AE83DDC145E4932A Validity Not Before: Jan 18 07:51:51 2024 GMT Not After : Jan 1 02:06:08 2025 GMT Subject: CN=CDD26EE109CA45A1C3D3F61722441A6467A252BA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:5c:26:51:80:3b:dd:0c:97:a3:8a:c1:86:48: c0:fe:ab:47:f5:e7:01:ff:a4:09:3c:0f:7c:e9:5b: 46:24:a6:cb:b1:ed:b2:a5:a4:6d:4d:e4:99:43:10: 8c:f3:4e:46:13:87:55:6b:c5:9b:cb:0a:bf:55:d7: 59:9e:2c:18:e0:b3:82:d5:11:c7:1f:a2:c3:b6:58: 51:69:6f:48:98:0a:cd:ea:94:7d:9d:30:56:10:b1: 37:f1:30:0d:b0:8d:13:86:54:65:bd:e6:c5:11:5b: 02:51:f4:15:59:38:f8:9d:84:d5:7d:6c:1d:70:98: b4:6e:12:74:b7:f2:d2:06:07:a0:a4:d4:98:0a:5f: 6e:0e:51:49:74:27:13:51:e9:e5:19:75:97:c2:97: 5d:1e:f4:8a:a3:cf:d2:f6:83:f6:2f:bb:d6:79:f9: 73:9d:24:3e:18:2a:71:84:c2:67:d5:14:bd:0a:8e: 1f:84:67:eb:dd:17:80:86:df:18:a7:e8:3d:2b:3d: a6:31:d7:ea:28:4f:0d:24:62:cb:a1:7e:94:4c:71: 41:15:d0:a9:c2:85:8f:1d:be:66:b0:71:7c:2e:b6: f4:e7:1e:e3:81:de:6d:ee:fb:47:fa:b6:9e:96:06: ff:63:c4:a2:b6:70:75:44:23:e1:d4:3d:34:ae:d0: fb:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:D2:6E:E1:09:CA:45:A1:C3:D3:F6:17:22:44:1A:64:67:A2:52:BA X509v3 Authority Key Identifier: keyid:E6:CF:46:C8:58:36:54:CB:69:E2:DF:C3:AE:83:DD:C1:45:E4:93:2A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/5s9GyFg2VMtp4t_DroPdwUXkkyo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5s9GyFg2VMtp4t_DroPdwUXkkyo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/zdJu4QnKRaHD0_YXIkQaZGeiUro.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.10.34.0/23 Signature Algorithm: sha256WithRSAEncryption 03:82:3e:bb:cd:11:dc:f0:bc:f0:7f:8b:7a:3a:54:25:ea:4d: 3d:6d:41:1e:fd:8a:b7:29:66:82:9c:fb:8b:ef:6b:6d:6a:a6: df:6c:91:59:f5:e6:94:ae:d7:74:cc:c2:30:bd:44:4f:5b:6f: 13:3c:69:fa:83:7e:a1:02:d0:a4:15:af:72:d5:df:d6:e1:f2: be:dd:ba:21:e5:6a:b4:a9:92:53:bf:ad:21:69:3c:a9:ad:3b: a8:98:ea:e7:91:ee:f0:ac:a0:69:a3:b5:d7:ac:2a:d3:10:5f: 48:e9:04:63:16:51:e8:08:c4:82:46:00:ba:7d:3b:79:b6:ff: 89:76:fe:23:02:66:db:50:fd:85:ac:a1:cc:9a:6e:25:ce:9e: 7c:91:f4:f3:3c:7e:02:e5:d1:7a:15:ed:63:cb:14:32:a0:d0: 86:5c:12:0f:c9:8e:25:79:a2:d0:11:9a:39:29:d0:be:28:7d: f4:1a:07:82:86:df:4e:9a:f0:ae:c1:5e:31:a1:5e:5c:ef:36: b4:18:25:99:e3:3c:b3:48:1a:54:ba:38:3d:b2:56:93:60:37: d0:2a:8b:da:b8:00:ac:54:a4:a8:03:35:58:ea:5d:5a:d7:df: 31:8a:f2:a2:f9:b1:5b:20:7a:a9:b1:84:54:f9:06:78:81:39: 0f:0b:c7:fe -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFNkNG NDZDODU4MzY1NENCNjlFMkRGQzNBRTgzRERDMTQ1RTQ5MzJBMB4XDTI0MDExODA3 NTE1MVoXDTI1MDEwMTAyMDYwOFowMzExMC8GA1UEAxMoQ0REMjZFRTEwOUNBNDVB MUMzRDNGNjE3MjI0NDFBNjQ2N0EyNTJCQTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANVcJlGAO90Ml6OKwYZIwP6rR/XnAf+kCTwPfOlbRiSmy7HtsqWk bU3kmUMQjPNORhOHVWvFm8sKv1XXWZ4sGOCzgtURxx+iw7ZYUWlvSJgKzeqUfZ0w VhCxN/EwDbCNE4ZUZb3mxRFbAlH0FVk4+J2E1X1sHXCYtG4SdLfy0gYHoKTUmApf bg5RSXQnE1Hp5Rl1l8KXXR70iqPP0vaD9i+71nn5c50kPhgqcYTCZ9UUvQqOH4Rn 690XgIbfGKfoPSs9pjHX6ihPDSRiy6F+lExxQRXQqcKFjx2+ZrBxfC629Oce44He be77R/q2npYG/2PEorZwdUQj4dQ9NK7Q+5cCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBTN0m7hCcpFocPT9hciRBpkZ6JSujAfBgNVHSMEGDAWgBTmz0bIWDZUy2ni38Ou g93BReSTKjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMjUy LzVzOUd5RmcyVk10cDR0X0Ryb1Bkd1VYa2t5by5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvNXM5R3lGZzJWTXRwNHRfRHJvUGR3VVhra3lvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1Mi96ZEp1NFFuS1JhSEQw X1lYSWtRYVpHZWlVcm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnQoiMA0GCSqGSIb3DQEBCwUAA4IBAQADgj67zRHc8Lzwf4t6OlQl6k09bUEe /Yq3KWaCnPuL72ttaqbfbJFZ9eaUrtd0zMIwvURPW28TPGn6g36hAtCkFa9y1d/W 4fK+3boh5Wq0qZJTv60haTyprTuomOrnke7wrKBpo7XXrCrTEF9I6QRjFlHoCMSC RgC6fTt5tv+Jdv4jAmbbUP2FrKHMmm4lzp58kfTzPH4C5dF6Fe1jyxQyoNCGXBIP yY4leaLQEZo5KdC+KH30GgeCht9OmvCuwV4xoV5c7za0GCWZ4zyzSBpUujg9slaT YDfQKovauACsVKSoAzVY6l1a198xivKi+bFbIHqpsYRU+QZ4gTkPC8f+ -----END CERTIFICATE-----Generated at Fri Nov 22 16:05:39 2024 by rpki-client on console-fra.rpki-client.org