$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3272/KegyS8Kjy5t8VmPx0hzh8-hUTIk.roa File: KegyS8Kjy5t8VmPx0hzh8-hUTIk.roa (raw, json) Hash identifier: uSKpQZ0vddvnlGUET0qERZS76Jh1NDPu/a48Wss+Scs= Subject key identifier: 29:E8:32:4B:C2:A3:CB:9B:7C:56:63:F1:D2:1C:E1:F3:E8:54:4C:89 Certificate issuer: /CN=B52F0F3FF7371FF1CE9D823E9549FC1158B16A2A Certificate serial: 0448 Authority key identifier: B5:2F:0F:3F:F7:37:1F:F1:CE:9D:82:3E:95:49:FC:11:58:B1:6A:2A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/KegyS8Kjy5t8VmPx0hzh8-hUTIk.roa Signing time: Tue 05 Nov 2024 07:32:51 +0000 ROA not before: Tue 05 Nov 2024 07:32:51 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 146806 IP address blocks: 157.66.42.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/tS8PP_c3H_HOnYI-lUn8EVixaio.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/tS8PP_c3H_HOnYI-lUn8EVixaio.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:53:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1096 (0x448) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B52F0F3FF7371FF1CE9D823E9549FC1158B16A2A Validity Not Before: Nov 5 07:32:51 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=29E8324BC2A3CB9B7C5663F1D21CE1F3E8544C89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:f9:33:71:9e:35:4f:93:cc:61:a1:fc:41:9c: 83:67:43:e0:7b:ea:9c:25:a0:77:b1:95:24:81:72: af:9c:d0:f5:8d:27:29:ad:67:79:55:e4:89:6a:5f: 7f:3c:d8:ef:24:97:b8:e6:ca:76:1d:75:6b:d4:82: 58:82:9d:76:4d:99:ef:ca:73:c9:bd:ab:b5:30:2b: 08:9c:08:49:49:5d:5e:0f:be:ec:c8:56:a5:f1:f7: 7e:c3:5e:bc:38:2a:1d:17:7a:07:f5:06:34:96:64: 75:e6:02:b9:65:46:4f:4c:26:bd:e1:db:91:b3:75: 69:61:db:7a:a3:11:7a:63:6d:ba:4b:c2:97:95:f6: 02:aa:13:a7:8f:cc:fe:f9:73:7b:40:71:d0:16:b1: 19:02:a6:6f:c5:c0:d9:18:08:cd:78:1d:af:04:dc: 06:3d:df:3e:8f:79:3a:07:3c:9a:d7:1c:25:e2:d8: 41:cb:b1:58:c4:7f:ac:51:53:61:c3:00:21:cb:42: ed:dd:3e:de:31:d0:c1:f4:7f:5b:f8:aa:ec:e1:c4: 0e:ef:6e:a3:ea:a8:61:5e:ea:83:1e:a0:00:82:5d: c1:0b:85:24:80:a5:13:a9:a1:44:7d:e0:34:a1:77: 3d:fd:6e:e0:1f:f6:36:9f:45:98:90:d2:43:09:83: c7:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:E8:32:4B:C2:A3:CB:9B:7C:56:63:F1:D2:1C:E1:F3:E8:54:4C:89 X509v3 Authority Key Identifier: keyid:B5:2F:0F:3F:F7:37:1F:F1:CE:9D:82:3E:95:49:FC:11:58:B1:6A:2A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/tS8PP_c3H_HOnYI-lUn8EVixaio.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/KegyS8Kjy5t8VmPx0hzh8-hUTIk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.66.42.0/23 Signature Algorithm: sha256WithRSAEncryption 61:c5:f9:c5:ae:a4:4d:ef:aa:58:4c:05:f2:ac:f6:ae:13:88: 9c:cb:dd:fc:e4:24:91:1a:fc:35:f0:26:a6:81:52:bf:6b:a2: 87:3e:d0:e8:8d:37:24:09:1d:fa:44:9f:78:15:28:d8:bd:6b: ed:18:f3:3c:a2:54:63:b3:29:f8:50:55:fe:3b:08:27:a4:12: cf:f8:f5:31:0d:13:3d:61:41:c2:eb:6e:49:e0:6c:86:18:27: 70:7c:ad:b6:c9:38:b8:fd:70:9b:9e:d1:ad:6c:ae:45:7f:85: eb:d8:4e:11:d0:7d:7a:e3:58:c6:51:2c:3d:e4:d1:d7:72:07: 46:ee:f1:98:a3:b4:10:cd:37:3b:46:18:cd:0e:78:79:17:7e: bb:50:c7:59:39:ef:1b:b6:4d:03:84:2d:8b:e3:b4:0b:53:c9: 0b:69:59:53:f8:24:cb:16:c0:b0:23:e1:6d:54:f6:14:3f:77: 56:0e:a0:b3:55:d8:fe:60:5f:f9:eb:89:ed:69:97:81:ce:31: de:28:95:86:ef:4c:de:dd:e4:b9:39:bd:df:b1:6b:9d:58:b5: eb:dd:89:87:32:29:5d:c0:16:b5:a3:5b:44:88:4f:e6:a6:d8: f2:ef:6d:94:3e:47:90:5c:fe:20:c6:76:8a:18:7d:bb:ed:c7: cd:fc:92:3b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBEgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjUy RjBGM0ZGNzM3MUZGMUNFOUQ4MjNFOTU0OUZDMTE1OEIxNkEyQTAeFw0yNDExMDUw NzMyNTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDI5RTgzMjRCQzJBM0NC OUI3QzU2NjNGMUQyMUNFMUYzRTg1NDRDODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCq+TNxnjVPk8xhofxBnINnQ+B76pwloHexlSSBcq+c0PWNJymt Z3lV5IlqX3882O8kl7jmynYddWvUgliCnXZNme/Kc8m9q7UwKwicCElJXV4PvuzI VqXx937DXrw4Kh0Xegf1BjSWZHXmArllRk9MJr3h25GzdWlh23qjEXpjbbpLwpeV 9gKqE6ePzP75c3tAcdAWsRkCpm/FwNkYCM14Ha8E3AY93z6PeToHPJrXHCXi2EHL sVjEf6xRU2HDACHLQu3dPt4x0MH0f1v4quzhxA7vbqPqqGFe6oMeoACCXcELhSSA pROpoUR94DShdz39buAf9jafRZiQ0kMJg8dFAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUKegyS8Kjy5t8VmPx0hzh8+hUTIkwHwYDVR0jBBgwFoAUtS8PP/c3H/HOnYI+ lUn8EVixaiowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3 Mi90UzhQUF9jM0hfSE9uWUktbFVuOEVWaXhhaW8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3RTOFBQX2MzSF9IT25ZSS1sVW44RVZpeGFpby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzIvS2VneVM4S2p5NXQ4 Vm1QeDBoemg4LWhVVElrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAZ1CKjANBgkqhkiG9w0BAQsFAAOCAQEAYcX5xa6kTe+qWEwF8qz2rhOInMvd /OQkkRr8NfAmpoFSv2uihz7Q6I03JAkd+kSfeBUo2L1r7RjzPKJUY7Mp+FBV/jsI J6QSz/j1MQ0TPWFBwutuSeBshhgncHyttsk4uP1wm57RrWyuRX+F69hOEdB9euNY xlEsPeTR13IHRu7xmKO0EM03O0YYzQ54eRd+u1DHWTnvG7ZNA4Qti+O0C1PJC2lZ U/gkyxbAsCPhbVT2FD93Vg6gs1XY/mBf+euJ7WmXgc4x3iiVhu9M3t3kuTm937Fr nVi1692JhzIpXcAWtaNbRIhP5qbY8u9tlD5HkFz+IMZ2ihh9u+3HzfySOw== -----END CERTIFICATE-----Generated at Fri Nov 22 17:36:46 2024 by rpki-client on console-ams.rpki-client.org