$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3272/utBxSla5Y9Lm4eJRpxCBsS2c1JQ.roa File: utBxSla5Y9Lm4eJRpxCBsS2c1JQ.roa (raw, json) Hash identifier: 0GKjm4b6pMwIffdCFC1KrIdfY7BZxhXnDJ/P+r++YIQ= Subject key identifier: BA:D0:71:4A:56:B9:63:D2:E6:E1:E2:51:A7:10:81:B1:2D:9C:D4:94 Certificate issuer: /CN=B52F0F3FF7371FF1CE9D823E9549FC1158B16A2A Certificate serial: 0445 Authority key identifier: B5:2F:0F:3F:F7:37:1F:F1:CE:9D:82:3E:95:49:FC:11:58:B1:6A:2A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/utBxSla5Y9Lm4eJRpxCBsS2c1JQ.roa Signing time: Tue 05 Nov 2024 07:32:50 +0000 ROA not before: Tue 05 Nov 2024 07:32:50 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 211392 IP address blocks: 157.66.43.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/tS8PP_c3H_HOnYI-lUn8EVixaio.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/tS8PP_c3H_HOnYI-lUn8EVixaio.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 08:54:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1093 (0x445) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B52F0F3FF7371FF1CE9D823E9549FC1158B16A2A Validity Not Before: Nov 5 07:32:50 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=BAD0714A56B963D2E6E1E251A71081B12D9CD494 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:7f:ff:05:74:f5:7a:06:73:5a:cb:95:06:cc: 14:b7:19:fa:4e:e0:7e:4e:d4:a2:06:78:61:c5:48: 47:2f:da:a0:48:b2:f4:0e:11:0e:30:28:fe:4b:63: 01:4a:95:e9:69:b3:25:9e:bc:60:a3:db:3f:d7:0d: a6:d6:e7:a4:04:f6:58:42:69:c2:e5:53:12:e7:02: 2a:28:2c:22:54:66:82:ed:af:b9:7c:ed:77:10:0e: 7d:58:fc:09:13:6b:b0:15:31:50:47:c9:a0:91:c5: 75:d3:2f:1f:25:51:3b:0d:54:5b:76:ec:42:75:56: 74:c3:7d:a7:00:ea:bb:8f:b0:b4:4b:a4:02:52:c3: 66:f3:88:ab:44:c9:f7:46:4e:90:9a:d4:12:49:76: 17:9d:1b:e5:14:c0:d0:7e:4d:83:0b:2f:df:48:7d: 2d:01:f2:60:1d:fe:89:44:59:35:05:b4:43:7d:7f: 4d:95:18:1f:53:8f:7f:90:c0:6b:63:7f:6a:d7:0a: 7f:ba:44:46:d7:dd:e6:20:bb:c7:f4:a7:d2:21:58: df:48:60:ce:3a:30:82:f0:1c:9b:d2:da:cd:7f:76: 11:bf:c9:15:93:ea:53:3e:98:e4:b4:66:22:f1:88: ec:23:38:f8:fa:32:8d:7b:4a:9b:cf:3b:ce:f1:14: b4:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:D0:71:4A:56:B9:63:D2:E6:E1:E2:51:A7:10:81:B1:2D:9C:D4:94 X509v3 Authority Key Identifier: keyid:B5:2F:0F:3F:F7:37:1F:F1:CE:9D:82:3E:95:49:FC:11:58:B1:6A:2A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/tS8PP_c3H_HOnYI-lUn8EVixaio.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/utBxSla5Y9Lm4eJRpxCBsS2c1JQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.66.43.0/24 Signature Algorithm: sha256WithRSAEncryption 81:05:95:f5:0d:92:ec:fa:34:b8:9d:7d:fd:4b:e6:c8:8c:5a: de:6c:b9:ff:6a:09:1a:f2:78:a2:6f:44:27:89:9a:e6:4c:77: eb:9b:60:b6:36:05:2e:04:c0:06:44:5a:cc:93:57:24:9e:a6: ca:69:90:7a:6c:11:8b:08:59:38:c6:49:2c:fd:01:7d:c7:b5: 1b:7c:b7:35:c2:4d:d2:8a:76:2b:92:8b:80:78:25:d8:ba:6b: 89:95:46:77:96:72:bf:8b:c2:6c:7e:cf:a5:b3:a7:78:fd:04: 34:d2:81:d1:a6:cd:40:7d:1c:d6:b2:23:31:85:1e:39:cf:10: 54:84:4b:3a:79:d4:6c:e9:84:53:e9:df:43:7d:9f:8a:a9:d0: e5:06:c0:e4:7c:24:c0:e4:17:e1:24:03:2a:90:17:63:4c:39: f2:70:f2:e5:f5:b6:8d:0f:51:c3:58:fc:92:b2:2d:29:5d:f9: c6:7d:95:09:6e:ee:be:a1:1f:f3:f9:0a:74:00:e1:0d:f0:17: ce:8f:91:b7:a4:82:a3:3c:f9:14:32:ac:4b:c5:95:eb:31:8f: 1e:d6:81:b8:2d:55:fa:d8:6a:9d:33:f3:5e:6d:0f:67:4f:e5: 42:a1:4b:ef:f1:01:8e:cf:aa:9b:2c:10:27:4d:38:5d:c1:a6: f9:bb:42:28 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBEUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjUy RjBGM0ZGNzM3MUZGMUNFOUQ4MjNFOTU0OUZDMTE1OEIxNkEyQTAeFw0yNDExMDUw NzMyNTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEJBRDA3MTRBNTZCOTYz RDJFNkUxRTI1MUE3MTA4MUIxMkQ5Q0Q0OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpf/8FdPV6BnNay5UGzBS3GfpO4H5O1KIGeGHFSEcv2qBIsvQO EQ4wKP5LYwFKlelpsyWevGCj2z/XDabW56QE9lhCacLlUxLnAiooLCJUZoLtr7l8 7XcQDn1Y/AkTa7AVMVBHyaCRxXXTLx8lUTsNVFt27EJ1VnTDfacA6ruPsLRLpAJS w2bziKtEyfdGTpCa1BJJdhedG+UUwNB+TYMLL99IfS0B8mAd/olEWTUFtEN9f02V GB9Tj3+QwGtjf2rXCn+6REbX3eYgu8f0p9IhWN9IYM46MILwHJvS2s1/dhG/yRWT 6lM+mOS0ZiLxiOwjOPj6Mo17SpvPO87xFLSrAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUutBxSla5Y9Lm4eJRpxCBsS2c1JQwHwYDVR0jBBgwFoAUtS8PP/c3H/HOnYI+ lUn8EVixaiowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3 Mi90UzhQUF9jM0hfSE9uWUktbFVuOEVWaXhhaW8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3RTOFBQX2MzSF9IT25ZSS1sVW44RVZpeGFpby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzIvdXRCeFNsYTVZOUxt NGVKUnB4Q0JzUzJjMUpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAJ1CKzANBgkqhkiG9w0BAQsFAAOCAQEAgQWV9Q2S7Po0uJ19/UvmyIxa3my5 /2oJGvJ4om9EJ4ma5kx365tgtjYFLgTABkRazJNXJJ6mymmQemwRiwhZOMZJLP0B fce1G3y3NcJN0op2K5KLgHgl2LpriZVGd5Zyv4vCbH7PpbOneP0ENNKB0abNQH0c 1rIjMYUeOc8QVIRLOnnUbOmEU+nfQ32fiqnQ5QbA5HwkwOQX4SQDKpAXY0w58nDy 5fW2jQ9Rw1j8krItKV35xn2VCW7uvqEf8/kKdADhDfAXzo+Rt6SCozz5FDKsS8WV 6zGPHtaBuC1V+thqnTPzXm0PZ0/lQqFL7/EBjs+qmywQJ004XcGm+btCKA== -----END CERTIFICATE-----Generated at Fri Nov 22 06:38:11 2024 by rpki-client on console-ams.rpki-client.org