$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3272/z8ROOvpLClOvSR6IhvcLephY-tM.roa File: z8ROOvpLClOvSR6IhvcLephY-tM.roa (raw, json) Hash identifier: bddYJe68JYyYkZKZ/uix57o8m/EJDTIZ2ch0s9sYnAA= Subject key identifier: CF:C4:4E:3A:FA:4B:0A:53:AF:49:1E:88:86:F7:0B:7A:98:58:FA:D3 Certificate issuer: /CN=B52F0F3FF7371FF1CE9D823E9549FC1158B16A2A Certificate serial: 0449 Authority key identifier: B5:2F:0F:3F:F7:37:1F:F1:CE:9D:82:3E:95:49:FC:11:58:B1:6A:2A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/z8ROOvpLClOvSR6IhvcLephY-tM.roa Signing time: Tue 05 Nov 2024 07:32:51 +0000 ROA not before: Tue 05 Nov 2024 07:32:51 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 146806 IP address blocks: 157.66.43.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/tS8PP_c3H_HOnYI-lUn8EVixaio.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/tS8PP_c3H_HOnYI-lUn8EVixaio.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:53:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1097 (0x449) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B52F0F3FF7371FF1CE9D823E9549FC1158B16A2A Validity Not Before: Nov 5 07:32:51 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=CFC44E3AFA4B0A53AF491E8886F70B7A9858FAD3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:80:64:df:ee:6e:fc:cc:37:ab:6e:41:aa:cf: 98:ec:20:6d:44:e1:7b:4a:e4:3a:70:e9:9f:a0:84: be:a0:f4:0a:d9:d3:4e:05:0e:aa:bb:98:f0:16:e2: 33:1e:0a:c1:20:e9:51:bd:75:13:17:e5:16:86:db: a7:dc:f8:6a:40:f7:6a:69:a5:f8:c1:80:45:7e:64: 1e:b9:b3:66:7f:1a:b5:55:5a:65:b8:a3:2b:fa:01: 58:85:de:88:55:14:f6:73:b6:81:af:80:f5:f2:57: 77:16:75:42:07:49:46:13:bc:c1:4b:8a:51:2c:40: c0:ee:7b:bc:6c:2c:0c:cd:c8:73:80:91:ec:85:0a: 2d:cf:45:3d:65:28:a6:bc:d4:bb:36:d0:71:28:94: 80:9e:ad:23:76:5d:0f:f8:94:38:7d:ed:ec:24:ba: 90:49:09:81:27:40:32:7b:ec:27:1f:bf:db:e7:c5: b2:31:92:37:f5:ab:84:de:85:03:19:96:75:f5:0c: 46:5c:95:99:31:9e:75:29:d1:8b:41:9b:f6:55:33: dd:12:a4:71:d6:b8:2e:21:c7:a8:98:6b:78:b1:b0: ee:16:ba:9c:18:2e:90:2a:ce:f5:e8:06:40:f4:f8: 60:48:36:e4:cb:44:73:43:52:c6:38:5f:76:68:e5: cf:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:C4:4E:3A:FA:4B:0A:53:AF:49:1E:88:86:F7:0B:7A:98:58:FA:D3 X509v3 Authority Key Identifier: keyid:B5:2F:0F:3F:F7:37:1F:F1:CE:9D:82:3E:95:49:FC:11:58:B1:6A:2A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/tS8PP_c3H_HOnYI-lUn8EVixaio.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/z8ROOvpLClOvSR6IhvcLephY-tM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.66.43.0/24 Signature Algorithm: sha256WithRSAEncryption 8e:70:39:e0:82:08:a9:11:40:d8:2a:8d:1c:72:dc:86:6a:8d: 86:9f:6b:d4:61:72:84:a9:d8:c0:a2:28:39:ce:25:28:a0:2c: 3f:b9:2c:a6:6a:5b:f4:0f:03:79:45:62:bb:3a:aa:21:25:27: 82:55:d1:c3:7a:ac:19:15:02:5f:b4:de:74:f7:15:c3:0d:c1: 9a:c7:79:c7:ff:ae:ce:1a:10:44:44:2f:cb:5a:87:e3:46:2d: 70:09:68:85:58:74:42:6f:a6:3a:a2:43:4d:cf:14:f1:29:fd: af:50:fc:8c:6e:4e:71:ad:c5:e3:44:90:d8:c7:d6:09:6c:a8: ee:26:14:87:95:37:83:76:22:5d:31:b7:5d:57:72:42:56:73: 32:50:51:ae:e4:58:9f:f2:b2:55:48:97:ce:b3:0a:89:73:4d: 4d:9c:06:6b:dd:92:83:21:f3:da:21:d5:ac:14:ca:54:82:6f: 23:17:36:a1:ef:eb:ee:68:1c:bc:36:ef:db:ac:98:98:77:23: 21:8a:1a:5d:13:1f:dd:22:92:07:d8:52:d6:4d:cb:d1:48:28: 10:dc:d4:ff:8c:14:ce:4d:fe:1e:d5:e0:77:1a:27:d4:b8:b0: 4c:a2:c0:fc:87:ab:d9:9b:47:9d:b8:7b:77:a6:6f:a6:da:b5: b2:fb:c1:f1 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBEkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjUy RjBGM0ZGNzM3MUZGMUNFOUQ4MjNFOTU0OUZDMTE1OEIxNkEyQTAeFw0yNDExMDUw NzMyNTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKENGQzQ0RTNBRkE0QjBB NTNBRjQ5MUU4ODg2RjcwQjdBOTg1OEZBRDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9gGTf7m78zDerbkGqz5jsIG1E4XtK5Dpw6Z+ghL6g9ArZ004F Dqq7mPAW4jMeCsEg6VG9dRMX5RaG26fc+GpA92pppfjBgEV+ZB65s2Z/GrVVWmW4 oyv6AViF3ohVFPZztoGvgPXyV3cWdUIHSUYTvMFLilEsQMDue7xsLAzNyHOAkeyF Ci3PRT1lKKa81Ls20HEolICerSN2XQ/4lDh97ewkupBJCYEnQDJ77Ccfv9vnxbIx kjf1q4TehQMZlnX1DEZclZkxnnUp0YtBm/ZVM90SpHHWuC4hx6iYa3ixsO4WupwY LpAqzvXoBkD0+GBINuTLRHNDUsY4X3Zo5c8rAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUz8ROOvpLClOvSR6IhvcLephY+tMwHwYDVR0jBBgwFoAUtS8PP/c3H/HOnYI+ lUn8EVixaiowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3 Mi90UzhQUF9jM0hfSE9uWUktbFVuOEVWaXhhaW8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3RTOFBQX2MzSF9IT25ZSS1sVW44RVZpeGFpby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzIvejhST092cExDbE92 U1I2SWh2Y0xlcGhZLXRNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAJ1CKzANBgkqhkiG9w0BAQsFAAOCAQEAjnA54IIIqRFA2CqNHHLchmqNhp9r 1GFyhKnYwKIoOc4lKKAsP7kspmpb9A8DeUViuzqqISUnglXRw3qsGRUCX7TedPcV ww3Bmsd5x/+uzhoQREQvy1qH40YtcAlohVh0Qm+mOqJDTc8U8Sn9r1D8jG5Oca3F 40SQ2MfWCWyo7iYUh5U3g3YiXTG3XVdyQlZzMlBRruRYn/KyVUiXzrMKiXNNTZwG a92SgyHz2iHVrBTKVIJvIxc2oe/r7mgcvDbv26yYmHcjIYoaXRMf3SKSB9hS1k3L 0UgoENzU/4wUzk3+HtXgdxon1LiwTKLA/Ier2ZtHnbh7d6Zvptq1svvB8Q== -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:41 2024 by rpki-client on console-fra.rpki-client.org