$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/332/9T0IF7icIXDuSgvZefih8jYyOyM.roa File: 9T0IF7icIXDuSgvZefih8jYyOyM.roa (raw, json) Hash identifier: 8bqqIGGnPgEwZnjLWgIOsds+Au6iNQdRYY0N3IsR6rE= Subject key identifier: F5:3D:08:17:B8:9C:21:70:EE:4A:0B:D9:79:F8:A1:F2:36:32:3B:23 Certificate issuer: /CN=8646EA74356E704AEDD163ECA94E5A442308DF78 Certificate serial: 1B17 Authority key identifier: 86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/9T0IF7icIXDuSgvZefih8jYyOyM.roa Signing time: Fri 24 May 2024 02:26:48 +0000 ROA not before: Fri 24 May 2024 02:26:48 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24424 IP address blocks: 203.208.32.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/hkbqdDVucErt0WPsqU5aRCMI33g.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/hkbqdDVucErt0WPsqU5aRCMI33g.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:25:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6935 (0x1b17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8646EA74356E704AEDD163ECA94E5A442308DF78 Validity Not Before: May 24 02:26:48 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=F53D0817B89C2170EE4A0BD979F8A1F236323B23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:ff:db:66:5e:2c:71:07:dc:51:88:3b:44:31: 1a:bf:01:6a:bf:9a:45:d4:eb:17:1f:2e:7c:b6:4d: fc:67:a8:26:ed:40:a7:6b:31:14:ec:74:d0:17:29: 9a:4b:de:4a:38:ad:24:7e:8a:6e:96:07:12:85:75: 64:b1:e8:07:50:3d:77:28:ac:fd:af:80:fc:21:05: dc:88:0e:06:ef:93:07:f8:45:c8:0f:b6:67:cd:0d: 30:13:fa:79:94:cc:b5:c5:1c:16:cc:4b:84:cd:dd: b3:ac:fd:e8:a4:f8:0c:1d:d8:1d:81:a2:d3:d6:4f: c3:ca:01:ec:4e:3a:cb:0a:0c:a7:64:bc:fd:42:fb: a8:bd:21:82:b0:e8:ab:bd:b3:15:5e:07:0c:b1:95: 43:b5:36:e1:f2:bf:30:92:59:d1:05:71:1d:00:98: 6d:75:8d:71:ad:73:7b:09:ee:f0:dd:4d:50:91:02: d3:73:8f:04:15:d6:3d:fa:2d:17:c2:00:42:4c:0a: cd:70:00:fb:82:55:dc:0b:9d:e5:6f:f0:8d:ca:89: 60:c1:39:e0:55:1e:2f:57:93:2c:6a:20:71:1b:6f: cb:08:41:fa:e6:64:d2:72:72:d7:b6:12:ff:92:24: ac:3e:ff:5f:33:88:ea:33:5d:3c:3e:dd:f7:86:58: b3:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:3D:08:17:B8:9C:21:70:EE:4A:0B:D9:79:F8:A1:F2:36:32:3B:23 X509v3 Authority Key Identifier: keyid:86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/hkbqdDVucErt0WPsqU5aRCMI33g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/9T0IF7icIXDuSgvZefih8jYyOyM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.208.32.0/19 Signature Algorithm: sha256WithRSAEncryption 95:41:71:a2:3c:f8:79:f3:78:b6:5e:5b:0e:8e:cf:8a:0f:06: 8b:22:3a:c4:5e:f3:d2:a9:9b:65:7e:59:8c:4a:fe:05:e7:b8: d5:42:7b:2d:c4:b3:1c:16:82:0f:19:8f:21:55:16:23:0c:0a: 4a:d2:a7:10:75:7f:f6:8b:bf:bb:5f:20:2e:49:21:74:0c:7e: 09:6b:11:2e:11:e6:bd:30:71:6c:40:32:27:fa:0a:2a:aa:d8: 6b:1d:ed:1f:dc:e6:4e:88:d2:7a:11:da:b1:1d:6e:31:f1:e4: 1f:86:38:23:2e:1a:a4:28:7a:b7:1b:3f:89:4f:85:1f:1d:80: 8d:cc:04:23:22:e5:7d:7c:ae:6e:e8:df:4d:4f:62:fc:33:53: 47:a4:9c:d5:7a:82:c8:9d:cd:91:2e:64:40:70:b9:26:98:bb: f9:6f:a6:d5:5a:95:ef:11:a7:06:36:7d:cd:68:e7:5b:00:48: 26:7d:bb:ef:46:bd:3c:bc:e8:e8:0b:c6:27:13:2f:9e:43:fe: 03:25:3b:11:8c:3a:53:8e:ea:13:81:b0:76:96:6f:a1:11:98: 2f:6a:d6:2d:17:ee:59:5f:36:f4:1d:03:3c:34:0e:44:86:8a: d5:e2:8d:38:9a:75:0f:e1:70:47:a2:6e:ab:d8:54:7e:37:e1: 5f:5c:ca:a0 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGxcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODY0 NkVBNzQzNTZFNzA0QUVERDE2M0VDQTk0RTVBNDQyMzA4REY3ODAeFw0yNDA1MjQw MjI2NDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY1M0QwODE3Qjg5QzIx NzBFRTRBMEJEOTc5RjhBMUYyMzYzMjNCMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCy/9tmXixxB9xRiDtEMRq/AWq/mkXU6xcfLny2TfxnqCbtQKdr MRTsdNAXKZpL3ko4rSR+im6WBxKFdWSx6AdQPXcorP2vgPwhBdyIDgbvkwf4RcgP tmfNDTAT+nmUzLXFHBbMS4TN3bOs/eik+Awd2B2BotPWT8PKAexOOssKDKdkvP1C +6i9IYKw6Ku9sxVeBwyxlUO1NuHyvzCSWdEFcR0AmG11jXGtc3sJ7vDdTVCRAtNz jwQV1j36LRfCAEJMCs1wAPuCVdwLneVv8I3KiWDBOeBVHi9XkyxqIHEbb8sIQfrm ZNJycte2Ev+SJKw+/18ziOozXTw+3feGWLMZAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU9T0IF7icIXDuSgvZefih8jYyOyMwHwYDVR0jBBgwFoAUhkbqdDVucErt0WPs qU5aRCMI33gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy L2hrYnFkRFZ1Y0VydDBXUHNxVTVhUkNNSTMzZy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvaGticWREVnVjRXJ0MFdQc3FVNWFSQ01JMzNnLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMyLzlUMElGN2ljSVhEdVNn dlplZmloOGpZeU95TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAXL0CAwDQYJKoZIhvcNAQELBQADggEBAJVBcaI8+HnzeLZeWw6Oz4oPBosiOsRe 89Kpm2V+WYxK/gXnuNVCey3EsxwWgg8ZjyFVFiMMCkrSpxB1f/aLv7tfIC5JIXQM fglrES4R5r0wcWxAMif6Ciqq2Gsd7R/c5k6I0noR2rEdbjHx5B+GOCMuGqQoercb P4lPhR8dgI3MBCMi5X18rm7o301PYvwzU0eknNV6gsidzZEuZEBwuSaYu/lvptVa le8RpwY2fc1o51sASCZ9u+9GvTy86OgLxicTL55D/gMlOxGMOlOO6hOBsHaWb6ER mC9q1i0X7llfNvQdAzw0DkSGitXijTiadQ/hcEeibqvYVH434V9cyqA= -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:43 2024 by rpki-client on console-ams.rpki-client.org