$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/341/YlCQD3AjiqC3RuG7BCeswbJ5P2E.roa File: YlCQD3AjiqC3RuG7BCeswbJ5P2E.roa (raw, json) Hash identifier: kGTr41hKY1BAtXqj//es7tMkaKDsdWPhcNwgsScpVj4= Subject key identifier: 62:50:90:0F:70:23:8A:A0:B7:46:E1:BB:04:27:AC:C1:B2:79:3F:61 Certificate issuer: /CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE Certificate serial: 1256 Authority key identifier: 85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/YlCQD3AjiqC3RuG7BCeswbJ5P2E.roa Signing time: Tue 24 Sep 2024 00:18:20 +0000 ROA not before: Tue 24 Sep 2024 00:18:20 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 37963 IP address blocks: 110.75.0.0/18 maxlen: 24 110.75.64.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4694 (0x1256) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE Validity Not Before: Sep 24 00:18:20 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=6250900F70238AA0B746E1BB0427ACC1B2793F61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:e2:be:cc:de:c4:f1:49:2d:37:f6:e0:31:41: fe:c7:5f:48:98:ed:8d:04:75:ab:4a:a2:01:7c:de: 1a:f3:52:3b:bc:fc:ae:e4:70:5d:00:78:2a:69:2c: 6a:0d:b8:ca:8c:de:85:34:e4:88:c2:b7:56:67:dc: 5c:85:e8:8a:10:3f:b5:7d:6f:c6:ea:29:20:bc:d5: 7f:83:ca:3e:7b:e3:52:8d:c3:f9:04:fb:4c:ef:a8: 68:fe:ef:b5:9d:67:62:52:38:0a:9f:5f:cb:9f:80: 18:1f:59:4e:c4:98:5d:df:25:5f:2d:3d:54:48:ec: 68:0a:c2:6c:ed:40:bc:5b:2b:5b:bd:ae:e0:ef:59: ae:35:27:da:fb:13:2a:6b:ce:30:c9:ff:9a:3c:cd: 3e:49:6c:04:b6:d7:51:f2:76:b2:5c:58:47:d1:59: 1b:b9:76:0f:eb:25:2f:9f:19:eb:31:46:3a:07:c5: dc:42:83:88:13:89:94:53:6f:5e:e2:7f:f8:b2:24: 34:e8:65:67:03:e0:38:12:34:9d:0f:dd:7b:ce:40: 69:eb:1b:40:e5:fd:4e:a3:91:d9:99:ed:1b:81:87: 36:36:7a:e6:9f:2c:a2:a7:20:b7:d0:1b:99:ac:51: db:02:bf:d3:28:8e:f4:e2:5a:6e:be:4e:db:d6:a4: e0:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:50:90:0F:70:23:8A:A0:B7:46:E1:BB:04:27:AC:C1:B2:79:3F:61 X509v3 Authority Key Identifier: keyid:85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/YlCQD3AjiqC3RuG7BCeswbJ5P2E.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.75.0.0/17 Signature Algorithm: sha256WithRSAEncryption 8b:a1:34:13:5d:0f:da:02:3c:aa:40:e3:5e:fe:94:39:47:f9: a5:a9:53:15:cd:ab:24:f8:fa:ca:c7:8b:21:00:a1:f9:0a:83: 30:18:56:4a:7f:ac:c6:bd:8f:3b:c4:6b:aa:f3:71:44:76:aa: 4d:1c:e5:94:dd:3f:62:a1:ef:8e:a1:eb:89:55:e2:b8:cc:9b: ce:35:0c:fd:e3:b4:84:28:42:fc:30:2d:27:1c:bd:fd:3e:bf: 47:68:da:ce:ba:61:ff:58:9a:4a:bd:4d:fb:86:88:9c:9c:32: 33:06:85:a0:ad:58:23:88:8a:ee:5a:01:65:81:2e:0d:b4:1d: ad:af:47:58:25:85:2b:a9:f2:db:69:83:be:a5:09:1b:a0:89: c7:cd:05:45:0f:cd:ea:9a:d7:9f:4d:23:ce:54:fd:df:9a:69: b5:ea:2d:bf:5a:63:45:ea:94:51:4c:3d:ee:f7:be:d8:8f:58: f5:36:97:17:a3:1b:96:a0:92:cb:47:82:91:a7:76:3a:8e:f2: 2b:b5:6d:c8:d4:68:46:78:ed:52:29:f4:cc:67:4c:17:63:80: 62:e5:e2:e2:d2:86:7c:85:79:3e:a6:12:5d:de:b4:2e:c6:fc: 87:82:83:5b:84:69:51:86:76:28:73:51:b8:26:b7:77:46:05: 16:17:bc:ec -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICElYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODU2 REE4NUY5QThBMjg2QjY1Mjg3MEQ0RTQ3NjM1RkYzRDBFOTJBRTAeFw0yNDA5MjQw MDE4MjBaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDYyNTA5MDBGNzAyMzhB QTBCNzQ2RTFCQjA0MjdBQ0MxQjI3OTNGNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCk4r7M3sTxSS039uAxQf7HX0iY7Y0EdatKogF83hrzUju8/K7k cF0AeCppLGoNuMqM3oU05IjCt1Zn3FyF6IoQP7V9b8bqKSC81X+Dyj5741KNw/kE +0zvqGj+77WdZ2JSOAqfX8ufgBgfWU7EmF3fJV8tPVRI7GgKwmztQLxbK1u9ruDv Wa41J9r7EyprzjDJ/5o8zT5JbAS211HydrJcWEfRWRu5dg/rJS+fGesxRjoHxdxC g4gTiZRTb17if/iyJDToZWcD4DgSNJ0P3XvOQGnrG0Dl/U6jkdmZ7RuBhzY2euaf LKKnILfQG5msUdsCv9MojvTiWm6+TtvWpOCHAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUYlCQD3AjiqC3RuG7BCeswbJ5P2EwHwYDVR0jBBgwFoAUhW2oX5qKKGtlKHDU 5HY1/z0Okq4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQx L2hXMm9YNXFLS0d0bEtIRFU1SFkxX3owT2txNC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvaFcyb1g1cUtLR3RsS0hEVTVIWTFfejBPa3E0LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQxL1lsQ1FEM0FqaXFDM1J1 RzdCQ2Vzd2JKNVAyRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAduSwAwDQYJKoZIhvcNAQELBQADggEBAIuhNBNdD9oCPKpA417+lDlH+aWpUxXN qyT4+srHiyEAofkKgzAYVkp/rMa9jzvEa6rzcUR2qk0c5ZTdP2Kh746h64lV4rjM m841DP3jtIQoQvwwLSccvf0+v0do2s66Yf9Ymkq9TfuGiJycMjMGhaCtWCOIiu5a AWWBLg20Ha2vR1glhSup8ttpg76lCRugicfNBUUPzeqa159NI85U/d+aabXqLb9a Y0XqlFFMPe73vtiPWPU2lxejG5agkstHgpGndjqO8iu1bcjUaEZ47VIp9MxnTBdj gGLl4uLShnyFeT6mEl3etC7G/IeCg1uEaVGGdihzUbgmt3dGBRYXvOw= -----END CERTIFICATE-----Generated at Fri Nov 22 17:36:47 2024 by rpki-client on console-ams.rpki-client.org