$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/341/ocK-ORxKYmf2DtvUYrIetxn855Q.roa File: ocK-ORxKYmf2DtvUYrIetxn855Q.roa (raw, json) Hash identifier: KDxi1ZiFF9WnBu8/Kavjv7oD6T1J3cDFDiRF4nc6IOU= Subject key identifier: A1:C2:BE:39:1C:4A:62:67:F6:0E:DB:D4:62:B2:1E:B7:19:FC:E7:94 Certificate issuer: /CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE Certificate serial: 0D38 Authority key identifier: 85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/ocK-ORxKYmf2DtvUYrIetxn855Q.roa Signing time: Tue 02 Jan 2024 06:18:13 +0000 ROA not before: Tue 02 Jan 2024 06:18:13 +0000 ROA not after: Tue 08 Oct 2024 00:16:33 +0000 asID: 37963 IP address blocks: 110.75.0.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 01 Jul 2024 15:14:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3384 (0xd38) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE Validity Not Before: Jan 2 06:18:13 2024 GMT Not After : Oct 8 00:16:33 2024 GMT Subject: CN=A1C2BE391C4A6267F60EDBD462B21EB719FCE794 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:2d:1c:e9:d8:30:83:2a:aa:3c:88:9e:99:75: 3b:1e:f5:0a:2d:9b:0b:bb:1b:5f:87:7d:64:a1:8b: 35:0b:66:ee:41:ff:49:51:f8:93:77:59:44:be:21: 5b:fb:07:b3:8a:1c:38:d2:6b:af:0f:9e:11:8c:d5: 9e:8b:04:0e:57:ed:9c:18:f5:95:70:da:ed:94:f1: 1c:6c:0d:da:2f:99:64:fc:b6:ad:2e:c6:77:76:af: 7f:49:83:68:1c:61:1d:1b:92:36:0a:48:94:90:98: 6d:42:2f:7c:5d:e3:08:8f:11:60:97:95:36:30:ec: d9:b5:15:bf:c2:c4:79:41:1c:c8:14:88:26:35:53: e6:9a:49:01:d8:8f:6e:4e:ae:72:b8:9e:2c:8d:e9: d0:b1:bb:18:6b:69:e0:3f:4d:af:f1:ae:a4:80:23: e4:25:47:ba:52:9d:41:81:ff:a2:ab:b5:5b:9e:6d: 65:70:41:60:bd:03:f4:f1:0c:75:b5:9c:e3:a1:2c: ff:9c:e8:15:24:c9:f8:5d:07:e0:76:ae:f3:ef:92: 22:1a:a4:7d:89:1c:2e:5d:41:16:c3:0f:bf:63:4c: ca:25:50:d5:bf:c9:cc:33:8f:26:af:67:b0:be:1e: 10:59:ab:ab:31:80:00:9e:fd:8b:d3:dd:57:68:93: 0e:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:C2:BE:39:1C:4A:62:67:F6:0E:DB:D4:62:B2:1E:B7:19:FC:E7:94 X509v3 Authority Key Identifier: keyid:85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/ocK-ORxKYmf2DtvUYrIetxn855Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.75.0.0/17 Signature Algorithm: sha256WithRSAEncryption 00:6a:45:a0:2d:75:da:7b:31:67:02:64:d7:e2:07:42:05:62: 4e:38:60:f3:fd:69:05:b2:2d:50:88:a8:9c:b7:f7:ad:ae:cc: d2:4c:b8:8b:e0:e7:5e:6f:e7:0a:9e:9f:a6:04:0e:c2:64:eb: 1f:71:b9:7a:ed:89:c5:2d:ce:8c:a2:cc:98:2f:61:53:29:38: 3b:39:da:a3:37:43:23:6a:0f:35:be:e3:41:41:01:ad:f2:c5: ca:ad:06:a2:d2:3b:12:95:88:a9:cd:19:c0:5b:29:2d:f2:d9: eb:24:ac:9d:e4:56:85:e2:a2:31:b7:96:7d:fb:65:6e:ef:2a: 4b:5d:2b:cc:69:11:f5:50:35:4c:4d:86:2a:1f:61:8d:ea:03: 20:38:8a:56:78:c0:79:a9:19:0f:5d:f2:c4:66:14:10:2c:4e: a0:85:e4:7c:21:1c:bb:92:3e:99:7f:3e:22:c0:d8:b3:e7:00: 21:c9:f7:d0:dc:ca:21:97:66:fa:1c:01:d2:98:30:ff:88:e9: 8c:e4:f1:35:e7:d4:9c:48:81:68:c4:f6:61:63:34:a6:ff:f6: 6d:83:83:4a:d6:b2:17:46:63:d2:aa:2b:06:5a:05:4d:80:2a: 51:e1:32:3a:8d:11:8d:97:99:51:7d:04:ac:15:30:de:eb:57: 50:a4:8b:a1 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDTgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODU2 REE4NUY5QThBMjg2QjY1Mjg3MEQ0RTQ3NjM1RkYzRDBFOTJBRTAeFw0yNDAxMDIw NjE4MTNaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKEExQzJCRTM5MUM0QTYy NjdGNjBFREJENDYyQjIxRUI3MTlGQ0U3OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWLRzp2DCDKqo8iJ6ZdTse9Qotmwu7G1+HfWShizULZu5B/0lR +JN3WUS+IVv7B7OKHDjSa68PnhGM1Z6LBA5X7ZwY9ZVw2u2U8RxsDdovmWT8tq0u xnd2r39Jg2gcYR0bkjYKSJSQmG1CL3xd4wiPEWCXlTYw7Nm1Fb/CxHlBHMgUiCY1 U+aaSQHYj25OrnK4niyN6dCxuxhraeA/Ta/xrqSAI+QlR7pSnUGB/6KrtVuebWVw QWC9A/TxDHW1nOOhLP+c6BUkyfhdB+B2rvPvkiIapH2JHC5dQRbDD79jTMolUNW/ ycwzjyavZ7C+HhBZq6sxgACe/YvT3Vdokw7tAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUocK+ORxKYmf2DtvUYrIetxn855QwHwYDVR0jBBgwFoAUhW2oX5qKKGtlKHDU 5HY1/z0Okq4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQx L2hXMm9YNXFLS0d0bEtIRFU1SFkxX3owT2txNC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvaFcyb1g1cUtLR3RsS0hEVTVIWTFfejBPa3E0LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQxL29jSy1PUnhLWW1mMkR0 dlVZcklldHhuODU1US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAduSwAwDQYJKoZIhvcNAQELBQADggEBAABqRaAtddp7MWcCZNfiB0IFYk44YPP9 aQWyLVCIqJy3962uzNJMuIvg515v5wqen6YEDsJk6x9xuXrticUtzoyizJgvYVMp ODs52qM3QyNqDzW+40FBAa3yxcqtBqLSOxKViKnNGcBbKS3y2eskrJ3kVoXiojG3 ln37ZW7vKktdK8xpEfVQNUxNhiofYY3qAyA4ilZ4wHmpGQ9d8sRmFBAsTqCF5Hwh HLuSPpl/PiLA2LPnACHJ99DcyiGXZvocAdKYMP+I6Yzk8TXn1JxIgWjE9mFjNKb/ 9m2Dg0rWshdGY9KqKwZaBU2AKlHhMjqNEY2XmVF9BKwVMN7rV1Cki6E= -----END CERTIFICATE-----Generated at Mon Jul 1 12:12:31 2024 by rpki-client on console-ams.rpki-client.org