$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/341/ypKy5DnFXlS8-unpzJOowoGg-gA.roa File: ypKy5DnFXlS8-unpzJOowoGg-gA.roa (raw, json) Hash identifier: gDYcqKXKtv1HCTnFqp0vhPbGUNBgnlnX0V6jA97m8zQ= Subject key identifier: CA:92:B2:E4:39:C5:5E:54:BC:FA:E9:E9:CC:93:A8:C2:81:A0:FA:00 Certificate issuer: /CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE Certificate serial: 1257 Authority key identifier: 85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/ypKy5DnFXlS8-unpzJOowoGg-gA.roa Signing time: Tue 24 Sep 2024 00:18:20 +0000 ROA not before: Tue 24 Sep 2024 00:18:20 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 37963 IP address blocks: 110.75.0.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4695 (0x1257) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE Validity Not Before: Sep 24 00:18:20 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=CA92B2E439C55E54BCFAE9E9CC93A8C281A0FA00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:a4:84:b4:ec:a5:ba:d6:49:92:a6:6e:1b:66: d3:3d:e2:5a:ac:76:94:e7:49:53:74:cc:2c:06:3a: 23:b1:e2:4e:bc:37:09:e4:7b:95:86:b4:8d:6a:35: 42:b0:2f:d2:7c:0f:84:92:7d:e5:48:a0:2f:28:a1: 20:77:ac:8b:83:ab:c8:66:c0:0e:b3:f4:d6:97:b9: 71:b0:54:e4:9f:b5:51:65:fd:e2:cf:4f:41:32:52: 7d:20:3d:7b:01:7f:ee:3d:61:5b:f5:d6:3c:62:d1: 68:78:80:47:ee:2d:09:c5:b0:cf:f0:4c:87:5f:1e: 68:67:97:42:f5:ee:d5:78:b1:64:08:bb:27:ba:bb: 87:84:e7:c6:3c:e8:40:97:18:41:f5:68:5a:ce:e9: 56:49:b2:af:c4:62:08:2f:97:d6:be:2f:79:bf:d6: 87:0c:20:9c:13:65:e8:67:e4:ec:0b:20:0f:e9:60: 76:36:e3:84:f5:89:93:f1:de:a7:4b:75:ca:13:a7: 44:a5:f8:39:17:b4:9a:ac:07:58:98:a1:f0:61:33: 69:70:39:2a:39:1e:9e:fe:23:20:10:6c:af:44:41: e6:4d:db:79:b1:ef:ab:29:0a:3a:ae:c7:db:b5:80: a8:89:2a:98:9c:54:4a:df:e0:33:db:6b:0c:f2:f9: e7:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:92:B2:E4:39:C5:5E:54:BC:FA:E9:E9:CC:93:A8:C2:81:A0:FA:00 X509v3 Authority Key Identifier: keyid:85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/ypKy5DnFXlS8-unpzJOowoGg-gA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.75.0.0/17 Signature Algorithm: sha256WithRSAEncryption 28:0c:5f:f7:89:f5:1f:6a:12:15:55:fb:32:a2:ab:f0:94:4f: c2:66:aa:e6:0a:f0:5f:82:fd:b5:6a:e1:dd:cd:73:49:ca:c3: ed:be:43:0b:38:02:03:9c:4b:56:3a:91:94:75:ae:c0:3d:66: 64:45:1d:f8:9c:08:70:e2:f9:8a:95:fd:41:58:ba:27:e4:ab: 52:82:cd:ce:11:e3:e8:a6:c2:46:90:cf:51:bd:63:98:6f:3b: 53:aa:d1:90:f3:5a:4b:d5:4c:92:8b:e3:36:52:c7:b4:9b:b9: ce:77:37:2b:31:42:6c:88:26:1e:95:9c:96:0c:58:50:8b:53: e4:26:40:f7:28:46:95:46:8e:d7:1d:7a:46:b8:a6:57:ac:53: 92:f4:1d:ed:4c:64:13:20:6d:8f:b9:62:b1:fc:12:e3:59:8e: b9:ab:22:a1:fb:45:61:55:74:2d:91:49:22:e5:be:ce:96:72: 99:86:34:ed:cc:e7:f8:c6:e9:9c:a6:3f:90:37:8f:5b:9a:a4: 46:89:01:0c:76:94:4d:9f:3e:d2:a9:38:9b:bd:c7:f6:55:4f: 21:21:cf:dd:75:33:23:ca:60:d9:e1:6e:1a:ac:2c:1d:11:a9: fe:88:16:34:82:1c:5c:1c:81:36:af:ef:fe:66:d3:9e:66:ef: 21:b9:26:b6 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICElcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODU2 REE4NUY5QThBMjg2QjY1Mjg3MEQ0RTQ3NjM1RkYzRDBFOTJBRTAeFw0yNDA5MjQw MDE4MjBaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKENBOTJCMkU0MzlDNTVF NTRCQ0ZBRTlFOUNDOTNBOEMyODFBMEZBMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDgpIS07KW61kmSpm4bZtM94lqsdpTnSVN0zCwGOiOx4k68Nwnk e5WGtI1qNUKwL9J8D4SSfeVIoC8ooSB3rIuDq8hmwA6z9NaXuXGwVOSftVFl/eLP T0EyUn0gPXsBf+49YVv11jxi0Wh4gEfuLQnFsM/wTIdfHmhnl0L17tV4sWQIuye6 u4eE58Y86ECXGEH1aFrO6VZJsq/EYggvl9a+L3m/1ocMIJwTZehn5OwLIA/pYHY2 44T1iZPx3qdLdcoTp0Sl+DkXtJqsB1iYofBhM2lwOSo5Hp7+IyAQbK9EQeZN23mx 76spCjqux9u1gKiJKpicVErf4DPbawzy+efZAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUypKy5DnFXlS8+unpzJOowoGg+gAwHwYDVR0jBBgwFoAUhW2oX5qKKGtlKHDU 5HY1/z0Okq4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQx L2hXMm9YNXFLS0d0bEtIRFU1SFkxX3owT2txNC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvaFcyb1g1cUtLR3RsS0hEVTVIWTFfejBPa3E0LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQxL3lwS3k1RG5GWGxTOC11 bnB6Sk9vd29HZy1nQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAduSwAwDQYJKoZIhvcNAQELBQADggEBACgMX/eJ9R9qEhVV+zKiq/CUT8JmquYK 8F+C/bVq4d3Nc0nKw+2+Qws4AgOcS1Y6kZR1rsA9ZmRFHficCHDi+YqV/UFYuifk q1KCzc4R4+imwkaQz1G9Y5hvO1Oq0ZDzWkvVTJKL4zZSx7Sbuc53NysxQmyIJh6V nJYMWFCLU+QmQPcoRpVGjtcdeka4plesU5L0He1MZBMgbY+5YrH8EuNZjrmrIqH7 RWFVdC2RSSLlvs6WcpmGNO3M5/jG6ZymP5A3j1uapEaJAQx2lE2fPtKpOJu9x/ZV TyEhz911MyPKYNnhbhqsLB0Rqf6IFjSCHFwcgTav7/5m055m7yG5JrY= -----END CERTIFICATE-----Generated at Fri Nov 22 17:36:47 2024 by rpki-client on console-ams.rpki-client.org