$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/341/z9beivnha-gnfNZMzvpbbwNA1lc.roa File: z9beivnha-gnfNZMzvpbbwNA1lc.roa (raw, json) Hash identifier: XTV18tUSXRlcbrAQcT76J6UkhTf1cdK9dypaD9JfPRI= Subject key identifier: CF:D6:DE:8A:F9:E1:6B:E8:27:7C:D6:4C:CE:FA:5B:6F:03:40:D6:57 Certificate issuer: /CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE Certificate serial: 0D37 Authority key identifier: 85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/z9beivnha-gnfNZMzvpbbwNA1lc.roa Signing time: Tue 02 Jan 2024 06:18:13 +0000 ROA not before: Tue 02 Jan 2024 06:18:13 +0000 ROA not after: Tue 08 Oct 2024 00:16:33 +0000 asID: 37963 IP address blocks: 110.75.0.0/18 maxlen: 24 110.75.64.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 01 Jul 2024 15:14:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3383 (0xd37) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE Validity Not Before: Jan 2 06:18:13 2024 GMT Not After : Oct 8 00:16:33 2024 GMT Subject: CN=CFD6DE8AF9E16BE8277CD64CCEFA5B6F0340D657 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:a3:53:06:2e:c1:20:9a:ce:77:6f:51:59:2c: bf:e9:b7:a8:21:f8:82:89:78:3c:e7:6f:c7:06:2c: d7:8d:ba:b9:aa:ff:fd:2e:0d:43:f0:b2:ad:67:bb: a7:e3:4f:61:4d:3f:77:2c:ad:82:5c:fe:ea:dc:d0: 04:9e:76:a9:b7:f3:48:73:0b:0c:bd:2e:84:10:51: 4f:d5:44:68:21:6c:53:b1:0e:d8:00:0e:ac:88:8b: 70:5c:6c:e7:e8:60:5d:6c:16:e8:3b:75:c3:e0:1b: 75:9b:26:5f:ee:97:fa:b7:b1:3a:74:cf:83:b1:db: 92:f2:ce:b2:c6:77:78:d3:23:80:85:d9:15:5e:2e: c6:bd:27:b8:13:89:82:92:74:8e:43:a1:8f:80:b4: 1b:f7:f6:04:21:a2:02:99:a1:e6:38:ca:8b:ee:96: 97:30:02:63:95:dc:89:4e:db:83:fc:47:60:08:52: 2c:5f:51:ad:38:1a:f8:cf:59:1b:9b:00:26:18:58: 9d:95:04:19:a8:93:66:41:80:27:ec:10:47:48:8f: fc:dc:4b:0b:55:f0:45:93:bb:d0:90:f3:6c:3a:48: 45:e9:14:1e:28:45:6c:d5:76:c2:23:3b:24:4f:2a: 79:b7:61:7a:a9:70:fb:23:8e:c5:ba:cc:ed:1f:e6: 26:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:D6:DE:8A:F9:E1:6B:E8:27:7C:D6:4C:CE:FA:5B:6F:03:40:D6:57 X509v3 Authority Key Identifier: keyid:85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/z9beivnha-gnfNZMzvpbbwNA1lc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.75.0.0/17 Signature Algorithm: sha256WithRSAEncryption 5f:e5:94:a9:27:8d:64:77:3a:85:fc:0c:5e:c8:9d:37:97:99: e7:38:d4:57:cc:36:a7:36:ee:f7:22:e8:86:c2:df:52:0f:b6: 68:44:ed:9f:d4:17:45:a6:d8:50:0c:3d:20:1c:16:48:e2:f9: ba:6a:0c:89:6d:ff:24:92:c6:70:42:85:40:fe:bf:6c:56:77: f0:f7:fc:98:c8:d6:62:10:57:5f:c4:d6:2f:19:54:4e:50:99: 6a:3a:75:82:95:1b:e9:d4:a7:71:e4:56:fb:08:1a:3a:b8:3f: 85:86:68:99:94:a3:cb:f4:47:cb:0f:4f:1c:20:46:e9:fe:ba: 8f:7d:0c:54:c8:6a:4e:e9:1f:6a:f9:56:4f:3d:97:e3:ae:a2: 6d:6f:f9:9c:76:9f:99:a9:5f:a4:6d:09:9f:df:4d:52:2b:2d: 0f:2b:17:c0:5e:9e:e8:a9:74:54:fc:d8:c7:ac:95:f5:15:2a: b5:46:c6:25:a8:da:f5:0f:e8:87:50:d2:aa:da:45:a0:df:96: e5:e7:7b:e6:c5:00:f5:7e:3a:67:a4:38:94:40:11:05:ac:b9: f6:3d:72:65:dc:30:62:52:6c:0f:3c:99:03:23:cd:2e:99:91: 17:ac:54:16:11:55:3e:cd:0f:6e:05:21:cf:3f:01:a3:10:8d: d4:1c:fb:d9 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDTcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODU2 REE4NUY5QThBMjg2QjY1Mjg3MEQ0RTQ3NjM1RkYzRDBFOTJBRTAeFw0yNDAxMDIw NjE4MTNaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKENGRDZERThBRjlFMTZC RTgyNzdDRDY0Q0NFRkE1QjZGMDM0MEQ2NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCho1MGLsEgms53b1FZLL/pt6gh+IKJeDznb8cGLNeNurmq//0u DUPwsq1nu6fjT2FNP3csrYJc/urc0ASedqm380hzCwy9LoQQUU/VRGghbFOxDtgA DqyIi3BcbOfoYF1sFug7dcPgG3WbJl/ul/q3sTp0z4Ox25LyzrLGd3jTI4CF2RVe Lsa9J7gTiYKSdI5DoY+AtBv39gQhogKZoeY4yovulpcwAmOV3IlO24P8R2AIUixf Ua04GvjPWRubACYYWJ2VBBmok2ZBgCfsEEdIj/zcSwtV8EWTu9CQ82w6SEXpFB4o RWzVdsIjOyRPKnm3YXqpcPsjjsW6zO0f5ibzAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUz9beivnha+gnfNZMzvpbbwNA1lcwHwYDVR0jBBgwFoAUhW2oX5qKKGtlKHDU 5HY1/z0Okq4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQx L2hXMm9YNXFLS0d0bEtIRFU1SFkxX3owT2txNC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvaFcyb1g1cUtLR3RsS0hEVTVIWTFfejBPa3E0LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQxL3o5YmVpdm5oYS1nbmZO Wk16dnBiYndOQTFsYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAduSwAwDQYJKoZIhvcNAQELBQADggEBAF/llKknjWR3OoX8DF7InTeXmec41FfM Nqc27vci6IbC31IPtmhE7Z/UF0Wm2FAMPSAcFkji+bpqDIlt/ySSxnBChUD+v2xW d/D3/JjI1mIQV1/E1i8ZVE5QmWo6dYKVG+nUp3HkVvsIGjq4P4WGaJmUo8v0R8sP TxwgRun+uo99DFTIak7pH2r5Vk89l+Ouom1v+Zx2n5mpX6RtCZ/fTVIrLQ8rF8Be nuipdFT82MeslfUVKrVGxiWo2vUP6IdQ0qraRaDfluXne+bFAPV+OmekOJRAEQWs ufY9cmXcMGJSbA88mQMjzS6ZkResVBYRVT7ND24FIc8/AaMQjdQc+9k= -----END CERTIFICATE-----Generated at Mon Jul 1 11:16:20 2024 by rpki-client on console-fra.rpki-client.org