$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/1gT41DGJmmD9as8xESyxXtkidlU.roa File: 1gT41DGJmmD9as8xESyxXtkidlU.roa (raw, json) Hash identifier: vCEOGTEWEczBNbcj2tYnyF6hlDHUrfCU8W57l6790Eo= Subject key identifier: D6:04:F8:D4:31:89:9A:60:FD:6A:CF:31:11:2C:B1:5E:D9:22:76:55 Certificate issuer: /CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Certificate serial: 123E Authority key identifier: B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/1gT41DGJmmD9as8xESyxXtkidlU.roa Signing time: Thu 12 Sep 2024 15:06:59 +0000 ROA not before: Thu 12 Sep 2024 15:06:59 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 37963 IP address blocks: 112.124.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:22:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4670 (0x123e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Validity Not Before: Sep 12 15:06:59 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=D604F8D431899A60FD6ACF31112CB15ED9227655 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:91:23:fa:32:43:e0:6d:a0:fb:68:1f:4c:05: a3:cf:66:47:ff:be:d6:cd:8a:ca:d7:db:bd:4b:dc: dc:71:71:ee:96:a3:4d:c1:77:d6:e9:36:c9:ce:f8: aa:fd:ac:fe:a0:3a:d5:12:d4:12:b1:42:7a:c5:69: e3:f7:0b:24:b9:14:c2:17:03:1b:00:cc:b9:2e:a4: b1:21:c8:e3:ad:13:0c:a9:d2:7c:5e:0e:82:5c:7a: 60:ff:5a:be:7b:cb:89:41:d5:6c:b1:97:9d:a4:a0: 6f:e5:c6:3f:f4:fd:7c:56:63:7b:be:bf:b4:0e:47: b8:eb:09:d7:ea:36:f6:61:5f:87:0d:7b:13:e2:cd: 64:8d:14:fd:8a:ea:40:83:78:bd:63:de:1c:bd:fd: b7:de:7f:31:cb:24:c6:f8:3d:8b:35:e3:cd:7a:56: 98:e8:f8:60:79:42:df:1b:da:55:d9:a5:e1:fe:7d: 25:b6:22:54:a6:35:01:b9:1c:b2:52:2f:e3:42:60: ea:29:46:b8:cb:70:55:18:92:ba:63:f0:8b:e8:48: 88:39:8c:11:0a:2a:1b:67:69:6e:4d:e2:d2:c9:95: f4:36:f0:34:4f:77:1e:b6:70:e3:ec:f2:e0:93:5f: 26:56:b7:2c:c9:65:56:43:7a:79:81:da:ab:04:d4: e1:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:04:F8:D4:31:89:9A:60:FD:6A:CF:31:11:2C:B1:5E:D9:22:76:55 X509v3 Authority Key Identifier: keyid:B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/1gT41DGJmmD9as8xESyxXtkidlU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 112.124.0.0/16 Signature Algorithm: sha256WithRSAEncryption 3e:2a:67:8e:3b:aa:06:85:23:62:09:7f:49:65:ac:8d:ab:b2: b8:56:75:2a:0b:f3:89:5a:46:52:ab:eb:69:85:df:42:a3:51: 5e:9e:d6:21:49:35:7d:03:f6:7d:ce:d6:51:30:c2:5d:d7:0a: 9b:52:48:5d:b9:b4:bb:45:6e:49:f6:c3:04:21:c4:7e:d7:75: c5:0e:6f:44:11:9b:19:41:fc:66:c0:6d:70:fd:62:7d:a9:88: 28:4f:a0:d7:0e:eb:92:fc:c8:96:a7:e9:95:af:97:6e:92:84: 71:c5:fd:52:af:a3:fb:3f:ac:2e:4e:4a:52:1d:b7:1e:f1:ca: 65:83:bc:de:c6:92:25:a7:ab:31:bb:2e:d9:74:9e:83:b5:dc: 2b:b8:5f:bd:cc:5f:28:5d:5f:fd:12:a8:f8:5f:86:9f:c2:57: 94:f6:6f:6e:df:bd:8a:54:59:92:cb:c1:7e:5f:ce:cd:87:91: f7:89:e1:07:79:7a:04:c8:b4:15:e1:30:9b:ba:20:06:2d:f6: 86:61:67:da:3b:56:9e:31:3d:68:f9:eb:09:6e:13:40:43:75: 26:f5:d9:d9:16:a7:3a:f7:21:41:3c:6a:9a:be:04:a1:38:68: 7c:30:6b:4a:c2:b5:b1:13:84:82:c8:10:97:77:c3:dc:2f:66: 77:b0:6e:0f -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICEj4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjNC QTZBRUYzQjhGQTJFNUQ5QjVFNDM0MzhFMDAyMEQ0MjZBMUVDQTAeFw0yNDA5MTIx NTA2NTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ2MDRGOEQ0MzE4OTlB NjBGRDZBQ0YzMTExMkNCMTVFRDkyMjc2NTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwkSP6MkPgbaD7aB9MBaPPZkf/vtbNisrX271L3Nxxce6Wo03B d9bpNsnO+Kr9rP6gOtUS1BKxQnrFaeP3CyS5FMIXAxsAzLkupLEhyOOtEwyp0nxe DoJcemD/Wr57y4lB1Wyxl52koG/lxj/0/XxWY3u+v7QOR7jrCdfqNvZhX4cNexPi zWSNFP2K6kCDeL1j3hy9/bfefzHLJMb4PYs14816Vpjo+GB5Qt8b2lXZpeH+fSW2 IlSmNQG5HLJSL+NCYOopRrjLcFUYkrpj8IvoSIg5jBEKKhtnaW5N4tLJlfQ28DRP dx62cOPs8uCTXyZWtyzJZVZDenmB2qsE1OFpAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQU1gT41DGJmmD9as8xESyxXtkidlUwHwYDVR0jBBgwFoAUs7pq7zuPouXZteQ0 OOACDUJqHsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3 L3M3cHE3enVQb3VYWnRlUTBPT0FDRFVKcUhzby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvczdwcTd6dVBvdVhadGVRME9PQUNEVUpxSHNvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3LzFnVDQxREdKbW1EOWFz OHhFU3l4WHRraWRsVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwBwfDANBgkqhkiG9w0BAQsFAAOCAQEAPipnjjuqBoUjYgl/SWWsjauyuFZ1Kgvz iVpGUqvraYXfQqNRXp7WIUk1fQP2fc7WUTDCXdcKm1JIXbm0u0VuSfbDBCHEftd1 xQ5vRBGbGUH8ZsBtcP1ifamIKE+g1w7rkvzIlqfpla+XbpKEccX9Uq+j+z+sLk5K Uh23HvHKZYO83saSJaerMbsu2XSeg7XcK7hfvcxfKF1f/RKo+F+Gn8JXlPZvbt+9 ilRZksvBfl/OzYeR94nhB3l6BMi0FeEwm7ogBi32hmFn2jtWnjE9aPnrCW4TQEN1 JvXZ2RanOvchQTxqmr4EoThofDBrSsK1sROEgsgQl3fD3C9md7BuDw== -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:26 2024 by rpki-client on console-fra.rpki-client.org