$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/OW8TZElW7C1OnuJq74BFStexiw4.roa File: OW8TZElW7C1OnuJq74BFStexiw4.roa (raw, json) Hash identifier: rJ+3X3RWIk4YnFNPh4JOyCqf+2LTr5NeYhkdLcfORJk= Subject key identifier: 39:6F:13:64:49:56:EC:2D:4E:9E:E2:6A:EF:80:45:4A:D7:B1:8B:0E Certificate issuer: /CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434 Certificate serial: 0D5D Authority key identifier: CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/OW8TZElW7C1OnuJq74BFStexiw4.roa Signing time: Tue 02 Jan 2024 06:19:06 +0000 ROA not before: Tue 02 Jan 2024 06:19:06 +0000 ROA not after: Tue 08 Oct 2024 00:16:33 +0000 asID: 37963 IP address blocks: 47.112.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 01 Jul 2024 15:15:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3421 (0xd5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434 Validity Not Before: Jan 2 06:19:06 2024 GMT Not After : Oct 8 00:16:33 2024 GMT Subject: CN=396F13644956EC2D4E9EE26AEF80454AD7B18B0E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:10:f9:4e:19:4e:e9:b6:e6:7f:da:dd:cd:16: 4e:d2:f7:da:21:e4:9c:ed:15:34:db:e9:7f:36:39: a5:74:44:29:ea:b5:eb:fc:ca:44:c7:43:e9:78:29: 08:70:84:42:2a:69:7f:9d:05:9e:2d:4c:b1:36:91: 8a:0b:95:8e:17:a0:9a:26:5d:ea:7d:96:d7:8c:49: 50:0e:57:7a:59:56:63:63:6d:92:43:cd:8c:94:3e: 8f:4e:d9:cb:5f:e2:3d:a7:30:1d:ca:72:71:6a:6d: 13:4f:ba:48:4e:c2:37:cd:3a:e3:3e:c4:61:da:73: 2e:a4:03:10:18:eb:29:cb:a1:b4:18:e6:fc:a5:18: 6f:c4:d0:0f:a2:e2:3e:66:cb:c7:30:d6:b0:cb:7e: b7:e0:9b:87:d3:2d:1d:e9:3c:71:22:99:10:a1:c5: 5c:9f:52:01:08:71:4b:35:3c:63:fc:06:a4:77:26: 88:a9:09:40:1a:c2:75:c2:5a:49:4c:15:b4:28:6d: 07:d5:f8:6f:ac:fe:cc:ab:8f:4c:8b:89:67:75:27: bc:d5:e5:07:37:02:82:70:11:68:9d:d1:ee:a1:50: c4:2c:f6:e2:42:c1:4d:6d:a3:01:c9:e5:44:ea:be: 30:b2:69:c6:aa:52:af:75:a7:2f:8d:be:3c:b4:25: 41:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:6F:13:64:49:56:EC:2D:4E:9E:E2:6A:EF:80:45:4A:D7:B1:8B:0E X509v3 Authority Key Identifier: keyid:CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/OW8TZElW7C1OnuJq74BFStexiw4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 47.112.0.0/15 Signature Algorithm: sha256WithRSAEncryption 27:af:57:fa:d9:d3:e0:62:dd:66:7e:63:e0:f3:c6:35:95:11: 11:55:56:9f:55:05:68:3e:73:af:80:8c:50:1d:c4:e8:29:34: d6:08:e9:fe:5b:62:9d:3c:c1:cf:2a:20:d7:8e:b9:68:88:30: 55:c2:aa:f4:b3:c8:65:ce:f9:9b:df:57:0b:4d:4e:b9:da:21: 51:40:d4:bf:c0:84:bc:1a:e1:51:9e:ad:c6:c4:be:07:63:f2: 42:af:32:54:b1:f5:a4:a8:88:83:99:06:a3:41:57:a1:77:3f: 04:12:d3:25:b7:95:54:bc:8c:db:03:37:da:af:c9:25:39:38: c0:42:43:91:45:1c:a2:00:79:3e:24:60:1d:e9:23:f4:71:73: 25:1a:67:eb:e5:7d:f4:af:62:04:4f:76:f6:28:fa:c3:17:85: 1e:f3:8a:e9:24:ae:0e:9c:ae:84:60:eb:d4:95:7a:d9:ca:bb: 08:af:97:1c:80:98:69:f2:ca:3e:f1:2e:3c:5c:52:39:a7:c2: fc:b3:e2:80:e1:5f:14:3b:a4:cc:b9:d9:02:77:fb:89:85:61: 17:7b:26:9a:10:7c:48:8a:b8:bd:f9:9e:f5:aa:b0:a0:b8:af: 3c:18:4c:2d:a3:5e:5d:a2:ad:5d:56:c2:80:d2:59:3d:74:de: 1a:d7:02:35 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDV0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Uw QTlDQjAyOTM3QjU3RENFNjZBMTdGQjg0MjE2RDdBQkU3NjQzNDAeFw0yNDAxMDIw NjE5MDZaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDM5NkYxMzY0NDk1NkVD MkQ0RTlFRTI2QUVGODA0NTRBRDdCMThCMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAEPlOGU7ptuZ/2t3NFk7S99oh5JztFTTb6X82OaV0RCnqtev8 ykTHQ+l4KQhwhEIqaX+dBZ4tTLE2kYoLlY4XoJomXep9lteMSVAOV3pZVmNjbZJD zYyUPo9O2ctf4j2nMB3KcnFqbRNPukhOwjfNOuM+xGHacy6kAxAY6ynLobQY5vyl GG/E0A+i4j5my8cw1rDLfrfgm4fTLR3pPHEimRChxVyfUgEIcUs1PGP8BqR3Joip CUAawnXCWklMFbQobQfV+G+s/syrj0yLiWd1J7zV5Qc3AoJwEWid0e6hUMQs9uJC wU1towHJ5UTqvjCyacaqUq91py+Nvjy0JUEZAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUOW8TZElW7C1OnuJq74BFStexiw4wHwYDVR0jBBgwFoAUzgqcsCk3tX3OZqF/ uEIW16vnZDQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3 L3pncWNzQ2szdFgzT1pxRl91RUlXMTZ2blpEUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvemdxY3NDazN0WDNPWnFGX3VFSVcxNnZuWkRRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L09XOFRaRWxXN0MxT251 SnE3NEJGU3RleGl3NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwEvcDANBgkqhkiG9w0BAQsFAAOCAQEAJ69X+tnT4GLdZn5j4PPGNZUREVVWn1UF aD5zr4CMUB3E6Ck01gjp/ltinTzBzyog1465aIgwVcKq9LPIZc75m99XC01Oudoh UUDUv8CEvBrhUZ6txsS+B2PyQq8yVLH1pKiIg5kGo0FXoXc/BBLTJbeVVLyM2wM3 2q/JJTk4wEJDkUUcogB5PiRgHekj9HFzJRpn6+V99K9iBE929ij6wxeFHvOK6SSu DpyuhGDr1JV62cq7CK+XHICYafLKPvEuPFxSOafC/LPigOFfFDukzLnZAnf7iYVh F3smmhB8SIq4vfme9aqwoLivPBhMLaNeXaKtXVbCgNJZPXTeGtcCNQ== -----END CERTIFICATE-----Generated at Mon Jul 1 11:16:20 2024 by rpki-client on console-fra.rpki-client.org