$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/Tqy3TIR0j-SfR6A0Mo6xNbnTFe4.roa File: Tqy3TIR0j-SfR6A0Mo6xNbnTFe4.roa (raw, json) Hash identifier: aM1BfIGp06BLCUwCMpvCcFnHa0XrhQZ/6QJzVdj5tTM= Subject key identifier: 4E:AC:B7:4C:84:74:8F:E4:9F:47:A0:34:32:8E:B1:35:B9:D3:15:EE Certificate issuer: /CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434 Certificate serial: 1241 Authority key identifier: CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/Tqy3TIR0j-SfR6A0Mo6xNbnTFe4.roa Signing time: Thu 12 Sep 2024 15:06:59 +0000 ROA not before: Thu 12 Sep 2024 15:06:59 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 37963 IP address blocks: 47.113.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:53:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4673 (0x1241) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434 Validity Not Before: Sep 12 15:06:59 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=4EACB74C84748FE49F47A034328EB135B9D315EE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:de:25:d4:dc:28:5d:f2:c7:8f:bd:bb:49:ea: 5d:92:c1:4f:1b:15:a3:2f:f8:23:05:92:40:c7:70: c1:80:fe:b6:9e:27:62:11:c8:22:81:08:a3:0d:82: ea:79:3f:d9:bb:f2:59:6b:c9:ae:67:53:43:1d:51: cf:bf:82:88:73:51:d5:3e:b1:7a:92:ea:a3:e1:12: 9c:e5:a9:e2:ca:1e:1e:b9:89:03:1c:fe:96:96:c4: ff:d0:1f:9d:09:9b:42:4e:13:0e:95:a6:4d:6c:cb: e5:d9:f1:c2:79:ff:8e:96:77:67:d0:18:9d:cf:c0: 21:dc:e6:0e:a7:3a:87:30:ee:2a:74:9f:b0:e5:a1: 15:c2:19:d2:f0:0b:75:bf:62:fc:c0:74:9b:ef:d1: 4a:b5:c6:46:f4:00:79:2a:74:d1:4a:3e:65:7f:b6: 4a:dc:0a:1b:99:64:78:cc:50:af:62:f3:4e:db:65: 15:59:13:66:ab:7d:0f:97:d6:c9:82:2e:24:28:fd: 96:70:48:cf:69:d8:4a:1a:2b:ca:12:1c:59:51:4d: 99:5b:16:db:e5:1a:82:76:14:06:cc:e1:c9:77:2c: 81:b0:d5:e3:94:dc:ce:ea:17:f4:75:74:da:d1:24: 0a:23:53:b7:0c:08:e8:68:7a:56:df:e1:16:02:31: ed:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:AC:B7:4C:84:74:8F:E4:9F:47:A0:34:32:8E:B1:35:B9:D3:15:EE X509v3 Authority Key Identifier: keyid:CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/Tqy3TIR0j-SfR6A0Mo6xNbnTFe4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 47.113.0.0/16 Signature Algorithm: sha256WithRSAEncryption d8:e1:d5:42:a7:02:7e:6b:f4:2a:c4:ae:6c:7a:a1:84:26:85: 32:10:f0:d0:c5:4e:96:e8:5f:18:86:2b:16:e7:1b:54:bc:f4: 5f:64:6a:19:48:75:87:d8:bd:b7:a0:d8:7f:86:18:ea:4d:db: 6d:5b:3a:23:7f:39:44:c1:94:30:cd:ca:7b:be:35:13:a5:6a: 61:7f:8e:9c:df:a6:10:96:33:19:fb:b5:0b:e7:94:d3:cb:6c: 08:32:36:a2:18:af:1e:c8:4e:4b:9c:91:1c:c6:57:75:3e:19: 0b:d7:ac:fc:97:dd:45:c1:4a:f0:2e:d4:eb:a5:2d:c5:d5:1f: 5c:78:50:48:05:31:b7:62:bc:7d:34:f2:87:2e:31:b6:0e:89: c6:0d:f4:a4:7e:cb:49:9d:0f:ad:b7:f1:a6:d3:39:11:ec:d6: 4b:38:06:ac:95:1b:78:fd:d4:08:bb:ef:10:b0:9b:dd:03:df: 7d:30:da:33:4a:9f:bd:e6:c6:51:74:51:f4:15:f0:73:89:2c: b1:6f:12:e6:03:6c:4b:d1:09:08:b4:19:ba:47:db:16:b9:c2: 08:69:c0:20:8f:b8:4e:2c:20:73:d4:0f:d9:bc:15:db:71:e1: 68:b3:64:7b:35:f8:d2:cf:84:d7:3b:84:ce:e0:13:06:51:c4: df:51:89:7c -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICEkEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Uw QTlDQjAyOTM3QjU3RENFNjZBMTdGQjg0MjE2RDdBQkU3NjQzNDAeFw0yNDA5MTIx NTA2NTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRFQUNCNzRDODQ3NDhG RTQ5RjQ3QTAzNDMyOEVCMTM1QjlEMzE1RUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCZ3iXU3Chd8sePvbtJ6l2SwU8bFaMv+CMFkkDHcMGA/raeJ2IR yCKBCKMNgup5P9m78llrya5nU0MdUc+/gohzUdU+sXqS6qPhEpzlqeLKHh65iQMc /paWxP/QH50Jm0JOEw6Vpk1sy+XZ8cJ5/46Wd2fQGJ3PwCHc5g6nOocw7ip0n7Dl oRXCGdLwC3W/YvzAdJvv0Uq1xkb0AHkqdNFKPmV/tkrcChuZZHjMUK9i807bZRVZ E2arfQ+X1smCLiQo/ZZwSM9p2EoaK8oSHFlRTZlbFtvlGoJ2FAbM4cl3LIGw1eOU 3M7qF/R1dNrRJAojU7cMCOhoelbf4RYCMe0VAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUTqy3TIR0j+SfR6A0Mo6xNbnTFe4wHwYDVR0jBBgwFoAUzgqcsCk3tX3OZqF/ uEIW16vnZDQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3 L3pncWNzQ2szdFgzT1pxRl91RUlXMTZ2blpEUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvemdxY3NDazN0WDNPWnFGX3VFSVcxNnZuWkRRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L1RxeTNUSVIwai1TZlI2 QTBNbzZ4TmJuVEZlNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwAvcTANBgkqhkiG9w0BAQsFAAOCAQEA2OHVQqcCfmv0KsSubHqhhCaFMhDw0MVO luhfGIYrFucbVLz0X2RqGUh1h9i9t6DYf4YY6k3bbVs6I385RMGUMM3Ke741E6Vq YX+OnN+mEJYzGfu1C+eU08tsCDI2ohivHshOS5yRHMZXdT4ZC9es/JfdRcFK8C7U 66UtxdUfXHhQSAUxt2K8fTTyhy4xtg6Jxg30pH7LSZ0PrbfxptM5EezWSzgGrJUb eP3UCLvvELCb3QPffTDaM0qfvebGUXRR9BXwc4kssW8S5gNsS9EJCLQZukfbFrnC CGnAII+4Tiwgc9QP2bwV23HhaLNkezX40s+E1zuEzuATBlHE31GJfA== -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:41 2024 by rpki-client on console-fra.rpki-client.org