$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/Ya4dQq1g3o_G_tVkzvo5vQID1jw.roa File: Ya4dQq1g3o_G_tVkzvo5vQID1jw.roa (raw, json) Hash identifier: NOtub+JRY4OeMp9aVZTkOA+gEQHsDVkPClqveTYcVhg= Subject key identifier: 61:AE:1D:42:AD:60:DE:8F:C6:FE:D5:64:CE:FA:39:BD:02:03:D6:3C Certificate issuer: /CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434 Certificate serial: 0D5C Authority key identifier: CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/Ya4dQq1g3o_G_tVkzvo5vQID1jw.roa Signing time: Tue 02 Jan 2024 06:19:06 +0000 ROA not before: Tue 02 Jan 2024 06:19:06 +0000 ROA not after: Tue 08 Oct 2024 00:16:33 +0000 asID: 37963 IP address blocks: 47.112.0.0/16 maxlen: 24 47.113.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 01 Jul 2024 15:15:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3420 (0xd5c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434 Validity Not Before: Jan 2 06:19:06 2024 GMT Not After : Oct 8 00:16:33 2024 GMT Subject: CN=61AE1D42AD60DE8FC6FED564CEFA39BD0203D63C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:90:72:b3:ac:f2:d4:96:d2:c1:a2:cd:1e:06: e8:f5:0f:75:89:65:ae:8b:25:15:d2:45:c3:44:35: eb:ea:d3:94:88:0c:80:34:e5:05:29:47:af:d9:b9: f7:59:85:98:3f:fd:c8:29:53:47:b3:6d:5f:75:fa: 40:ca:b4:f3:b1:db:04:29:c2:39:16:0f:a7:da:31: ec:8d:4f:26:fd:fe:9d:d3:f3:8b:69:64:42:7b:f7: a3:65:5d:5e:0f:d5:fd:66:78:66:45:a2:91:a6:db: 53:51:8f:6c:02:f0:f7:3c:9b:d7:41:8a:ef:1c:f6: 04:be:71:ad:da:a6:8f:10:0a:9e:76:98:ef:38:2e: 9b:90:2a:1f:ff:d8:48:11:65:b4:74:d8:70:bb:bc: dc:9b:c1:d4:17:92:0c:26:e4:0e:f5:cc:0b:83:a3: ae:33:b3:4c:a5:8b:d1:c9:28:e5:3e:f3:db:5f:65: 56:80:31:1b:ec:f5:6b:ce:4c:e1:42:a9:b4:ce:ee: b3:de:43:ec:30:08:be:90:cd:bd:c0:d7:e9:f2:58: c1:e9:25:e2:f4:3b:ba:0a:e0:10:ae:0d:85:d1:a1: 86:ab:b1:46:0d:5c:57:85:42:17:9b:a5:4a:d7:4a: 9b:7f:72:12:74:30:40:07:9c:a9:e7:fc:b6:70:91: 1b:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:AE:1D:42:AD:60:DE:8F:C6:FE:D5:64:CE:FA:39:BD:02:03:D6:3C X509v3 Authority Key Identifier: keyid:CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/Ya4dQq1g3o_G_tVkzvo5vQID1jw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 47.112.0.0/15 Signature Algorithm: sha256WithRSAEncryption 7c:fe:f0:1c:a4:7b:8c:f8:cc:77:76:75:05:f6:c6:f5:69:f0: 4a:14:b3:c5:d0:3c:5e:fb:7f:9b:94:34:2e:7b:5a:fb:65:db: eb:53:fc:d4:1a:0c:c0:27:bf:f6:18:39:d3:f4:86:79:2a:de: e8:06:1b:f6:43:1b:bf:6e:53:e7:09:42:ec:af:b5:23:62:74: 68:49:7d:4b:57:92:c5:18:d2:1c:4a:10:40:03:d4:b9:10:4c: 2c:52:49:e1:30:82:2f:27:48:42:43:b3:42:d8:96:9d:9b:e0: 2e:3b:84:a1:7e:e3:b5:b6:c0:8f:46:bb:72:c6:94:bc:8d:a5: 83:16:fa:0a:78:a2:dc:5c:0c:09:fb:be:dc:60:c1:12:0f:b1: a9:61:9d:12:82:88:4c:e4:d7:fc:f8:5c:dc:56:1a:ce:d7:77: 68:9d:1c:61:a2:54:eb:bf:b3:09:0d:87:7f:d7:eb:18:07:c3: 8a:22:5e:4d:ea:06:16:65:a9:07:08:13:88:1f:ae:1c:fc:2e: 51:d3:ae:e9:a3:1d:74:f8:3f:bf:49:fd:71:fe:3a:1b:b9:42: e9:34:18:39:b5:ce:20:e6:7a:7f:8f:72:33:9c:82:e5:27:53: 2b:d6:05:3c:16:1b:65:48:59:81:84:52:2c:5e:cd:35:8b:aa: 48:d8:3c:e1 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDVwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Uw QTlDQjAyOTM3QjU3RENFNjZBMTdGQjg0MjE2RDdBQkU3NjQzNDAeFw0yNDAxMDIw NjE5MDZaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDYxQUUxRDQyQUQ2MERF OEZDNkZFRDU2NENFRkEzOUJEMDIwM0Q2M0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJkHKzrPLUltLBos0eBuj1D3WJZa6LJRXSRcNENevq05SIDIA0 5QUpR6/ZufdZhZg//cgpU0ezbV91+kDKtPOx2wQpwjkWD6faMeyNTyb9/p3T84tp ZEJ796NlXV4P1f1meGZFopGm21NRj2wC8Pc8m9dBiu8c9gS+ca3apo8QCp52mO84 LpuQKh//2EgRZbR02HC7vNybwdQXkgwm5A71zAuDo64zs0yli9HJKOU+89tfZVaA MRvs9WvOTOFCqbTO7rPeQ+wwCL6Qzb3A1+nyWMHpJeL0O7oK4BCuDYXRoYarsUYN XFeFQhebpUrXSpt/chJ0MEAHnKnn/LZwkRvtAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUYa4dQq1g3o/G/tVkzvo5vQID1jwwHwYDVR0jBBgwFoAUzgqcsCk3tX3OZqF/ uEIW16vnZDQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3 L3pncWNzQ2szdFgzT1pxRl91RUlXMTZ2blpEUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvemdxY3NDazN0WDNPWnFGX3VFSVcxNnZuWkRRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L1lhNGRRcTFnM29fR190 Vmt6dm81dlFJRDFqdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwEvcDANBgkqhkiG9w0BAQsFAAOCAQEAfP7wHKR7jPjMd3Z1BfbG9WnwShSzxdA8 Xvt/m5Q0Lnta+2Xb61P81BoMwCe/9hg50/SGeSre6AYb9kMbv25T5wlC7K+1I2J0 aEl9S1eSxRjSHEoQQAPUuRBMLFJJ4TCCLydIQkOzQtiWnZvgLjuEoX7jtbbAj0a7 csaUvI2lgxb6Cnii3FwMCfu+3GDBEg+xqWGdEoKITOTX/Phc3FYaztd3aJ0cYaJU 67+zCQ2Hf9frGAfDiiJeTeoGFmWpBwgTiB+uHPwuUdOu6aMddPg/v0n9cf46G7lC 6TQYObXOIOZ6f49yM5yC5SdTK9YFPBYbZUhZgYRSLF7NNYuqSNg84Q== -----END CERTIFICATE-----Generated at Mon Jul 1 12:12:31 2024 by rpki-client on console-ams.rpki-client.org