$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/qXwp6LTyWXTZ5AizMMP75u6xgcA.roa File: qXwp6LTyWXTZ5AizMMP75u6xgcA.roa (raw, json) Hash identifier: tXH+NvY2eV2k4O3x3PM/Kvp1f1OYxLBBqy/Zl2fu+O8= Subject key identifier: A9:7C:29:E8:B4:F2:59:74:D9:E4:08:B3:30:C3:FB:E6:EE:B1:81:C0 Certificate issuer: /CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434 Certificate serial: 127B Authority key identifier: CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/qXwp6LTyWXTZ5AizMMP75u6xgcA.roa Signing time: Tue 24 Sep 2024 00:19:16 +0000 ROA not before: Tue 24 Sep 2024 00:19:16 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 37963 IP address blocks: 47.112.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 08:23:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4731 (0x127b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434 Validity Not Before: Sep 24 00:19:16 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=A97C29E8B4F25974D9E408B330C3FBE6EEB181C0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:26:f5:b9:8f:74:79:f2:0e:89:d7:84:a6:2c: c9:af:fc:b4:2d:af:51:49:5d:60:a4:4c:a0:d5:68: 64:6c:3f:79:64:c4:39:32:7f:28:ce:7b:51:0f:76: d1:28:36:bf:ea:ff:18:f0:76:9c:3b:5b:6c:1b:60: 53:6b:b1:6d:5e:86:9c:fc:ee:3c:8d:0a:b5:31:b0: 2a:b0:c1:fe:59:53:93:57:42:b7:6c:c4:80:8b:47: 14:76:cf:32:77:60:07:23:84:31:8e:68:39:9c:91: a1:ef:33:bb:75:44:9d:fb:ed:61:42:8a:18:00:00: bd:dd:9a:25:9f:b3:3b:1c:09:cd:1d:df:ad:9e:b1: bb:2a:fb:c5:c9:5c:c3:78:86:6b:81:45:7a:80:b5: 8c:2d:7a:cf:11:df:f4:c0:84:c5:22:7d:c7:50:d4: d6:db:2e:41:62:1f:3d:b8:08:d2:d8:82:9a:68:0b: e5:d5:10:fc:3c:11:cc:d3:6b:9f:01:e5:b6:8d:8d: 4c:e8:ec:74:de:44:2f:01:89:5e:32:76:53:98:3d: 76:ba:d5:85:0f:c6:ff:3c:a1:a9:29:55:a6:7a:db: 78:70:02:bf:f3:9a:2a:fa:89:1b:30:1e:9a:b4:3a: b6:8a:e5:1c:27:0d:94:f8:8d:74:fb:39:ca:fd:7b: a9:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:7C:29:E8:B4:F2:59:74:D9:E4:08:B3:30:C3:FB:E6:EE:B1:81:C0 X509v3 Authority Key Identifier: keyid:CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/qXwp6LTyWXTZ5AizMMP75u6xgcA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 47.112.0.0/15 Signature Algorithm: sha256WithRSAEncryption 29:6f:e2:ff:8b:a9:2b:cc:84:6f:4d:61:cc:96:a5:2a:1c:70: ce:fd:3d:f6:1c:1a:3f:47:89:93:0f:d8:74:ac:8c:3c:dc:df: fa:6c:7c:44:1f:08:0b:37:87:05:03:db:d7:20:76:68:8f:5d: 17:f9:2f:29:51:83:19:42:36:08:41:53:16:05:9a:b3:cb:20: 8a:2a:d8:7f:b4:f4:fe:73:0e:a9:6c:69:b5:a3:89:ef:a9:7e: 9e:7a:2b:ef:a3:83:f9:53:c0:24:31:81:06:e4:22:06:58:4b: 67:05:bb:c5:2d:02:29:dc:eb:0c:66:d2:9f:08:f1:f4:0d:0d: ce:8d:9b:fb:15:86:22:cc:3f:89:66:25:77:e8:52:1c:df:d7: e8:8d:89:f8:50:64:13:a3:e9:f1:fd:bd:b2:de:cf:08:d3:eb: df:b6:f7:18:92:95:bc:4d:3d:7e:0b:63:e7:d4:f4:8b:19:b0: 2a:57:97:5e:9e:57:e7:31:c5:44:43:e5:86:db:fa:5b:5f:0d: 03:da:7f:ab:8f:df:80:66:8f:cf:49:a6:f7:7a:3c:19:f2:87: 98:d0:66:d9:cf:2a:be:d7:fd:f0:5b:e2:ef:14:36:da:43:a1: 0b:3e:ff:45:0d:34:af:2f:e1:31:4e:77:26:2f:da:b3:bd:d7: 46:f1:71:b3 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICEnswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Uw QTlDQjAyOTM3QjU3RENFNjZBMTdGQjg0MjE2RDdBQkU3NjQzNDAeFw0yNDA5MjQw MDE5MTZaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKEE5N0MyOUU4QjRGMjU5 NzREOUU0MDhCMzMwQzNGQkU2RUVCMTgxQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1JvW5j3R58g6J14SmLMmv/LQtr1FJXWCkTKDVaGRsP3lkxDky fyjOe1EPdtEoNr/q/xjwdpw7W2wbYFNrsW1ehpz87jyNCrUxsCqwwf5ZU5NXQrds xICLRxR2zzJ3YAcjhDGOaDmckaHvM7t1RJ377WFCihgAAL3dmiWfszscCc0d362e sbsq+8XJXMN4hmuBRXqAtYwtes8R3/TAhMUifcdQ1NbbLkFiHz24CNLYgppoC+XV EPw8EczTa58B5baNjUzo7HTeRC8BiV4ydlOYPXa61YUPxv88oakpVaZ623hwAr/z mir6iRswHpq0OraK5RwnDZT4jXT7Ocr9e6mnAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUqXwp6LTyWXTZ5AizMMP75u6xgcAwHwYDVR0jBBgwFoAUzgqcsCk3tX3OZqF/ uEIW16vnZDQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3 L3pncWNzQ2szdFgzT1pxRl91RUlXMTZ2blpEUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvemdxY3NDazN0WDNPWnFGX3VFSVcxNnZuWkRRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L3FYd3A2TFR5V1hUWjVB aXpNTVA3NXU2eGdjQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwEvcDANBgkqhkiG9w0BAQsFAAOCAQEAKW/i/4upK8yEb01hzJalKhxwzv099hwa P0eJkw/YdKyMPNzf+mx8RB8ICzeHBQPb1yB2aI9dF/kvKVGDGUI2CEFTFgWas8sg iirYf7T0/nMOqWxptaOJ76l+nnor76OD+VPAJDGBBuQiBlhLZwW7xS0CKdzrDGbS nwjx9A0Nzo2b+xWGIsw/iWYld+hSHN/X6I2J+FBkE6Pp8f29st7PCNPr37b3GJKV vE09fgtj59T0ixmwKleXXp5X5zHFREPlhtv6W18NA9p/q4/fgGaPz0mm93o8GfKH mNBm2c8qvtf98Fvi7xQ22kOhCz7/RQ00ry/hMU53Ji/as73XRvFxsw== -----END CERTIFICATE-----Generated at Tue Nov 26 05:33:27 2024 by rpki-client on console-ams.rpki-client.org