$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/v8oGHaQC-2SPL61Ew29_UWSFTOg.roa File: v8oGHaQC-2SPL61Ew29_UWSFTOg.roa (raw, json) Hash identifier: kcT+IcPq5hj6tVvBJsnmqWUnCHnXXENV0X4uz5E63Qo= Subject key identifier: BF:CA:06:1D:A4:02:FB:64:8F:2F:AD:44:C3:6F:7F:51:64:85:4C:E8 Certificate issuer: /CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Certificate serial: 1240 Authority key identifier: B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/v8oGHaQC-2SPL61Ew29_UWSFTOg.roa Signing time: Thu 12 Sep 2024 15:06:59 +0000 ROA not before: Thu 12 Sep 2024 15:06:59 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 37963 IP address blocks: 112.127.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 08:23:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4672 (0x1240) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Validity Not Before: Sep 12 15:06:59 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=BFCA061DA402FB648F2FAD44C36F7F5164854CE8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:88:dd:5b:90:77:3b:e4:9d:ba:f0:1e:ee:31: 31:8c:91:2e:4a:36:e6:90:39:92:ad:85:eb:5b:6a: a8:4e:df:ce:ac:59:3d:5b:6f:46:cc:9a:e2:68:e9: 94:86:94:7a:a5:35:ec:69:fb:5c:30:28:23:e8:69: 56:e0:71:d0:a2:39:10:d1:a0:7a:8d:67:86:a5:cc: 54:2a:df:8c:54:f1:05:3c:7d:82:8e:8c:ce:1d:03: 38:2c:6c:e2:8e:44:5b:5e:e5:f4:e5:25:0d:28:c0: bc:77:1d:11:6d:96:46:21:86:4f:27:34:29:b7:ed: f7:8a:d3:21:29:2b:69:f4:d8:ba:e7:69:dc:b3:1d: 99:8a:b1:1a:4d:12:22:aa:d3:4b:fc:28:90:f5:f0: 2b:9c:3b:d0:4c:c8:6d:dc:b7:1a:f1:c4:83:f3:bb: c7:e2:49:4f:53:44:98:ca:36:d4:89:27:b0:d1:c3: d7:a3:67:e9:a5:4e:49:30:a3:0e:56:ae:54:4a:a1: 96:4b:a1:4f:16:e7:2b:cd:62:ae:0e:6e:92:e8:fb: 1b:d4:2d:5d:36:9e:44:8c:06:6f:c1:fe:9c:b3:c6: 49:b4:e8:fd:28:63:ab:be:ba:73:a9:fd:cf:bf:55: 32:6b:f5:1b:27:27:d7:0c:94:b7:6d:af:86:c5:85: ea:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:CA:06:1D:A4:02:FB:64:8F:2F:AD:44:C3:6F:7F:51:64:85:4C:E8 X509v3 Authority Key Identifier: keyid:B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/v8oGHaQC-2SPL61Ew29_UWSFTOg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 112.127.0.0/16 Signature Algorithm: sha256WithRSAEncryption 02:d5:0d:7b:4d:6c:02:ca:5d:b8:f2:30:eb:5f:36:53:0e:69: 8a:7b:10:e1:d7:c8:18:8e:b9:42:4c:b0:e2:bf:25:c0:df:70: 17:98:7e:4a:a8:80:a8:59:fe:5f:03:6a:e0:7c:c0:f6:57:71: 4a:86:f3:0f:90:59:22:78:be:91:ba:46:50:ec:c5:21:b5:00: c4:fb:f7:d1:6a:28:b5:76:54:c9:ec:c8:35:c9:ac:82:40:8b: 20:f7:04:1a:29:4d:1b:4d:44:26:ba:c1:7c:0f:4d:53:fb:37: 5f:29:d0:12:32:1c:e0:aa:a8:73:a6:72:be:03:e7:32:8e:17: df:65:72:fd:51:51:fc:c9:af:57:98:85:87:e0:59:d6:7c:52: c3:c5:64:e0:9a:dd:4e:3c:36:43:25:d2:e9:fb:05:83:ff:cd: 71:1b:2f:f3:7a:8c:c5:4b:0e:e6:79:35:20:91:41:77:b4:8d: 7c:49:ab:c8:f2:fa:bc:99:48:5a:eb:33:cd:84:35:94:e8:49: cb:15:0c:17:e3:97:af:63:ff:3a:b9:5c:f5:3f:6d:ca:69:5f: 75:47:08:81:53:9a:54:50:a0:8e:16:55:23:a1:ac:86:82:12: cc:13:70:0e:be:cf:7d:b7:6c:d0:ce:21:72:6e:66:a1:e7:b3: 3f:7d:1c:dc -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICEkAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjNC QTZBRUYzQjhGQTJFNUQ5QjVFNDM0MzhFMDAyMEQ0MjZBMUVDQTAeFw0yNDA5MTIx NTA2NTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJGQ0EwNjFEQTQwMkZC NjQ4RjJGQUQ0NEMzNkY3RjUxNjQ4NTRDRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMiN1bkHc75J268B7uMTGMkS5KNuaQOZKthetbaqhO386sWT1b b0bMmuJo6ZSGlHqlNexp+1wwKCPoaVbgcdCiORDRoHqNZ4alzFQq34xU8QU8fYKO jM4dAzgsbOKORFte5fTlJQ0owLx3HRFtlkYhhk8nNCm37feK0yEpK2n02Lrnadyz HZmKsRpNEiKq00v8KJD18CucO9BMyG3ctxrxxIPzu8fiSU9TRJjKNtSJJ7DRw9ej Z+mlTkkwow5WrlRKoZZLoU8W5yvNYq4ObpLo+xvULV02nkSMBm/B/pyzxkm06P0o Y6u+unOp/c+/VTJr9RsnJ9cMlLdtr4bFher3AgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUv8oGHaQC+2SPL61Ew29/UWSFTOgwHwYDVR0jBBgwFoAUs7pq7zuPouXZteQ0 OOACDUJqHsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3 L3M3cHE3enVQb3VYWnRlUTBPT0FDRFVKcUhzby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvczdwcTd6dVBvdVhadGVRME9PQUNEVUpxSHNvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L3Y4b0dIYVFDLTJTUEw2 MUV3MjlfVVdTRlRPZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwBwfzANBgkqhkiG9w0BAQsFAAOCAQEAAtUNe01sAspduPIw6182Uw5pinsQ4dfI GI65Qkyw4r8lwN9wF5h+SqiAqFn+XwNq4HzA9ldxSobzD5BZIni+kbpGUOzFIbUA xPv30WootXZUyezINcmsgkCLIPcEGilNG01EJrrBfA9NU/s3XynQEjIc4Kqoc6Zy vgPnMo4X32Vy/VFR/MmvV5iFh+BZ1nxSw8Vk4JrdTjw2QyXS6fsFg//NcRsv83qM xUsO5nk1IJFBd7SNfEmryPL6vJlIWuszzYQ1lOhJyxUMF+OXr2P/Orlc9T9tymlf dUcIgVOaVFCgjhZVI6GshoISzBNwDr7Pfbds0M4hcm5moeezP30c3A== -----END CERTIFICATE-----Generated at Tue Nov 26 05:15:30 2024 by rpki-client on console-fra.rpki-client.org