$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/vfzO_1V4XddfY1ZPCse26_iJhbs.roa File: vfzO_1V4XddfY1ZPCse26_iJhbs.roa (raw, json) Hash identifier: zOymB3ObrhpG9U3MdmX7lJn/wFpmAlkb7Cum/aojrsQ= Subject key identifier: BD:FC:CE:FF:55:78:5D:D7:5F:63:56:4F:0A:C7:B6:EB:F8:89:85:BB Certificate issuer: /CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Certificate serial: 123D Authority key identifier: B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/vfzO_1V4XddfY1ZPCse26_iJhbs.roa Signing time: Thu 12 Sep 2024 15:06:58 +0000 ROA not before: Thu 12 Sep 2024 15:06:58 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 37963 IP address blocks: 112.126.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4669 (0x123d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Validity Not Before: Sep 12 15:06:58 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=BDFCCEFF55785DD75F63564F0AC7B6EBF88985BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:41:bc:a7:59:11:31:a4:14:54:6b:d2:36:5e: a6:80:00:27:0c:26:a6:3d:67:f2:03:19:ff:22:d5: f9:b2:df:ce:b0:f6:a3:38:45:98:92:ff:bc:21:3d: b2:ea:66:7c:ce:9c:46:23:d9:85:a4:18:ba:e1:36: d3:ab:a2:2d:8e:28:f8:54:ba:13:88:e7:f9:8b:fa: 80:88:d4:38:34:eb:37:e3:c1:69:bc:41:e7:c9:7c: 8d:f4:3f:22:66:f8:bc:0f:c0:5c:f8:04:50:ee:75: 11:42:95:0b:fb:57:80:1c:7a:c2:a9:64:0f:a6:2d: 00:0e:61:d4:82:59:fe:8a:cb:43:dd:0e:aa:2c:01: f7:9f:06:ca:1c:7f:c2:c5:1c:f8:c6:a5:57:81:07: 96:5f:b0:a0:6a:5a:46:7f:69:80:9d:58:b9:62:0f: c0:61:6d:31:c1:d5:0a:47:4c:06:03:d8:9e:16:fd: 88:af:29:7e:9e:c4:ed:3e:c3:22:0a:58:9d:db:55: 05:d0:f7:33:fe:2f:3e:41:e5:27:3c:0f:e0:b9:62: 31:88:f2:e5:a4:aa:8f:48:fc:d9:70:2c:f9:f5:2e: 0d:95:38:f4:3d:85:1f:84:6a:84:b2:45:d6:ea:1d: fd:47:77:59:c8:20:12:5f:97:2a:5c:cc:b4:8d:9d: 33:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:FC:CE:FF:55:78:5D:D7:5F:63:56:4F:0A:C7:B6:EB:F8:89:85:BB X509v3 Authority Key Identifier: keyid:B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/vfzO_1V4XddfY1ZPCse26_iJhbs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 112.126.0.0/15 Signature Algorithm: sha256WithRSAEncryption 6b:8d:b7:96:15:08:db:02:18:84:ad:68:1b:07:16:a6:a0:d3: c9:44:b5:10:4b:79:a5:22:27:dc:6d:60:83:d3:0d:3c:8b:be: e1:99:78:d5:95:eb:3d:33:a1:a8:33:00:aa:2d:2f:f9:23:b0: 73:ef:13:47:b8:d9:a3:2a:5e:38:d8:42:34:97:e3:1f:15:52: c7:f6:d5:83:2b:13:3d:c8:e9:94:cc:1b:1f:88:8a:f8:b0:91: b5:35:8c:c4:01:38:3a:b2:8d:16:fe:7b:72:79:b8:d6:ed:87: 93:ab:00:d1:0d:1a:d6:3e:84:1f:7f:8b:99:f8:58:2f:e9:33: 9f:4e:42:59:32:5b:61:5d:05:f3:1e:58:61:c6:d2:c4:44:65: 6a:c5:a7:bc:db:c7:f0:1b:67:20:9e:96:f1:7c:c9:d6:8f:58: 47:f5:3a:43:ef:ea:e0:66:d4:8e:50:b6:5f:43:05:14:48:6e: 7d:92:00:d9:79:9e:95:06:b3:5f:5e:de:76:b2:db:65:6d:5d: 4a:c2:ae:1f:c4:6f:60:96:0b:25:f6:b3:16:85:48:da:d1:14: c1:76:ce:71:b9:2b:ef:54:3b:09:4e:ec:23:13:5b:96:e7:5f: 97:fe:00:d1:2a:ba:a1:b7:d8:e2:62:f3:01:79:14:90:9b:f9: b1:4a:c9:fa -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICEj0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjNC QTZBRUYzQjhGQTJFNUQ5QjVFNDM0MzhFMDAyMEQ0MjZBMUVDQTAeFw0yNDA5MTIx NTA2NThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJERkNDRUZGNTU3ODVE RDc1RjYzNTY0RjBBQzdCNkVCRjg4OTg1QkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCfQbynWRExpBRUa9I2XqaAACcMJqY9Z/IDGf8i1fmy386w9qM4 RZiS/7whPbLqZnzOnEYj2YWkGLrhNtOroi2OKPhUuhOI5/mL+oCI1Dg06zfjwWm8 QefJfI30PyJm+LwPwFz4BFDudRFClQv7V4AcesKpZA+mLQAOYdSCWf6Ky0PdDqos AfefBsocf8LFHPjGpVeBB5ZfsKBqWkZ/aYCdWLliD8BhbTHB1QpHTAYD2J4W/Yiv KX6exO0+wyIKWJ3bVQXQ9zP+Lz5B5Sc8D+C5YjGI8uWkqo9I/NlwLPn1Lg2VOPQ9 hR+EaoSyRdbqHf1Hd1nIIBJflypczLSNnTNBAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUvfzO/1V4XddfY1ZPCse26/iJhbswHwYDVR0jBBgwFoAUs7pq7zuPouXZteQ0 OOACDUJqHsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3 L3M3cHE3enVQb3VYWnRlUTBPT0FDRFVKcUhzby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvczdwcTd6dVBvdVhadGVRME9PQUNEVUpxSHNvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L3Zmek9fMVY0WGRkZlkx WlBDc2UyNl9pSmhicy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwFwfjANBgkqhkiG9w0BAQsFAAOCAQEAa423lhUI2wIYhK1oGwcWpqDTyUS1EEt5 pSIn3G1gg9MNPIu+4Zl41ZXrPTOhqDMAqi0v+SOwc+8TR7jZoypeONhCNJfjHxVS x/bVgysTPcjplMwbH4iK+LCRtTWMxAE4OrKNFv57cnm41u2Hk6sA0Q0a1j6EH3+L mfhYL+kzn05CWTJbYV0F8x5YYcbSxERlasWnvNvH8BtnIJ6W8XzJ1o9YR/U6Q+/q 4GbUjlC2X0MFFEhufZIA2XmelQazX17edrLbZW1dSsKuH8RvYJYLJfazFoVI2tEU wXbOcbkr71Q7CU7sIxNbludfl/4A0Sq6obfY4mLzAXkUkJv5sUrJ+g== -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:41 2024 by rpki-client on console-fra.rpki-client.org