$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/qVkIqsEuxHwvg2h3lZ7CEiWp3K4.roa File: qVkIqsEuxHwvg2h3lZ7CEiWp3K4.roa (raw, json) Hash identifier: 1OIOz9NzjdnODdtydV03reS2waCcv3BsUd2TB0tPMwY= Subject key identifier: A9:59:08:AA:C1:2E:C4:7C:2F:83:68:77:95:9E:C2:12:25:A9:DC:AE Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF Certificate serial: 015D Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/qVkIqsEuxHwvg2h3lZ7CEiWp3K4.roa Signing time: Wed 24 Jul 2024 14:32:32 +0000 ROA not before: Wed 24 Jul 2024 14:32:32 +0000 ROA not after: Wed 21 May 2025 03:30:10 +0000 asID: 138415 IP address blocks: 113.31.16.0/21 maxlen: 24 113.31.24.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Sep 2024 01:19:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 349 (0x15d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF Validity Not Before: Jul 24 14:32:32 2024 GMT Not After : May 21 03:30:10 2025 GMT Subject: CN=A95908AAC12EC47C2F836877959EC21225A9DCAE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:29:65:5c:df:af:fa:93:2c:6e:cc:b0:71:b9: 4a:0d:67:9f:a1:e1:94:eb:79:47:77:8c:e1:be:e3: ec:bc:22:72:be:62:ce:c4:35:f6:95:16:32:8f:61: 56:a4:a1:91:a1:e1:c6:2a:f7:a9:3c:d2:9b:d7:c5: e0:8d:fc:eb:91:40:4f:9e:e6:0f:57:da:c0:03:21: 5a:40:66:03:57:a6:09:4e:08:d8:42:85:0f:84:c4: b4:ee:fd:e3:b8:c4:ce:ad:b3:02:c3:51:17:5d:96: 4f:ce:7e:e3:f2:6e:3b:f2:f7:8b:a1:67:19:35:1d: 40:8d:58:85:3e:01:05:35:b6:9c:25:cf:ab:2f:f4: 72:90:74:be:3d:93:93:de:58:9a:b9:9d:ab:8e:05: 62:d1:25:8c:02:03:de:82:8e:b7:3d:cf:0a:53:ac: a8:cb:0e:33:eb:82:2c:b9:d7:52:9a:c4:ab:50:65: 3b:45:b7:b1:70:bd:63:9a:96:df:5d:6f:8d:35:6e: 7b:f6:f5:0c:ba:a5:c2:ae:d9:9a:52:59:dd:71:d3: ff:28:56:a6:11:22:fb:e9:0a:2a:7d:f2:05:75:e3: e6:f3:ef:17:32:53:20:1b:6c:80:51:26:c0:f2:24: 4b:d5:55:a0:08:be:19:5d:19:ae:85:60:78:e0:e9: 37:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:59:08:AA:C1:2E:C4:7C:2F:83:68:77:95:9E:C2:12:25:A9:DC:AE X509v3 Authority Key Identifier: keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/qVkIqsEuxHwvg2h3lZ7CEiWp3K4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.31.16.0/20 Signature Algorithm: sha256WithRSAEncryption 83:4c:af:9a:51:6c:1f:1f:cc:20:55:04:30:17:60:bf:80:cc: e4:72:4e:74:1a:76:cd:eb:0f:4f:4d:22:0d:7f:39:89:7e:42: ea:a1:54:d8:de:5b:f1:a4:2d:93:47:43:01:7a:ed:46:13:f8: 61:df:10:65:a3:3e:73:26:0f:93:1f:31:7c:e2:3c:9f:90:e7: f6:16:55:81:92:e9:a8:6c:91:2c:b6:f3:74:d0:4d:7c:00:24: ad:db:b3:57:48:f9:29:b6:db:0a:a9:14:82:0b:c5:79:1a:0d: 34:4a:a1:b7:ed:a8:fa:f7:08:b5:21:f7:17:ac:55:74:85:24: be:c6:01:47:d8:e1:ea:a1:48:85:8c:d7:26:1e:e3:ba:9c:e0: 9e:6e:10:2c:52:76:a7:75:1b:6f:a8:8a:91:84:65:de:44:91: d9:32:2d:77:26:2c:46:ca:27:1a:f8:ef:a5:2c:6c:f2:7c:64: ef:8f:09:a4:1b:54:1d:fa:08:96:b2:6a:3e:b5:86:73:e8:0a: 27:2d:42:6d:16:5a:fd:4e:a5:b6:e4:51:d2:f5:1e:b7:bb:f9: ef:87:7f:9b:ee:dd:13:c0:2b:9a:88:d9:0b:5a:d6:40:e5:00: b4:15:80:dc:55:c6:25:1a:8a:73:c2:49:ef:51:74:a5:3b:3c: 29:f9:f2:68 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICAV0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3 MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNDA3MjQx NDMyMzJaFw0yNTA1MjEwMzMwMTBaMDMxMTAvBgNVBAMTKEE5NTkwOEFBQzEyRUM0 N0MyRjgzNjg3Nzk1OUVDMjEyMjVBOURDQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyKWVc36/6kyxuzLBxuUoNZ5+h4ZTreUd3jOG+4+y8InK+Ys7E NfaVFjKPYVakoZGh4cYq96k80pvXxeCN/OuRQE+e5g9X2sADIVpAZgNXpglOCNhC hQ+ExLTu/eO4xM6tswLDURddlk/OfuPybjvy94uhZxk1HUCNWIU+AQU1tpwlz6sv 9HKQdL49k5PeWJq5nauOBWLRJYwCA96Cjrc9zwpTrKjLDjPrgiy511KaxKtQZTtF t7FwvWOalt9db401bnv29Qy6pcKu2ZpSWd1x0/8oVqYRIvvpCip98gV14+bz7xcy UyAbbIBRJsDyJEvVVaAIvhldGa6FYHjg6TffAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUqVkIqsEuxHwvg2h3lZ7CEiWp3K4wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3FWa0lxc0V1eEh3dmcy aDNsWjdDRWlXcDNLNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARxHxAwDQYJKoZIhvcNAQELBQADggEBAINMr5pRbB8fzCBVBDAXYL+AzORyTnQa ds3rD09NIg1/OYl+QuqhVNjeW/GkLZNHQwF67UYT+GHfEGWjPnMmD5MfMXziPJ+Q 5/YWVYGS6ahskSy283TQTXwAJK3bs1dI+Sm22wqpFIILxXkaDTRKobftqPr3CLUh 9xesVXSFJL7GAUfY4eqhSIWM1yYe47qc4J5uECxSdqd1G2+oipGEZd5EkdkyLXcm LEbKJxr476UsbPJ8ZO+PCaQbVB36CJayaj61hnPoCictQm0WWv1OpbbkUdL1Hre7 +e+Hf5vu3RPAK5qI2Qta1kDlALQVgNxVxiUainPCSe9RdKU7PCn58mg= -----END CERTIFICATE-----Generated at Wed Sep 18 23:35:20 2024 by rpki-client on console-fra.rpki-client.org