$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/18u4j_78BDLmZ9J9Ns-9WlUsPes.roa File: 18u4j_78BDLmZ9J9Ns-9WlUsPes.roa (raw, json) Hash identifier: vXZGy+cb1dLnGdz0+2TBJmTIkyhbwLf1b+XtLWs9Urs= Subject key identifier: D7:CB:B8:8F:FE:FC:04:32:E6:67:D2:7D:36:CF:BD:5A:55:2C:3D:EB Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0DC5 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/18u4j_78BDLmZ9J9Ns-9WlUsPes.roa Signing time: Thu 17 Oct 2024 01:54:22 +0000 ROA not before: Thu 17 Oct 2024 01:54:22 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 62387 IP address blocks: 123.98.12.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3525 (0xdc5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Oct 17 01:54:22 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=D7CBB88FFEFC0432E667D27D36CFBD5A552C3DEB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:2c:c2:0a:68:9f:0a:08:be:81:05:21:5a:c5: d6:c8:45:74:fa:f2:ee:41:d0:44:3c:bb:ad:00:29: 59:fa:d8:de:53:cf:f0:5d:10:a9:df:e1:a6:71:24: f8:47:89:66:5e:5d:3e:a9:73:3a:cd:84:3e:ff:cd: 95:a3:e2:17:7f:ba:5a:8d:72:f9:f0:d9:77:86:61: 0e:eb:72:e8:bf:d5:d9:e9:4f:6e:29:11:7f:04:fa: 30:6e:41:8d:c4:47:58:71:53:7f:27:f4:d0:a8:b6: f1:57:01:43:a8:13:33:db:3d:0b:5f:3e:32:12:1c: 79:3a:30:8d:47:58:3b:0d:ca:d9:27:86:f5:45:04: c7:c1:2e:52:78:16:30:37:59:6e:89:e4:1e:1e:77: 4b:2d:76:29:6f:e1:44:ab:4a:0f:f7:48:19:a6:1b: 23:e3:36:00:ea:4d:f0:89:a5:d8:b3:39:d8:3c:d0: 5e:85:dd:d4:27:4f:05:05:21:01:d8:04:d7:c0:fd: 53:97:9a:7d:06:af:14:e7:33:f7:7e:a6:2f:b4:ad: a6:54:f0:be:48:56:59:e7:29:0b:96:09:2c:15:a5: ea:c1:68:34:e4:dc:cb:46:ef:06:b1:e3:0c:e0:e3: d9:99:78:ae:f4:98:e5:f3:9f:5a:46:83:be:10:c3: eb:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:CB:B8:8F:FE:FC:04:32:E6:67:D2:7D:36:CF:BD:5A:55:2C:3D:EB X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/18u4j_78BDLmZ9J9Ns-9WlUsPes.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.98.12.0/22 Signature Algorithm: sha256WithRSAEncryption 5c:99:fa:b1:29:f8:b1:27:bb:3f:c7:db:94:b2:bf:b6:8e:8e: 78:b5:1b:b1:2f:a6:f2:23:af:c3:2b:ef:98:11:b3:7c:1d:cd: 4a:06:f3:20:54:53:c7:30:52:5c:52:88:f3:a8:8e:71:40:0a: 9b:f0:e5:7e:34:41:68:9b:8e:d3:6b:59:83:1d:22:cd:9b:ba: b3:65:8d:80:68:15:3f:ce:2e:24:9e:e0:27:3a:97:7e:ab:ff: 80:d7:c6:61:ec:0a:60:04:39:45:3d:41:f9:1d:42:3f:65:02: 31:b6:eb:ae:ed:2b:f6:6c:00:23:cc:9f:fc:51:82:b3:a8:88: f4:f3:d1:d5:14:1b:03:05:6f:1a:90:3c:58:59:b5:0e:7f:b4: 25:28:de:e2:e0:29:df:9e:02:cd:6e:bc:48:e4:6a:a1:74:7f: 9b:e7:8f:bd:61:0c:05:fd:9e:6b:51:8b:b8:9f:4e:42:8f:78: fd:e0:20:d2:2a:c2:98:af:94:66:5b:ce:68:67:1d:78:06:d9: ab:87:aa:99:b6:32:90:f1:e0:53:cf:f7:74:b2:13:bb:5b:7a: 51:c8:22:9d:24:4a:9d:51:a3:f7:df:0e:30:87:9d:75:a8:ca: 0c:0e:07:cb:59:18:ed:02:d6:5f:b0:bf:7a:22:bb:49:2c:ba: d6:50:b8:0b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDcUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDEwMTcw MTU0MjJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ3Q0JCODhGRkVGQzA0 MzJFNjY3RDI3RDM2Q0ZCRDVBNTUyQzNERUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCYLMIKaJ8KCL6BBSFaxdbIRXT68u5B0EQ8u60AKVn62N5Tz/Bd EKnf4aZxJPhHiWZeXT6pczrNhD7/zZWj4hd/ulqNcvnw2XeGYQ7rcui/1dnpT24p EX8E+jBuQY3ER1hxU38n9NCotvFXAUOoEzPbPQtfPjISHHk6MI1HWDsNytknhvVF BMfBLlJ4FjA3WW6J5B4ed0stdilv4USrSg/3SBmmGyPjNgDqTfCJpdizOdg80F6F 3dQnTwUFIQHYBNfA/VOXmn0GrxTnM/d+pi+0raZU8L5IVlnnKQuWCSwVperBaDTk 3MtG7wax4wzg49mZeK70mOXzn1pGg74Qw+sZAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU18u4j/78BDLmZ9J9Ns+9WlUsPeswHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzE4dTRqXzc4QkRMbVo5 SjlOcy05V2xVc1Blcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ7YgwwDQYJKoZIhvcNAQELBQADggEBAFyZ+rEp+LEnuz/H25Syv7aOjni1G7Ev pvIjr8Mr75gRs3wdzUoG8yBUU8cwUlxSiPOojnFACpvw5X40QWibjtNrWYMdIs2b urNljYBoFT/OLiSe4Cc6l36r/4DXxmHsCmAEOUU9QfkdQj9lAjG2667tK/ZsACPM n/xRgrOoiPTz0dUUGwMFbxqQPFhZtQ5/tCUo3uLgKd+eAs1uvEjkaqF0f5vnj71h DAX9nmtRi7ifTkKPeP3gINIqwpivlGZbzmhnHXgG2auHqpm2MpDx4FPP93SyE7tb elHIIp0kSp1Ro/ffDjCHnXWoygwOB8tZGO0C1l+wv3oiu0ksutZQuAs= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org