$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/3xej66Hd16SZn15JklVT56ZP9mA.roa File: 3xej66Hd16SZn15JklVT56ZP9mA.roa (raw, json) Hash identifier: nG5wB+He4j9PUwBMQhL+vAx/AC+HDeUiunIB8jvS6zA= Subject key identifier: DF:17:A3:EB:A1:DD:D7:A4:99:9F:5E:49:92:55:53:E7:A6:4F:F6:60 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0E8E Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/3xej66Hd16SZn15JklVT56ZP9mA.roa Signing time: Thu 21 Nov 2024 04:34:26 +0000 ROA not before: Thu 21 Nov 2024 04:34:26 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 62387 IP address blocks: 119.59.232.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3726 (0xe8e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Nov 21 04:34:26 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=DF17A3EBA1DDD7A4999F5E49925553E7A64FF660 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:61:f6:66:dc:9b:77:d0:df:c8:49:fd:61:ab: 93:8b:ed:ae:d2:70:d0:43:49:04:dd:a6:7a:c5:da: e8:ea:9e:e8:1c:38:22:38:d7:be:f8:db:2b:81:69: 84:bd:c0:55:26:b6:a8:95:77:76:c3:61:15:20:a2: d6:12:99:c9:a2:8d:c2:b1:d8:a4:45:16:5b:96:46: 43:59:d2:1e:77:b1:fa:5a:45:06:0d:68:37:24:55: ac:11:ad:61:f3:7d:25:1a:71:33:bd:f6:6d:77:cf: ff:2a:b0:f5:b7:94:e8:de:49:55:3e:58:df:b8:c0: 11:33:d5:bc:05:71:9a:77:2a:d0:e7:17:5f:27:ed: d8:89:49:50:98:a3:63:49:a3:53:e2:f0:7d:9e:79: f0:91:2e:0f:35:4c:0d:c0:24:bd:1b:90:12:39:d7: 06:41:73:b2:7f:bf:db:7f:2a:2e:53:ca:9c:18:a0: 3e:83:71:7b:16:e3:a9:2f:7a:1a:ff:e4:85:89:24: d4:b7:1f:f3:08:3b:cd:e5:44:b9:c8:7b:5a:ef:7d: 50:73:5a:83:e5:3e:04:90:37:61:d5:72:d1:79:65: 87:fb:2c:36:27:01:0b:c4:43:4a:84:5b:75:19:82: 4e:9f:e0:bc:ab:1c:02:4e:2b:45:1e:ae:73:c3:13: a8:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:17:A3:EB:A1:DD:D7:A4:99:9F:5E:49:92:55:53:E7:A6:4F:F6:60 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/3xej66Hd16SZn15JklVT56ZP9mA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.59.232.0/22 Signature Algorithm: sha256WithRSAEncryption 11:b4:0e:37:af:79:8c:4c:23:40:6f:be:78:f4:d9:da:57:78: 41:57:2b:a1:18:69:9c:dc:2b:25:06:e8:25:ee:b3:19:29:ea: 21:76:9e:27:df:d1:cf:fb:ea:d1:7d:c4:92:12:e1:aa:5a:6e: f5:b8:7e:7c:ba:fc:03:f9:05:79:27:2c:44:87:26:55:8b:aa: 46:d0:92:36:97:86:1a:c2:6c:60:8a:9b:05:86:7f:45:6d:cd: 01:85:d1:eb:99:0e:c4:be:67:6f:8e:5c:cb:54:4a:8c:fd:63: af:36:06:9f:04:08:b1:9c:ac:44:62:fe:49:08:2f:57:3c:10: 94:16:48:bb:96:65:0a:56:92:88:ea:81:8a:50:7c:4a:45:cb: d8:6b:75:ae:d9:4e:b4:8f:08:91:9a:9e:45:0c:b1:05:72:43: a7:86:e8:fa:96:05:4a:5e:95:f1:6c:59:d4:97:22:0b:e0:9a: 43:67:5e:9d:56:64:97:b7:44:14:40:1e:32:9d:27:5b:5d:9b: 31:5c:5a:73:b0:4c:6b:a8:70:8c:9d:db:43:44:03:b0:30:cd: 90:84:3c:03:12:28:06:96:25:98:b1:94:19:73:82:33:37:9c: 6b:ae:e8:13:9c:38:45:2f:36:70:8e:27:93:c8:02:c8:1e:48: d7:d9:58:1d -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDo4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDExMjEw NDM0MjZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKERGMTdBM0VCQTFEREQ3 QTQ5OTlGNUU0OTkyNTU1M0U3QTY0RkY2NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWYfZm3Jt30N/ISf1hq5OL7a7ScNBDSQTdpnrF2ujqnugcOCI4 17742yuBaYS9wFUmtqiVd3bDYRUgotYSmcmijcKx2KRFFluWRkNZ0h53sfpaRQYN aDckVawRrWHzfSUacTO99m13z/8qsPW3lOjeSVU+WN+4wBEz1bwFcZp3KtDnF18n 7diJSVCYo2NJo1Pi8H2eefCRLg81TA3AJL0bkBI51wZBc7J/v9t/Ki5TypwYoD6D cXsW46kvehr/5IWJJNS3H/MIO83lRLnIe1rvfVBzWoPlPgSQN2HVctF5ZYf7LDYn AQvEQ0qEW3UZgk6f4LyrHAJOK0UernPDE6izAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU3xej66Hd16SZn15JklVT56ZP9mAwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzN4ZWo2NkhkMTZTWm4x NUprbFZUNTZaUDltQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ3O+gwDQYJKoZIhvcNAQELBQADggEBABG0DjeveYxMI0Bvvnj02dpXeEFXK6EY aZzcKyUG6CXusxkp6iF2niff0c/76tF9xJIS4apabvW4fny6/AP5BXknLESHJlWL qkbQkjaXhhrCbGCKmwWGf0VtzQGF0euZDsS+Z2+OXMtUSoz9Y682Bp8ECLGcrERi /kkIL1c8EJQWSLuWZQpWkojqgYpQfEpFy9hrda7ZTrSPCJGankUMsQVyQ6eG6PqW BUpelfFsWdSXIgvgmkNnXp1WZJe3RBRAHjKdJ1tdmzFcWnOwTGuocIyd20NEA7Aw zZCEPAMSKAaWJZixlBlzgjM3nGuu6BOcOEUvNnCOJ5PIAsgeSNfZWB0= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org