$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/Dzcs9WdwgM3GTFIh8iYqNDTwO6w.roa File: Dzcs9WdwgM3GTFIh8iYqNDTwO6w.roa (raw, json) Hash identifier: a77Y9YejKpZ2c68Nr+BTT0EmBOLgEAvJwzh2goBD6bQ= Subject key identifier: 0F:37:2C:F5:67:70:80:CD:C6:4C:52:21:F2:26:2A:34:34:F0:3B:AC Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0C53 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/Dzcs9WdwgM3GTFIh8iYqNDTwO6w.roa Signing time: Wed 28 Aug 2024 08:53:57 +0000 ROA not before: Wed 28 Aug 2024 08:53:57 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 34549 IP address blocks: 123.98.64.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 11:23:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3155 (0xc53) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Aug 28 08:53:57 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=0F372CF5677080CDC64C5221F2262A3434F03BAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:1a:67:ad:7e:ad:63:7b:96:7a:c3:67:78:cd: 02:d3:32:db:cc:37:7b:56:88:93:cb:f7:4c:c7:dc: 94:b8:a1:b4:09:27:de:e4:7f:da:3f:b0:f2:c2:00: 20:97:cf:d5:d4:93:09:e7:b8:c1:04:30:05:db:19: 64:0f:48:38:af:71:d4:d6:87:de:14:e1:eb:46:0c: 09:2f:f0:59:c2:b3:96:b0:4d:4f:c9:88:a3:73:f3: 50:85:55:3b:cc:a7:0e:2d:39:cf:a3:c3:83:36:0b: 94:f9:f8:0c:20:bf:c3:cd:19:b3:62:3b:58:11:a5: 65:4f:cf:51:8d:7a:24:70:5f:40:d1:c2:8a:30:bb: b7:67:86:e7:98:0f:ce:b5:80:6b:aa:85:00:26:a8: 60:41:73:a3:db:0b:5b:bd:a5:4e:ba:44:56:dd:7e: 33:2d:3f:3f:33:54:73:6f:84:a3:ad:e1:73:b3:f7: c5:f0:62:0e:e9:d9:4a:f8:71:f3:5c:a3:f7:34:d9: d5:ee:18:00:a2:92:61:17:75:18:32:3b:cc:76:d4: a9:d5:6e:03:3a:67:d7:b5:d1:7e:6d:cb:ec:84:e6: 21:49:78:68:7a:3e:5e:c5:40:df:f9:52:b3:26:6a: 96:4b:75:c5:da:c3:03:39:c8:53:47:fd:82:11:c3: 19:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:37:2C:F5:67:70:80:CD:C6:4C:52:21:F2:26:2A:34:34:F0:3B:AC X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/Dzcs9WdwgM3GTFIh8iYqNDTwO6w.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.98.64.0/22 Signature Algorithm: sha256WithRSAEncryption ba:22:b9:ec:80:be:54:54:b5:af:d8:65:95:2f:87:80:68:8e: 1a:4e:cb:ca:dd:26:fa:cd:5f:b9:67:d2:bb:ef:63:30:ed:77: 57:3e:88:9b:ca:45:29:af:60:b3:64:09:99:16:65:5d:e7:a7: 2f:e9:b1:dd:68:ae:8a:01:b6:c5:c7:17:4d:bb:b2:b1:75:bb: 2d:68:10:ab:f1:ee:a0:e3:4b:42:f5:d0:68:75:e1:09:07:06: fb:2e:2e:d1:5b:88:27:fc:78:d0:1a:dd:98:76:f5:71:90:1a: f7:93:2f:9c:7d:0e:6f:c3:30:8c:c3:0d:f3:25:d3:90:60:b8: 82:f8:e5:5e:08:9f:5f:96:2c:a5:56:8f:46:88:2c:b9:0a:e4: c3:6e:79:91:86:93:b7:6b:c4:ec:99:e1:df:08:8e:d0:88:45: ab:97:e2:87:f8:e6:ee:da:63:7a:a4:3a:e3:31:31:e9:ca:38: 7e:c1:a2:c3:6d:06:b1:da:b4:35:32:0e:80:8b:5f:7b:fe:24: e7:12:53:13:ad:81:43:21:2c:a0:77:bf:11:e9:d8:03:1e:25: e0:7a:41:f1:fc:54:f2:34:8e:fe:67:e4:e0:c6:dd:14:64:a0: 8b:f3:a8:5f:c7:14:c8:52:b6:dc:46:75:ff:19:54:64:2a:d7: 70:4e:3b:63 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDFMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw ODUzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBGMzcyQ0Y1Njc3MDgw Q0RDNjRDNTIyMUYyMjYyQTM0MzRGMDNCQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5Gmetfq1je5Z6w2d4zQLTMtvMN3tWiJPL90zH3JS4obQJJ97k f9o/sPLCACCXz9XUkwnnuMEEMAXbGWQPSDivcdTWh94U4etGDAkv8FnCs5awTU/J iKNz81CFVTvMpw4tOc+jw4M2C5T5+Awgv8PNGbNiO1gRpWVPz1GNeiRwX0DRwoow u7dnhueYD861gGuqhQAmqGBBc6PbC1u9pU66RFbdfjMtPz8zVHNvhKOt4XOz98Xw Yg7p2Ur4cfNco/c02dXuGACikmEXdRgyO8x21KnVbgM6Z9e10X5ty+yE5iFJeGh6 Pl7FQN/5UrMmapZLdcXawwM5yFNH/YIRwxlRAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUDzcs9WdwgM3GTFIh8iYqNDTwO6wwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0R6Y3M5V2R3Z00zR1RG SWg4aVlxTkRUd082dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ7YkAwDQYJKoZIhvcNAQELBQADggEBALoiueyAvlRUta/YZZUvh4BojhpOy8rd JvrNX7ln0rvvYzDtd1c+iJvKRSmvYLNkCZkWZV3npy/psd1orooBtsXHF027srF1 uy1oEKvx7qDjS0L10Gh14QkHBvsuLtFbiCf8eNAa3Zh29XGQGveTL5x9Dm/DMIzD DfMl05BguIL45V4In1+WLKVWj0aILLkK5MNueZGGk7drxOyZ4d8IjtCIRauX4of4 5u7aY3qkOuMxMenKOH7BosNtBrHatDUyDoCLX3v+JOcSUxOtgUMhLKB3vxHp2AMe JeB6QfH8VPI0jv5n5ODG3RRkoIvzqF/HFMhSttxGdf8ZVGQq13BOO2M= -----END CERTIFICATE-----Generated at Fri Nov 22 09:42:24 2024 by rpki-client on console-ams.rpki-client.org