$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/LdWJl7pbj6mmgT7jXWq2fx-qZ5I.roa File: LdWJl7pbj6mmgT7jXWq2fx-qZ5I.roa (raw, json) Hash identifier: PexsdrCZJigvRSn5BLIy10UeCDBGHLq8BMFq3dC9yWo= Subject key identifier: 2D:D5:89:97:BA:5B:8F:A9:A6:81:3E:E3:5D:6A:B6:7F:1F:AA:67:92 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0C4F Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/LdWJl7pbj6mmgT7jXWq2fx-qZ5I.roa Signing time: Wed 28 Aug 2024 08:53:54 +0000 ROA not before: Wed 28 Aug 2024 08:53:54 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 62387 IP address blocks: 119.59.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3151 (0xc4f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Aug 28 08:53:54 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=2DD58997BA5B8FA9A6813EE35D6AB67F1FAA6792 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:03:bb:92:d3:23:dd:33:a5:dc:49:52:64:6b: 94:94:40:8f:a9:23:69:f1:08:40:78:2c:f6:17:b2: 60:7a:6f:4c:c8:2c:cc:c1:5b:cf:6a:ab:0a:54:8c: e0:6f:46:aa:1d:ab:e1:c3:21:0a:3a:03:5e:fa:8d: 35:b0:14:2e:f3:f4:eb:4d:f3:d1:f2:79:b5:80:3d: 37:f8:ef:67:d7:ed:b8:6e:90:6c:f1:a2:42:11:a3: da:b2:7d:83:a1:d3:28:a2:64:7f:52:6b:bf:1a:3d: 8c:29:06:5b:62:98:a6:a6:e0:ad:2e:e9:70:fa:97: 4a:5b:62:64:e6:e9:3b:60:52:97:df:af:57:99:b8: 6d:bb:f7:9a:76:c7:46:c3:f9:19:c1:3f:18:fc:0e: 1d:4c:cf:ef:ea:f5:e4:76:f6:ca:d4:35:bb:82:c9: d0:6b:85:b4:b8:3a:c4:2d:e8:7b:7e:df:3f:34:1c: f3:e0:72:d2:07:3a:e0:39:6f:37:5c:6b:2b:1e:fb: 66:ec:40:a4:10:56:a6:2a:bb:93:2f:0f:f3:54:53: 6c:cd:5e:4e:b4:58:da:84:89:46:d7:58:ae:a9:51: 00:eb:e0:7b:e9:7e:e8:92:e1:0e:83:e1:e6:dc:e2: 02:32:35:f9:16:eb:7b:26:8a:f4:cd:fd:72:94:bc: 0b:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:D5:89:97:BA:5B:8F:A9:A6:81:3E:E3:5D:6A:B6:7F:1F:AA:67:92 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/LdWJl7pbj6mmgT7jXWq2fx-qZ5I.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.59.196.0/22 Signature Algorithm: sha256WithRSAEncryption 15:20:2e:4f:3c:9f:42:53:fd:12:23:4c:07:02:85:a1:56:53: 80:c4:16:b7:34:ad:fa:fc:7c:43:01:47:52:f2:a4:40:78:a2: 0d:f6:8b:37:fe:c9:45:38:1f:2a:00:4a:12:cc:03:69:13:63: 52:0e:55:6f:6e:b2:c8:32:27:51:3f:26:ff:77:06:a4:2a:f5: 53:e6:a7:3c:15:65:1c:f3:4f:d3:c1:12:e3:dd:c5:94:b7:57: 5b:3f:39:9a:88:b0:c4:ff:43:6e:d3:38:d8:c5:d0:0d:22:e5: b3:d0:75:77:0a:a9:4d:dc:29:40:13:78:24:43:1c:a0:11:2e: a8:a0:ee:18:d3:40:0e:fc:be:9e:87:f8:21:4d:4a:b1:a7:72: 2f:9f:60:98:f4:e5:67:94:3b:c4:4d:23:8e:8c:69:3b:77:7c: ee:54:78:4d:e5:ae:5a:12:9b:7a:fb:a8:d5:4f:33:3f:3b:35: 95:60:8b:91:8f:a5:3c:4d:4b:11:61:5e:61:33:35:a3:3e:41: 85:41:11:87:97:f6:e9:f0:f9:0a:cd:0c:87:e7:f1:1c:f1:90: 40:27:04:8d:c3:e0:8a:09:86:c0:0a:c9:5d:8d:fd:14:4d:a9: 41:6d:26:ba:6b:72:48:ee:c8:76:8d:41:36:ab:fa:cb:50:75: 09:ca:15:59 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDE8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw ODUzNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJERDU4OTk3QkE1QjhG QTlBNjgxM0VFMzVENkFCNjdGMUZBQTY3OTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5A7uS0yPdM6XcSVJka5SUQI+pI2nxCEB4LPYXsmB6b0zILMzB W89qqwpUjOBvRqodq+HDIQo6A176jTWwFC7z9OtN89HyebWAPTf472fX7bhukGzx okIRo9qyfYOh0yiiZH9Sa78aPYwpBltimKam4K0u6XD6l0pbYmTm6TtgUpffr1eZ uG2795p2x0bD+RnBPxj8Dh1Mz+/q9eR29srUNbuCydBrhbS4OsQt6Ht+3z80HPPg ctIHOuA5bzdcayse+2bsQKQQVqYqu5MvD/NUU2zNXk60WNqEiUbXWK6pUQDr4Hvp fuiS4Q6D4ebc4gIyNfkW63smivTN/XKUvAv/AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQULdWJl7pbj6mmgT7jXWq2fx+qZ5IwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0xkV0psN3BiajZtbWdU N2pYV3EyZngtcVo1SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ3O8QwDQYJKoZIhvcNAQELBQADggEBABUgLk88n0JT/RIjTAcChaFWU4DEFrc0 rfr8fEMBR1LypEB4og32izf+yUU4HyoAShLMA2kTY1IOVW9ussgyJ1E/Jv93BqQq 9VPmpzwVZRzzT9PBEuPdxZS3V1s/OZqIsMT/Q27TONjF0A0i5bPQdXcKqU3cKUAT eCRDHKARLqig7hjTQA78vp6H+CFNSrGnci+fYJj05WeUO8RNI46MaTt3fO5UeE3l rloSm3r7qNVPMz87NZVgi5GPpTxNSxFhXmEzNaM+QYVBEYeX9unw+QrNDIfn8Rzx kEAnBI3D4IoJhsAKyV2N/RRNqUFtJrprckjuyHaNQTar+stQdQnKFVk= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org