$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/LxTN4j5b2xVxzy0kGFgfrE_XYI4.roa File: LxTN4j5b2xVxzy0kGFgfrE_XYI4.roa (raw, json) Hash identifier: qHtPKuhCfUrwhihLEN8cTlo61tTwaj9nsX8QbNU+6i0= Subject key identifier: 2F:14:CD:E2:3E:5B:DB:15:71:CF:2D:24:18:58:1F:AC:4F:D7:60:8E Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0D11 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/LxTN4j5b2xVxzy0kGFgfrE_XYI4.roa Signing time: Tue 24 Sep 2024 11:42:15 +0000 ROA not before: Tue 24 Sep 2024 11:42:15 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 34549 IP address blocks: 123.98.102.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 11:23:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3345 (0xd11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Sep 24 11:42:15 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=2F14CDE23E5BDB1571CF2D2418581FAC4FD7608E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:6d:7d:71:f1:be:69:96:7a:44:4b:41:58:23: 39:9a:d1:9e:52:2d:65:6d:be:99:9f:82:50:88:2b: 72:0f:a3:55:6b:1d:0b:16:27:ae:50:8e:c1:5e:47: ca:27:7f:e6:73:cf:18:7a:7e:a9:a0:98:07:f4:b7: a7:f1:8e:07:1a:3a:46:6c:64:27:b1:07:5e:0d:07: cf:c6:88:7d:7d:34:8e:d4:c2:d3:23:f9:f4:18:fa: 1e:ec:8e:eb:f4:56:9a:99:95:9b:7d:1a:3c:6d:7d: 1b:6d:36:2e:12:9e:75:bb:45:7d:d4:6b:1a:8d:f7: 63:ab:bb:23:4f:b1:f5:8b:e8:54:d2:e2:d6:54:a8: 1a:6d:6f:d5:ee:dc:25:26:d0:00:03:2f:68:4d:0d: 08:fd:0e:0c:3a:d7:8e:6d:69:5c:16:89:db:98:c4: d9:0e:56:76:32:9a:d6:46:52:09:18:a9:d8:de:1e: 81:65:ee:fb:57:db:ab:9d:30:21:0c:20:ba:fc:e1: ee:03:19:b7:03:c9:0e:7c:b0:f0:b7:9a:1d:c7:ad: 40:57:e1:ca:8a:c3:d9:aa:39:c5:e3:ba:08:1b:74: 35:85:21:18:d5:a6:69:ff:36:e4:1d:c7:18:29:e0: 22:8c:91:2b:2b:00:2c:fc:e7:92:00:99:35:2b:64: 7f:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:14:CD:E2:3E:5B:DB:15:71:CF:2D:24:18:58:1F:AC:4F:D7:60:8E X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/LxTN4j5b2xVxzy0kGFgfrE_XYI4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.98.102.0/23 Signature Algorithm: sha256WithRSAEncryption 63:80:5b:bb:2f:ff:df:69:44:e5:2b:ef:7d:79:3a:89:bc:b6: 3f:c6:d6:d0:9d:da:50:c3:4e:93:9c:d6:ec:93:81:65:b5:56: 32:a3:4b:3c:4e:11:ce:41:18:63:4a:c9:d0:86:74:a6:9c:86: f6:83:9f:7a:5a:f4:39:8e:84:62:3a:10:90:81:58:2a:1b:6b: 69:08:6d:9c:06:9b:a3:cd:96:04:e3:9c:d9:04:66:af:20:a6: 76:46:c3:09:cc:b9:41:00:90:b8:7e:c3:bd:f9:97:0f:14:32: 69:26:bb:7a:12:cc:88:f1:0a:31:fe:08:f3:2b:06:bb:15:f6: ee:06:71:87:44:cb:49:03:d2:9e:2c:e7:97:fd:aa:50:7e:29: d9:69:9f:08:6d:7c:fd:94:e3:97:3c:d0:c1:57:65:4e:24:74: 05:44:c7:89:63:5c:19:0d:2e:18:ab:68:97:12:67:dc:bf:59: 39:1e:a5:b1:fc:72:0f:df:88:93:a0:c5:75:80:61:89:79:52: 15:a9:dc:d1:db:28:ae:07:6c:f5:ed:64:55:8e:f4:2d:23:4d: 26:62:ef:06:bc:51:10:c9:a2:18:7a:fb:15:b0:46:eb:7e:80: 21:5a:94:c9:2f:c3:a9:39:2c:67:f8:bc:10:31:0c:f9:c9:dc: 9a:fe:29:4b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDREwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA5MjQx MTQyMTVaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDJGMTRDREUyM0U1QkRC MTU3MUNGMkQyNDE4NTgxRkFDNEZENzYwOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUbX1x8b5plnpES0FYIzma0Z5SLWVtvpmfglCIK3IPo1VrHQsW J65QjsFeR8onf+Zzzxh6fqmgmAf0t6fxjgcaOkZsZCexB14NB8/GiH19NI7UwtMj +fQY+h7sjuv0VpqZlZt9GjxtfRttNi4SnnW7RX3UaxqN92OruyNPsfWL6FTS4tZU qBptb9Xu3CUm0AADL2hNDQj9Dgw6145taVwWiduYxNkOVnYymtZGUgkYqdjeHoFl 7vtX26udMCEMILr84e4DGbcDyQ58sPC3mh3HrUBX4cqKw9mqOcXjuggbdDWFIRjV pmn/NuQdxxgp4CKMkSsrACz855IAmTUrZH/jAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQULxTN4j5b2xVxzy0kGFgfrE/XYI4wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0x4VE40ajViMnhWeHp5 MGtHRmdmckVfWFlJNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAF7YmYwDQYJKoZIhvcNAQELBQADggEBAGOAW7sv/99pROUr7315Oom8tj/G1tCd 2lDDTpOc1uyTgWW1VjKjSzxOEc5BGGNKydCGdKachvaDn3pa9DmOhGI6EJCBWCob a2kIbZwGm6PNlgTjnNkEZq8gpnZGwwnMuUEAkLh+w735lw8UMmkmu3oSzIjxCjH+ CPMrBrsV9u4GcYdEy0kD0p4s55f9qlB+KdlpnwhtfP2U45c80MFXZU4kdAVEx4lj XBkNLhiraJcSZ9y/WTkepbH8cg/fiJOgxXWAYYl5UhWp3NHbKK4HbPXtZFWO9C0j TSZi7wa8URDJohh6+xWwRut+gCFalMkvw6k5LGf4vBAxDPnJ3Jr+KUs= -----END CERTIFICATE-----Generated at Fri Nov 22 09:32:46 2024 by rpki-client on console-fra.rpki-client.org