$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/N3DwrOCSm7kSDKPio412jyc7bx4.roa File: N3DwrOCSm7kSDKPio412jyc7bx4.roa (raw, json) Hash identifier: qbzcizT++3eiJYl3/M3eLugGKfV9tRlYdrH5zOl184g= Subject key identifier: 37:70:F0:AC:E0:92:9B:B9:12:0C:A3:E2:A3:8D:76:8F:27:3B:6F:1E Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0C4D Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/N3DwrOCSm7kSDKPio412jyc7bx4.roa Signing time: Wed 28 Aug 2024 08:53:54 +0000 ROA not before: Wed 28 Aug 2024 08:53:54 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 62387 IP address blocks: 119.59.244.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3149 (0xc4d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Aug 28 08:53:54 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=3770F0ACE0929BB9120CA3E2A38D768F273B6F1E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:1f:3e:fc:0c:c3:cf:41:1e:6f:6c:64:05:3e: 10:18:e1:3d:ad:27:26:ff:80:83:72:1f:99:15:45: f8:20:a0:18:4c:44:18:6c:f2:b9:39:7b:85:0b:fe: 74:8a:78:53:75:c4:38:2c:4d:71:78:03:06:22:50: c6:ba:85:f9:45:7b:ec:4d:78:f9:c2:6e:04:83:df: 4a:5c:c7:5e:7c:bf:93:ae:81:11:f7:cf:b4:78:05: 4a:6f:19:36:c6:5a:5e:40:22:15:e1:d2:d9:5d:2b: ac:76:40:a1:aa:26:53:e4:51:3d:24:3f:cb:e3:fb: ee:fb:26:a0:50:85:b8:2a:e3:df:ca:46:de:b8:21: 36:d0:80:89:61:69:14:15:0e:c1:d0:c3:63:e0:02: 1e:5f:5c:68:6b:45:08:0a:ff:fd:64:d7:91:3e:4a: 40:52:e9:c3:98:57:93:84:7a:d9:30:27:36:81:4c: a8:61:33:15:4e:76:10:77:6c:ee:45:85:b5:f2:bc: ca:5d:80:5a:25:7e:e0:9d:aa:9f:9e:89:73:03:5f: 76:1a:7f:15:1f:03:eb:ce:90:72:74:ad:0d:4f:0f: 09:43:4f:c8:23:1f:30:eb:49:a3:99:e4:9b:9a:ad: bc:5f:74:b9:73:a7:f3:30:51:db:91:e0:94:0b:fa: ad:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:70:F0:AC:E0:92:9B:B9:12:0C:A3:E2:A3:8D:76:8F:27:3B:6F:1E X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/N3DwrOCSm7kSDKPio412jyc7bx4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.59.244.0/22 Signature Algorithm: sha256WithRSAEncryption 91:b6:e0:c9:aa:a1:33:33:e7:a9:16:ca:0a:f2:a0:59:9d:00: e1:35:2e:eb:ae:58:3d:fd:f1:aa:a4:18:6c:d6:f5:6d:d0:89: 3c:1d:5b:74:15:a1:99:41:6c:f6:53:4d:ee:45:eb:11:c7:43: be:9f:79:28:58:c5:e3:f4:a7:4c:38:ca:54:17:e7:db:4d:41: 72:0c:fe:56:f7:80:1f:78:db:b8:ef:15:3d:48:b9:e1:50:26: bf:4e:29:34:fc:a5:ed:21:da:f3:7c:1f:97:c1:9e:f6:8f:7c: 7e:16:13:66:7b:7c:7d:4b:a3:dc:d4:81:68:7b:f2:4b:fd:05: d2:18:3c:87:7b:7c:f9:5d:3b:2f:8d:b9:84:1a:bb:5f:85:5c: eb:cf:1f:f6:6b:dd:a5:a0:7b:d8:0b:e2:e0:fc:c9:7a:e6:57: fe:b6:9f:ed:57:2c:a5:cb:34:d9:03:86:e6:84:7a:48:69:bd: 7f:b0:51:01:1a:49:47:8c:d1:f8:be:08:9c:5f:87:2a:43:ab: 95:b9:56:b4:e9:be:e6:26:9c:f8:e3:2b:ab:b3:fd:11:5a:7f: 4c:d6:db:65:de:f6:a5:17:ea:b5:cf:f2:65:da:da:37:40:0e: 5d:dd:d8:b8:0b:15:00:c5:62:61:43:65:b7:94:cf:a5:92:b1: 4b:4a:54:2e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDE0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw ODUzNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM3NzBGMEFDRTA5MjlC QjkxMjBDQTNFMkEzOEQ3NjhGMjczQjZGMUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAHz78DMPPQR5vbGQFPhAY4T2tJyb/gINyH5kVRfggoBhMRBhs 8rk5e4UL/nSKeFN1xDgsTXF4AwYiUMa6hflFe+xNePnCbgSD30pcx158v5OugRH3 z7R4BUpvGTbGWl5AIhXh0tldK6x2QKGqJlPkUT0kP8vj++77JqBQhbgq49/KRt64 ITbQgIlhaRQVDsHQw2PgAh5fXGhrRQgK//1k15E+SkBS6cOYV5OEetkwJzaBTKhh MxVOdhB3bO5FhbXyvMpdgFolfuCdqp+eiXMDX3YafxUfA+vOkHJ0rQ1PDwlDT8gj HzDrSaOZ5JuarbxfdLlzp/MwUduR4JQL+q33AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUN3DwrOCSm7kSDKPio412jyc7bx4wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL04zRHdyT0NTbTdrU0RL UGlvNDEyanljN2J4NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ3O/QwDQYJKoZIhvcNAQELBQADggEBAJG24MmqoTMz56kWygryoFmdAOE1Luuu WD398aqkGGzW9W3QiTwdW3QVoZlBbPZTTe5F6xHHQ76feShYxeP0p0w4ylQX59tN QXIM/lb3gB9427jvFT1IueFQJr9OKTT8pe0h2vN8H5fBnvaPfH4WE2Z7fH1Lo9zU gWh78kv9BdIYPId7fPldOy+NuYQau1+FXOvPH/Zr3aWge9gL4uD8yXrmV/62n+1X LKXLNNkDhuaEekhpvX+wUQEaSUeM0fi+CJxfhypDq5W5VrTpvuYmnPjjK6uz/RFa f0zW22Xe9qUX6rXP8mXa2jdADl3d2LgLFQDFYmFDZbeUz6WSsUtKVC4= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:12 2024 by rpki-client on console-fra.rpki-client.org