$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/UQkx2OemreRORy0Z_d_QGL8kudY.roa File: UQkx2OemreRORy0Z_d_QGL8kudY.roa (raw, json) Hash identifier: 8hXXIreHeLF+b8Fv6YMNdlSokvWY6HAkAn6CdTzp6zw= Subject key identifier: 51:09:31:D8:E7:A6:AD:E4:4E:47:2D:19:FD:DF:D0:18:BF:24:B9:D6 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0C50 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/UQkx2OemreRORy0Z_d_QGL8kudY.roa Signing time: Wed 28 Aug 2024 08:53:54 +0000 ROA not before: Wed 28 Aug 2024 08:53:54 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 62387 IP address blocks: 211.149.76.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3152 (0xc50) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Aug 28 08:53:54 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=510931D8E7A6ADE44E472D19FDDFD018BF24B9D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:94:32:df:5f:a0:db:a3:e4:a2:c4:4d:71:f1: 0e:86:d0:71:d2:7d:87:a0:af:ba:c4:bd:0a:32:d9: b2:51:2a:c7:d2:85:79:5f:ec:ae:d2:ed:d6:25:bd: a1:e7:d8:12:51:4a:9e:d6:ac:b4:a5:59:d2:95:83: b0:02:74:c1:28:c4:df:42:82:d7:ce:43:cc:1d:45: 51:eb:f7:57:2b:d3:da:7b:81:21:3c:83:89:a9:29: 49:c4:95:04:48:4d:56:78:f6:f9:53:f3:96:95:3d: f8:cb:89:20:c2:36:8b:f7:ce:43:c1:40:59:e4:b2: c2:f9:c8:f1:2b:bc:e6:86:6d:b7:8c:e3:50:55:9b: 40:ef:b3:48:25:c2:57:41:7d:e2:a0:ee:b6:e0:dd: e0:5d:93:51:c8:c3:51:96:96:95:5c:21:ac:e3:98: 30:90:dd:d2:c1:8f:95:b3:6b:5c:82:4b:66:df:31: d9:f2:b7:c4:2f:24:61:e5:c1:60:65:f7:0b:24:0c: 6b:29:ad:37:ae:b3:34:cc:46:39:8f:3c:70:c1:bc: 18:9b:09:f9:eb:50:6e:c8:6a:26:3b:1a:58:4b:37: 60:ce:6a:07:01:5a:63:4f:af:20:c6:69:06:ad:6f: cd:f7:ab:5d:92:50:f3:90:dd:8e:1c:e4:78:f2:c7: f6:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:09:31:D8:E7:A6:AD:E4:4E:47:2D:19:FD:DF:D0:18:BF:24:B9:D6 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/UQkx2OemreRORy0Z_d_QGL8kudY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.149.76.0/22 Signature Algorithm: sha256WithRSAEncryption 23:a0:fd:2a:d1:eb:13:a4:b5:7f:05:75:b9:3e:f9:e5:99:ea: 0b:68:f8:e4:b4:1c:99:c6:d4:b8:63:0f:2a:5b:12:66:30:f4: e0:ce:8c:33:e4:23:7f:e6:b7:35:2f:23:2a:25:28:9c:df:b8: 42:12:a4:93:d7:bb:be:1a:d7:8e:b6:27:b0:84:e4:02:89:88: 08:73:8f:52:01:33:bf:f1:0b:5d:bf:2a:e0:b0:82:fd:85:1f: ff:aa:9e:ab:01:a6:5e:cc:a3:12:db:3a:35:e7:60:e8:92:0f: 1e:e8:03:11:27:c9:02:d3:e6:56:0e:ba:ca:a9:cd:19:d6:a5: a4:f2:2e:02:4d:a4:c5:68:76:b6:ce:b2:2b:55:21:24:02:1d: bc:80:52:e2:6a:c7:c5:45:a9:76:32:a2:73:b3:db:e3:59:dd: 41:86:03:8f:2e:30:dd:95:9a:72:86:48:0e:97:8d:4e:1a:d2: ec:83:b8:eb:27:ab:26:19:ed:9d:ef:d6:46:dc:b4:9f:66:7a: 6f:ff:4e:35:ed:03:1e:49:1c:b6:b1:c6:90:88:bb:99:21:e4: 74:9d:a9:de:ea:ae:8a:6b:b4:4d:7e:15:d2:c4:ac:3c:35:7e: 89:86:c2:a7:2e:fe:a5:40:d8:e9:c0:1f:78:25:d6:62:09:5c: 9b:dd:9d:0d -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDFAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw ODUzNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUxMDkzMUQ4RTdBNkFE RTQ0RTQ3MkQxOUZEREZEMDE4QkYyNEI5RDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCslDLfX6Dbo+SixE1x8Q6G0HHSfYegr7rEvQoy2bJRKsfShXlf 7K7S7dYlvaHn2BJRSp7WrLSlWdKVg7ACdMEoxN9CgtfOQ8wdRVHr91cr09p7gSE8 g4mpKUnElQRITVZ49vlT85aVPfjLiSDCNov3zkPBQFnkssL5yPErvOaGbbeM41BV m0Dvs0glwldBfeKg7rbg3eBdk1HIw1GWlpVcIazjmDCQ3dLBj5Wza1yCS2bfMdny t8QvJGHlwWBl9wskDGsprTeuszTMRjmPPHDBvBibCfnrUG7IaiY7GlhLN2DOagcB WmNPryDGaQatb833q12SUPOQ3Y4c5Hjyx/afAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUUQkx2OemreRORy0Z/d/QGL8kudYwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1VRa3gyT2VtcmVST1J5 MFpfZF9RR0w4a3VkWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BALTlUwwDQYJKoZIhvcNAQELBQADggEBACOg/SrR6xOktX8Fdbk++eWZ6gto+OS0 HJnG1LhjDypbEmYw9ODOjDPkI3/mtzUvIyolKJzfuEISpJPXu74a1462J7CE5AKJ iAhzj1IBM7/xC12/KuCwgv2FH/+qnqsBpl7MoxLbOjXnYOiSDx7oAxEnyQLT5lYO usqpzRnWpaTyLgJNpMVodrbOsitVISQCHbyAUuJqx8VFqXYyonOz2+NZ3UGGA48u MN2VmnKGSA6XjU4a0uyDuOsnqyYZ7Z3v1kbctJ9mem//TjXtAx5JHLaxxpCIu5kh 5HSdqd7qroprtE1+FdLErDw1fomGwqcu/qVA2OnAH3gl1mIJXJvdnQ0= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org