$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/UdWmazoOuWYKbcovE583Ef7yY78.roa File: UdWmazoOuWYKbcovE583Ef7yY78.roa (raw, json) Hash identifier: OzCpZCucpj7C6Ko0KcNw25FI/TpLE9Lu/UTrXtPqABY= Subject key identifier: 51:D5:A6:6B:3A:0E:B9:66:0A:6D:CA:2F:13:9F:37:11:FE:F2:63:BF Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0C59 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/UdWmazoOuWYKbcovE583Ef7yY78.roa Signing time: Wed 28 Aug 2024 08:53:59 +0000 ROA not before: Wed 28 Aug 2024 08:53:59 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 62387 IP address blocks: 119.59.252.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3161 (0xc59) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Aug 28 08:53:59 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=51D5A66B3A0EB9660A6DCA2F139F3711FEF263BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:1c:ea:42:be:6d:6c:77:f0:fc:a8:97:2b:26: ff:5e:d5:7e:63:35:ec:a1:1c:39:37:a3:1d:d3:79: 5c:1f:d0:24:0b:de:c2:d4:33:b3:b2:84:99:13:a6: 7f:1a:7c:fc:f8:6c:00:bd:50:45:3c:a9:e4:5e:b0: 14:47:44:f6:40:18:98:32:74:8c:e5:f7:5b:49:18: 44:09:a6:9d:4f:70:53:83:1a:e2:25:7d:c0:fd:aa: 93:9b:17:e2:f2:86:6b:13:d6:58:44:cf:0c:3f:1e: 70:06:81:f8:00:a0:76:88:92:f2:61:56:4c:55:fd: 5a:9b:d7:8f:b7:a9:8b:f6:bd:66:00:dc:40:33:2e: 44:c4:7d:57:ff:54:b2:ab:08:fb:f0:60:e2:20:70: a0:0f:d5:c2:e4:94:39:db:89:74:df:aa:59:e8:52: 18:73:f4:0d:f4:54:80:f3:a5:8c:20:86:f0:85:89: 96:8d:ce:31:be:58:16:97:2d:7b:07:c9:5d:31:3c: 63:8e:7a:53:de:b2:ca:41:ff:05:22:3e:2d:b2:db: 91:69:9c:bf:81:3e:da:a4:2b:b1:2e:3e:05:f4:da: 6a:a5:43:c8:16:9f:e3:65:fd:d1:15:dc:8a:2f:3d: 0b:ee:51:04:c1:07:3e:94:69:9f:60:ba:e5:96:62: 63:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:D5:A6:6B:3A:0E:B9:66:0A:6D:CA:2F:13:9F:37:11:FE:F2:63:BF X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/UdWmazoOuWYKbcovE583Ef7yY78.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.59.252.0/22 Signature Algorithm: sha256WithRSAEncryption 5b:5c:b6:c1:61:a5:30:3e:bf:2e:a7:6c:d7:97:d2:c9:22:10: 8f:b9:b3:ab:5f:df:03:46:a0:75:35:42:9f:25:50:7d:96:b8: f7:e5:6f:98:d2:fd:c6:84:9a:07:fd:33:b7:6f:92:7b:2f:ae: 02:30:e6:bc:b8:69:42:37:a5:ea:a4:90:02:eb:0d:0c:3e:17: d6:33:8c:76:a0:ed:8f:5c:cc:98:45:96:38:f3:33:6d:76:ef: ab:b2:16:d2:fb:b3:03:67:0f:d3:8b:24:31:56:55:3b:30:3a: cd:10:43:94:d7:fa:d7:55:1b:e8:9c:93:b8:ad:ba:37:66:17: 20:29:12:03:6c:da:f7:a0:6e:69:65:2b:56:d4:60:14:d1:d6: 3d:df:6b:b2:ea:06:91:04:8b:01:b6:ce:77:da:8d:b4:fa:a3: e5:8a:54:07:f9:72:e6:33:ae:e1:56:b2:7b:b3:0b:10:8a:9d: 9f:9f:ee:bf:6d:7c:29:77:66:14:4d:58:88:d1:eb:93:fb:b9: e7:ce:25:ec:13:80:a8:83:56:21:83:99:52:3c:af:a6:39:13: 8f:94:7c:c1:01:c3:61:eb:e9:cb:31:f5:e7:ef:29:93:6d:33: ed:8e:97:33:14:d3:38:37:1d:10:fb:ec:ad:2a:b6:32:cc:b0: ad:5c:fb:8f -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDFkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw ODUzNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUxRDVBNjZCM0EwRUI5 NjYwQTZEQ0EyRjEzOUYzNzExRkVGMjYzQkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvHOpCvm1sd/D8qJcrJv9e1X5jNeyhHDk3ox3TeVwf0CQL3sLU M7OyhJkTpn8afPz4bAC9UEU8qeResBRHRPZAGJgydIzl91tJGEQJpp1PcFODGuIl fcD9qpObF+LyhmsT1lhEzww/HnAGgfgAoHaIkvJhVkxV/Vqb14+3qYv2vWYA3EAz LkTEfVf/VLKrCPvwYOIgcKAP1cLklDnbiXTfqlnoUhhz9A30VIDzpYwghvCFiZaN zjG+WBaXLXsHyV0xPGOOelPesspB/wUiPi2y25FpnL+BPtqkK7EuPgX02mqlQ8gW n+Nl/dEV3IovPQvuUQTBBz6UaZ9guuWWYmPxAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUUdWmazoOuWYKbcovE583Ef7yY78wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1VkV21hem9PdVdZS2Jj b3ZFNTgzRWY3eVk3OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ3O/wwDQYJKoZIhvcNAQELBQADggEBAFtctsFhpTA+vy6nbNeX0skiEI+5s6tf 3wNGoHU1Qp8lUH2WuPflb5jS/caEmgf9M7dvknsvrgIw5ry4aUI3peqkkALrDQw+ F9YzjHag7Y9czJhFljjzM21276uyFtL7swNnD9OLJDFWVTswOs0QQ5TX+tdVG+ic k7itujdmFyApEgNs2vegbmllK1bUYBTR1j3fa7LqBpEEiwG2znfajbT6o+WKVAf5 cuYzruFWsnuzCxCKnZ+f7r9tfCl3ZhRNWIjR65P7uefOJewTgKiDViGDmVI8r6Y5 E4+UfMEBw2Hr6csx9efvKZNtM+2OlzMU0zg3HRD77K0qtjLMsK1c+48= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org