$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/XFsxRLXFzVI5A4ikER0ex_SxQVY.roa File: XFsxRLXFzVI5A4ikER0ex_SxQVY.roa (raw, json) Hash identifier: EwsPvF5SJIjKSA+aCHD4R6lzGFlM5ZlyJwOmdtmX5+I= Subject key identifier: 5C:5B:31:44:B5:C5:CD:52:39:03:88:A4:11:1D:1E:C7:F4:B1:41:56 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0C4A Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/XFsxRLXFzVI5A4ikER0ex_SxQVY.roa Signing time: Wed 28 Aug 2024 08:53:53 +0000 ROA not before: Wed 28 Aug 2024 08:53:53 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 62387 IP address blocks: 119.59.248.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3146 (0xc4a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Aug 28 08:53:53 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=5C5B3144B5C5CD52390388A4111D1EC7F4B14156 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:c6:69:b3:27:8e:1d:5e:dd:f9:3b:8b:b4:9e: 05:8a:a8:37:c0:0d:49:c1:0e:d3:d8:4a:b7:8f:1f: cf:f5:55:57:70:ef:7b:2f:e8:95:b6:1e:7f:d2:62: 4b:5f:9f:0a:40:4e:3e:cf:f2:83:74:33:90:db:11: ad:a4:b3:4f:6c:7c:7b:99:1b:f3:6c:1c:af:b3:e2: b2:b3:2c:c1:b3:50:2c:91:11:78:5d:9a:56:92:a2: d5:7e:48:08:36:da:45:8d:2d:7c:74:04:5f:f8:10: 4e:24:80:8e:d3:0a:22:d5:32:eb:26:a1:1b:5e:42: 2b:60:e3:50:2d:38:69:78:7d:1c:7a:7c:3f:c0:dc: 25:aa:35:25:c1:d4:f8:a5:e0:28:3a:51:c0:f1:3c: df:4b:94:82:50:ea:06:1e:b9:0c:37:24:97:c2:6a: ea:04:e7:f4:73:8f:6a:8a:1e:a4:c5:d8:c5:ea:a5: 7a:7e:22:dc:42:1a:d0:dd:87:8d:f8:49:1f:be:9d: aa:fb:df:d1:61:a2:1e:93:c0:9b:96:00:2a:61:74: 16:28:ec:3f:5f:b2:e2:aa:79:b5:88:fe:c3:4e:c8: bf:a1:0e:96:e5:bc:44:bc:05:5d:08:e7:98:06:5e: cf:8a:91:ec:47:05:67:98:4f:50:cc:32:5a:d4:25: 07:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:5B:31:44:B5:C5:CD:52:39:03:88:A4:11:1D:1E:C7:F4:B1:41:56 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/XFsxRLXFzVI5A4ikER0ex_SxQVY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.59.248.0/22 Signature Algorithm: sha256WithRSAEncryption 65:7f:e1:97:51:a0:c4:41:f7:88:16:72:a2:6c:6b:0c:30:d6: 34:24:b0:74:74:79:c2:ff:8b:ad:b1:21:a2:79:42:ab:2e:b6: 98:68:62:7c:c5:89:bd:0f:7d:5a:d1:75:7d:37:db:3d:b8:c4: 9f:c3:27:b0:49:df:4a:2f:4a:64:70:c5:16:ae:bf:a1:36:9d: 7b:86:7e:8a:25:b2:9f:ee:88:22:78:fe:25:e4:a3:c4:cf:55: bf:d1:0d:7f:81:5b:2e:05:85:b3:2b:15:f4:3f:38:b4:0b:3e: b5:a8:70:7f:52:ea:fc:bf:d9:b4:28:0c:0c:05:0e:b8:c3:94: fb:8e:6d:c4:9b:f8:9f:57:94:55:42:14:85:d9:16:fa:03:a1: c4:42:00:b1:1b:50:66:75:5c:c4:36:49:2f:32:bb:6b:59:b6: c2:45:62:71:8a:64:6c:4b:a7:4e:4f:04:0a:97:f3:08:41:9e: e1:f5:86:cd:a6:af:58:12:9f:f6:d7:9a:9e:b0:08:cd:0e:52: c0:41:a7:d4:99:61:f6:da:a0:fc:a6:71:28:b0:03:bb:85:89: ce:dd:ab:22:83:c6:d0:d3:00:62:95:c8:86:d6:12:7b:6a:75: c2:33:71:a0:3b:41:9f:1c:86:ac:d8:35:04:76:cd:2c:98:37: e0:1e:d0:44 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDEowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw ODUzNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVDNUIzMTQ0QjVDNUNE NTIzOTAzODhBNDExMUQxRUM3RjRCMTQxNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQClxmmzJ44dXt35O4u0ngWKqDfADUnBDtPYSrePH8/1VVdw73sv 6JW2Hn/SYktfnwpATj7P8oN0M5DbEa2ks09sfHuZG/NsHK+z4rKzLMGzUCyREXhd mlaSotV+SAg22kWNLXx0BF/4EE4kgI7TCiLVMusmoRteQitg41AtOGl4fRx6fD/A 3CWqNSXB1Pil4Cg6UcDxPN9LlIJQ6gYeuQw3JJfCauoE5/Rzj2qKHqTF2MXqpXp+ ItxCGtDdh434SR++nar739Fhoh6TwJuWACphdBYo7D9fsuKqebWI/sNOyL+hDpbl vES8BV0I55gGXs+KkexHBWeYT1DMMlrUJQdbAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUXFsxRLXFzVI5A4ikER0ex/SxQVYwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1hGc3hSTFhGelZJNUE0 aWtFUjBleF9TeFFWWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ3O/gwDQYJKoZIhvcNAQELBQADggEBAGV/4ZdRoMRB94gWcqJsawww1jQksHR0 ecL/i62xIaJ5QqsutphoYnzFib0PfVrRdX032z24xJ/DJ7BJ30ovSmRwxRauv6E2 nXuGfoolsp/uiCJ4/iXko8TPVb/RDX+BWy4FhbMrFfQ/OLQLPrWocH9S6vy/2bQo DAwFDrjDlPuObcSb+J9XlFVCFIXZFvoDocRCALEbUGZ1XMQ2SS8yu2tZtsJFYnGK ZGxLp05PBAqX8whBnuH1hs2mr1gSn/bXmp6wCM0OUsBBp9SZYfbaoPymcSiwA7uF ic7dqyKDxtDTAGKVyIbWEntqdcIzcaA7QZ8chqzYNQR2zSyYN+Ae0EQ= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:12 2024 by rpki-client on console-fra.rpki-client.org