$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/XlJgZiNGftll6jrZPqY7nuBsRPA.roa File: XlJgZiNGftll6jrZPqY7nuBsRPA.roa (raw, json) Hash identifier: DwSJgdoKHY0DmpD4ix8cIHSjlqHPIpJrmj/MViUHUc8= Subject key identifier: 5E:52:60:66:23:46:7E:D9:65:EA:3A:D9:3E:A6:3B:9E:E0:6C:44:F0 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0DC7 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/XlJgZiNGftll6jrZPqY7nuBsRPA.roa Signing time: Thu 17 Oct 2024 01:54:35 +0000 ROA not before: Thu 17 Oct 2024 01:54:35 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 62387 IP address blocks: 123.98.124.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3527 (0xdc7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Oct 17 01:54:35 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=5E52606623467ED965EA3AD93EA63B9EE06C44F0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:8a:b5:9f:73:b9:4e:b8:87:b2:12:ac:0f:63: 6b:16:48:7c:d0:20:92:d1:3f:96:03:8d:e2:0a:e6: f9:92:d1:83:a4:c3:cc:81:4a:a5:96:76:18:27:fc: 56:26:25:22:fe:3d:61:6c:e8:63:33:c7:3b:c0:25: ac:20:df:58:0a:c1:1d:60:f3:f6:14:8d:f5:db:a5: ed:e0:dc:bb:ce:67:9a:57:fa:06:bc:f4:65:9a:52: 09:bb:bb:88:c9:48:dc:fb:f9:4f:fd:71:3e:95:8d: 34:a2:a4:7e:f1:6a:c9:53:b3:64:61:3e:af:c7:f2: 67:44:b0:d7:d2:b3:e2:81:b9:2f:05:d5:a5:33:a9: 73:3e:5b:a2:79:b3:c7:9e:06:ab:96:35:81:39:fb: 86:13:7d:16:6c:9d:d5:79:de:02:c3:08:60:cb:5f: 41:00:14:e9:f5:6a:e4:29:5e:08:79:1b:2d:0b:ff: 06:b9:12:b3:3f:ee:10:1b:bc:4a:86:22:d9:1b:7f: 45:3a:67:88:6e:0d:90:ae:87:97:41:15:fa:af:49: 97:15:06:89:85:b2:71:61:05:35:ca:cb:32:4b:e4: 72:9e:f9:33:2f:f9:ee:c9:14:1e:b5:17:ae:77:d4: 8a:0f:a2:61:38:5b:3d:2b:93:ed:b8:ed:7c:0c:05: 20:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:52:60:66:23:46:7E:D9:65:EA:3A:D9:3E:A6:3B:9E:E0:6C:44:F0 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/XlJgZiNGftll6jrZPqY7nuBsRPA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.98.124.0/22 Signature Algorithm: sha256WithRSAEncryption 52:d1:94:ba:9e:b1:99:85:41:32:fc:62:98:01:cb:fe:d8:8f: cd:1d:d1:12:75:8a:3f:b3:88:04:26:33:7e:39:50:5b:96:af: 00:6c:a3:47:94:0a:73:1b:66:3c:bd:b5:2a:e3:f4:34:9d:16: a5:e1:e1:7e:98:b8:ad:6c:89:b0:35:9e:00:2c:75:f4:d4:33: bc:cb:1c:b7:51:19:21:a9:9f:97:bb:b9:dd:d4:44:44:98:80: b7:05:6c:16:13:0c:22:cb:21:19:83:8e:47:54:50:7c:5a:b1: dd:b1:74:56:7b:1c:b4:78:dc:40:5d:94:9c:ee:29:0f:74:7c: ba:a2:06:a2:22:a9:87:ce:bb:19:38:26:d5:82:a7:22:90:dd: ea:fc:ea:91:4e:41:71:ad:9c:9b:c5:7c:8f:d0:23:99:2f:ce: 42:ca:44:b3:74:7a:0b:be:cf:a3:9a:0c:53:7b:32:08:92:e6: 58:34:6a:d7:31:5e:34:d2:2a:94:7c:04:d8:ba:12:6f:ea:dd: 2b:f4:1a:d6:17:9b:55:ca:30:95:08:c8:2e:bb:ae:59:b5:6b: 23:56:7a:27:30:f6:85:f3:c3:80:36:85:5a:9f:b5:8f:6e:f3: b9:43:df:99:51:3e:a6:05:f5:f8:7b:96:cc:ff:43:0e:49:00: 12:6a:ed:ce -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDccwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDEwMTcw MTU0MzVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDVFNTI2MDY2MjM0NjdF RDk2NUVBM0FEOTNFQTYzQjlFRTA2QzQ0RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/irWfc7lOuIeyEqwPY2sWSHzQIJLRP5YDjeIK5vmS0YOkw8yB SqWWdhgn/FYmJSL+PWFs6GMzxzvAJawg31gKwR1g8/YUjfXbpe3g3LvOZ5pX+ga8 9GWaUgm7u4jJSNz7+U/9cT6VjTSipH7xaslTs2RhPq/H8mdEsNfSs+KBuS8F1aUz qXM+W6J5s8eeBquWNYE5+4YTfRZsndV53gLDCGDLX0EAFOn1auQpXgh5Gy0L/wa5 ErM/7hAbvEqGItkbf0U6Z4huDZCuh5dBFfqvSZcVBomFsnFhBTXKyzJL5HKe+TMv +e7JFB61F6531IoPomE4Wz0rk+247XwMBSA/AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUXlJgZiNGftll6jrZPqY7nuBsRPAwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1hsSmdaaU5HZnRsbDZq clpQcVk3bnVCc1JQQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ7YnwwDQYJKoZIhvcNAQELBQADggEBAFLRlLqesZmFQTL8YpgBy/7Yj80d0RJ1 ij+ziAQmM345UFuWrwBso0eUCnMbZjy9tSrj9DSdFqXh4X6YuK1sibA1ngAsdfTU M7zLHLdRGSGpn5e7ud3URESYgLcFbBYTDCLLIRmDjkdUUHxasd2xdFZ7HLR43EBd lJzuKQ90fLqiBqIiqYfOuxk4JtWCpyKQ3er86pFOQXGtnJvFfI/QI5kvzkLKRLN0 egu+z6OaDFN7MgiS5lg0atcxXjTSKpR8BNi6Em/q3Sv0GtYXm1XKMJUIyC67rlm1 ayNWeicw9oXzw4A2hVqftY9u87lD35lRPqYF9fh7lsz/Qw5JABJq7c4= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:12 2024 by rpki-client on console-fra.rpki-client.org