$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/YNbnQkz4qeW6XAwxhtT8Rnk3-jo.roa File: YNbnQkz4qeW6XAwxhtT8Rnk3-jo.roa (raw, json) Hash identifier: cN8MLrybvrMJwHSR/75InSPSjLz1tpXg94xJfHocZtw= Subject key identifier: 60:D6:E7:42:4C:F8:A9:E5:BA:5C:0C:31:86:D4:FC:46:79:37:FA:3A Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0DC3 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/YNbnQkz4qeW6XAwxhtT8Rnk3-jo.roa Signing time: Thu 17 Oct 2024 01:54:05 +0000 ROA not before: Thu 17 Oct 2024 01:54:05 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 62387 IP address blocks: 123.98.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3523 (0xdc3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Oct 17 01:54:05 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=60D6E7424CF8A9E5BA5C0C3186D4FC467937FA3A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:cd:e9:6c:f2:f6:98:b3:de:21:b7:5f:aa:cb: 3b:80:7d:e0:8c:86:e7:75:08:2e:84:47:6a:50:f6: ac:35:db:e2:b1:ba:06:7b:2c:cc:5b:ea:8d:23:4c: bc:08:be:c5:87:e0:b4:3e:d7:10:8e:fa:8b:c7:5d: 18:fb:24:90:4c:54:d8:06:71:82:37:20:74:7f:c4: 19:17:1f:ba:3e:5e:a9:f9:91:a8:99:a4:12:46:d2: 52:d2:33:08:48:ed:88:7a:a1:9f:d7:63:a8:97:36: 33:6c:81:84:09:4c:57:75:ee:f6:2a:d7:c9:05:2a: 65:75:5f:0a:07:0e:a4:c2:5c:1f:95:69:9a:7a:ba: 55:26:8a:86:a4:a7:da:7a:a2:f2:96:30:dd:3e:13: 3c:07:76:44:17:d6:5c:85:ec:cc:73:f8:85:22:ec: 04:e9:29:e3:ad:e6:ee:a7:b9:44:81:6a:12:7c:22: 5d:f1:5f:32:54:3c:2a:86:d6:03:56:f9:56:84:7d: 91:21:63:af:a4:fa:48:9f:4f:ee:1f:c3:e9:12:91: 35:1c:62:4c:78:f1:09:d5:fc:30:d5:66:84:57:0c: 9f:62:a3:06:a5:1f:de:2e:27:85:f1:4f:3a:f0:a4: 34:81:f3:fa:69:2d:48:ee:d2:04:cf:99:28:ea:e0: 72:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:D6:E7:42:4C:F8:A9:E5:BA:5C:0C:31:86:D4:FC:46:79:37:FA:3A X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/YNbnQkz4qeW6XAwxhtT8Rnk3-jo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.98.0.0/22 Signature Algorithm: sha256WithRSAEncryption 40:0a:98:1d:79:c5:15:3a:31:11:91:f1:dd:7c:2c:8f:82:b5: e2:95:2a:bd:ca:df:41:a4:74:ab:de:ba:5c:f3:87:39:bf:96: c4:36:8b:11:27:44:75:11:48:e5:13:14:79:89:be:45:e3:80: 02:48:7a:b1:c1:e9:2a:33:bd:21:5a:f3:44:1c:f4:78:f2:2a: 25:e7:41:12:75:5d:d7:c1:81:bf:d5:e8:ae:d5:a2:28:62:dc: a0:46:dd:78:ea:5b:d1:d2:57:45:9d:1d:7c:0a:18:00:c5:fc: 11:95:b4:86:6c:07:0d:1e:43:f4:54:cc:61:c5:c9:f6:51:54: e8:c0:6b:2c:2f:73:ab:88:3d:f6:1e:32:42:8a:23:81:ff:fc: ea:ee:f7:d4:75:a1:f0:54:12:04:7d:3c:4f:26:78:8f:d5:6f: 5d:ab:fc:1d:42:68:65:b3:6b:fa:65:3b:65:8b:8a:e1:de:08: 6d:2f:43:6f:e5:f5:67:3e:da:f1:3c:ef:28:56:3b:a2:59:e2: 51:42:49:85:7f:85:71:d9:43:1a:19:6f:7d:a7:0c:a3:42:e0: 42:29:b5:70:7e:6b:a4:e3:75:fc:85:63:71:65:9b:82:ae:df: 5a:c7:8e:a6:f6:36:e7:3d:e4:29:4c:11:b2:fb:13:72:9d:49: f7:cb:2b:3a -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDcMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDEwMTcw MTU0MDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDYwRDZFNzQyNENGOEE5 RTVCQTVDMEMzMTg2RDRGQzQ2NzkzN0ZBM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8zels8vaYs94ht1+qyzuAfeCMhud1CC6ER2pQ9qw12+KxugZ7 LMxb6o0jTLwIvsWH4LQ+1xCO+ovHXRj7JJBMVNgGcYI3IHR/xBkXH7o+Xqn5kaiZ pBJG0lLSMwhI7Yh6oZ/XY6iXNjNsgYQJTFd17vYq18kFKmV1XwoHDqTCXB+VaZp6 ulUmioakp9p6ovKWMN0+EzwHdkQX1lyF7Mxz+IUi7ATpKeOt5u6nuUSBahJ8Il3x XzJUPCqG1gNW+VaEfZEhY6+k+kifT+4fw+kSkTUcYkx48QnV/DDVZoRXDJ9iowal H94uJ4XxTzrwpDSB8/ppLUju0gTPmSjq4HKdAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUYNbnQkz4qeW6XAwxhtT8Rnk3+jowHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1lOYm5Ra3o0cWVXNlhB d3hodFQ4Um5rMy1qby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ7YgAwDQYJKoZIhvcNAQELBQADggEBAEAKmB15xRU6MRGR8d18LI+CteKVKr3K 30GkdKveulzzhzm/lsQ2ixEnRHURSOUTFHmJvkXjgAJIerHB6SozvSFa80Qc9Hjy KiXnQRJ1XdfBgb/V6K7Voihi3KBG3XjqW9HSV0WdHXwKGADF/BGVtIZsBw0eQ/RU zGHFyfZRVOjAaywvc6uIPfYeMkKKI4H//Oru99R1ofBUEgR9PE8meI/Vb12r/B1C aGWza/plO2WLiuHeCG0vQ2/l9Wc+2vE87yhWO6JZ4lFCSYV/hXHZQxoZb32nDKNC 4EIptXB+a6TjdfyFY3Flm4Ku31rHjqb2Nuc95ClMEbL7E3KdSffLKzo= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org