$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/_S9_71MGOAD55ZpRlQv56hl5vOs.roa File: _S9_71MGOAD55ZpRlQv56hl5vOs.roa (raw, json) Hash identifier: S5/CsjzE++F5J2dLk9Px/eaNjR65TStjtlf4CXfyCA4= Subject key identifier: FD:2F:7F:EF:53:06:38:00:F9:E5:9A:51:95:0B:F9:EA:19:79:BC:EB Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0E0B Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/_S9_71MGOAD55ZpRlQv56hl5vOs.roa Signing time: Wed 30 Oct 2024 14:08:53 +0000 ROA not before: Wed 30 Oct 2024 14:08:53 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 62387 IP address blocks: 123.98.36.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3595 (0xe0b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Oct 30 14:08:53 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=FD2F7FEF53063800F9E59A51950BF9EA1979BCEB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:fe:91:89:dc:c3:22:f9:cc:bc:d6:4e:44:01: 61:0d:ef:93:8a:e1:3e:02:2e:29:b7:9b:4b:a9:d5: e0:c8:7d:88:6b:57:3e:41:0e:dc:8c:70:61:aa:03: c4:f4:94:bb:23:97:76:0b:ab:3b:3f:9d:21:e2:f2: 94:9d:5e:df:85:19:d1:6a:5d:75:42:62:40:1c:a3: f8:6f:90:10:84:9c:50:f4:91:4a:2d:f3:34:e5:58: a6:ae:55:5a:fa:e4:a3:50:f4:5d:d3:7b:7d:11:a7: 56:5a:be:fb:9e:74:f8:18:b8:90:53:9a:bc:3f:0b: 28:56:2a:18:26:1a:f0:a8:63:72:ee:2e:38:8f:d6: 7a:da:c5:1b:43:13:16:d8:37:ec:fd:2a:da:49:35: 7a:0a:e3:95:ef:91:62:3c:03:d2:a8:df:56:b2:4f: e3:a6:11:42:bf:c6:7b:47:e9:b9:71:5a:17:9a:25: 7e:e7:6e:25:d7:f0:71:81:77:76:f6:a5:25:b8:a9: 93:4e:a9:9f:23:99:b0:f9:84:79:10:12:9f:a9:32: 1a:4c:14:e6:2d:1b:c2:43:97:aa:39:ab:03:3e:3e: 62:48:76:aa:9f:fc:e9:2d:46:46:c3:7a:43:90:45: 32:80:72:c5:32:3c:ce:a5:35:0c:72:70:72:46:28: 9f:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:2F:7F:EF:53:06:38:00:F9:E5:9A:51:95:0B:F9:EA:19:79:BC:EB X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/_S9_71MGOAD55ZpRlQv56hl5vOs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.98.36.0/22 Signature Algorithm: sha256WithRSAEncryption 63:93:45:42:e9:70:a8:1c:9e:de:50:43:82:d9:95:61:dc:82: 0f:da:b3:cd:56:04:38:06:5f:09:b8:72:d6:1e:2d:b9:44:20: bf:f5:0b:d5:16:63:07:98:32:9e:27:5b:87:f0:1b:80:ec:eb: cd:18:c5:13:63:ed:ba:30:02:8e:de:49:82:d2:04:48:f0:51: 21:3d:cd:b7:5a:25:db:8f:57:0c:cd:3f:0d:8f:f3:4a:52:bf: 48:e3:b1:99:fa:6d:a4:a7:80:cb:c5:81:08:06:97:07:48:e7: 4c:9b:86:38:e1:10:fe:0a:01:fe:f5:82:53:64:69:a7:43:f4: 8a:db:88:d3:e3:16:56:39:9a:5c:74:4a:0b:56:28:f8:26:2c: ea:06:d1:08:30:95:cd:a0:bb:22:6a:d1:a8:5c:6f:2f:ae:29: 99:40:1f:a0:26:f1:fb:d0:f8:37:4a:49:32:3b:ee:42:25:87: 4d:38:08:03:c5:2a:59:4e:31:a6:32:d8:63:26:c9:89:79:7d: c0:3f:9e:2b:d8:79:f3:a7:74:c4:f2:4d:a7:47:b8:c9:76:ad: b1:76:cf:ea:5c:22:f9:76:4b:ad:21:b1:87:7f:dc:08:70:86: 96:fc:de:eb:83:ec:90:4f:d2:fc:ef:ba:6f:aa:c4:e8:9f:b3: cf:51:a2:0b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDgswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDEwMzAx NDA4NTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEZEMkY3RkVGNTMwNjM4 MDBGOUU1OUE1MTk1MEJGOUVBMTk3OUJDRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8/pGJ3MMi+cy81k5EAWEN75OK4T4CLim3m0up1eDIfYhrVz5B DtyMcGGqA8T0lLsjl3YLqzs/nSHi8pSdXt+FGdFqXXVCYkAco/hvkBCEnFD0kUot 8zTlWKauVVr65KNQ9F3Te30Rp1ZavvuedPgYuJBTmrw/CyhWKhgmGvCoY3LuLjiP 1nraxRtDExbYN+z9KtpJNXoK45XvkWI8A9Ko31ayT+OmEUK/xntH6blxWheaJX7n biXX8HGBd3b2pSW4qZNOqZ8jmbD5hHkQEp+pMhpMFOYtG8JDl6o5qwM+PmJIdqqf /OktRkbDekOQRTKAcsUyPM6lNQxycHJGKJ95AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU/S9/71MGOAD55ZpRlQv56hl5vOswHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL19TOV83MU1HT0FENTVa cFJsUXY1NmhsNXZPcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ7YiQwDQYJKoZIhvcNAQELBQADggEBAGOTRULpcKgcnt5QQ4LZlWHcgg/as81W BDgGXwm4ctYeLblEIL/1C9UWYweYMp4nW4fwG4Ds680YxRNj7bowAo7eSYLSBEjw USE9zbdaJduPVwzNPw2P80pSv0jjsZn6baSngMvFgQgGlwdI50ybhjjhEP4KAf71 glNkaadD9IrbiNPjFlY5mlx0SgtWKPgmLOoG0Qgwlc2guyJq0ahcby+uKZlAH6Am 8fvQ+DdKSTI77kIlh004CAPFKllOMaYy2GMmyYl5fcA/nivYefOndMTyTadHuMl2 rbF2z+pcIvl2S60hsYd/3Ahwhpb83uuD7JBP0vzvum+qxOifs89Rogs= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:12 2024 by rpki-client on console-fra.rpki-client.org