$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/ac-8YY1tO-qMwLEPRIwFG1LD8ik.roa File: ac-8YY1tO-qMwLEPRIwFG1LD8ik.roa (raw, json) Hash identifier: xeVbeaqzTUqfAKqTqGpvbYa0YoRGB7O/d8MGDcdrR6s= Subject key identifier: 69:CF:BC:61:8D:6D:3B:EA:8C:C0:B1:0F:44:8C:05:1B:52:C3:F2:29 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0C48 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/ac-8YY1tO-qMwLEPRIwFG1LD8ik.roa Signing time: Wed 28 Aug 2024 08:53:52 +0000 ROA not before: Wed 28 Aug 2024 08:53:52 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 62387 IP address blocks: 123.98.52.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3144 (0xc48) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Aug 28 08:53:52 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=69CFBC618D6D3BEA8CC0B10F448C051B52C3F229 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:63:b3:bd:54:94:94:52:c2:38:d9:19:aa:65: 72:a8:5f:af:27:ff:dc:c9:e4:0b:7b:6a:1e:dd:15: ca:3f:31:7f:49:b0:88:63:b6:81:f1:bd:fb:01:95: ef:39:1c:4f:d0:53:10:77:d5:86:91:5f:29:63:3a: dd:3c:d4:09:25:ad:0f:f1:1f:43:23:5d:eb:60:42: c2:c2:c0:2e:1c:18:92:1a:df:3a:5f:eb:17:59:37: 33:72:4d:fd:8f:1f:e4:a1:7c:d7:a6:54:bb:3b:a0: 06:b8:40:56:bd:ea:c5:24:21:91:5c:3d:12:2e:13: 89:e0:19:3f:c5:2e:34:b2:88:c5:f9:68:b1:13:7a: 35:5d:5d:b6:17:0f:5b:e2:ee:1e:f7:77:73:73:da: 8f:d6:f0:69:86:53:b2:b6:b7:2d:12:55:e2:16:61: 0a:d7:26:73:3f:e0:4e:2e:0b:d5:76:3d:7b:3c:23: c1:d5:91:69:c5:6f:c3:1d:27:86:2d:80:b4:3b:be: 60:fa:4c:49:6e:a9:ac:35:b7:f5:e1:27:d5:65:65: 0e:3e:83:bc:84:fe:e8:c6:1e:fe:31:6d:7c:a3:f0: 7c:53:ad:54:1e:23:10:9a:9a:38:97:b5:7c:f8:ad: 2b:8e:25:43:81:d7:ba:fe:1d:b4:ae:5a:6a:01:b7: d2:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:CF:BC:61:8D:6D:3B:EA:8C:C0:B1:0F:44:8C:05:1B:52:C3:F2:29 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/ac-8YY1tO-qMwLEPRIwFG1LD8ik.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.98.52.0/22 Signature Algorithm: sha256WithRSAEncryption 64:9d:7a:7e:a0:8b:a2:25:54:4f:4a:85:8e:b3:88:c7:5e:68: f7:da:b7:27:7e:fe:6e:3f:59:e3:dd:e7:00:16:92:09:b3:f3: 37:22:59:1b:48:e2:ad:ee:0c:2f:8f:5f:a6:a4:a4:42:8a:54: f2:c6:5f:c4:21:c3:9b:8f:1f:77:05:90:9c:30:41:04:74:47: f0:bc:cd:05:6b:dc:08:8b:72:e6:59:b3:36:bb:19:af:3a:5d: 1b:74:63:7c:77:98:9b:3e:26:8b:ab:41:84:a1:21:29:4e:33: 1b:f7:54:d1:49:7a:af:32:4f:c4:b1:fe:2c:c5:68:4e:3a:4f: 6c:9a:54:3d:35:be:cd:72:83:86:c4:01:64:2a:1b:0a:03:7a: 92:df:b9:77:60:5a:f7:a8:33:8c:f2:5b:60:68:a6:37:66:14: 71:ff:61:49:cd:b7:27:af:33:96:8b:16:ba:25:d3:7d:94:51: 32:f2:79:18:2c:8e:cd:33:4f:08:ae:e7:29:92:7b:50:6a:40: 4f:a4:72:54:89:59:be:91:69:1a:54:f4:dc:98:ce:74:7c:b2: 8a:dd:8e:f5:ad:7f:61:0d:dd:a0:60:77:9a:dd:78:5f:0e:e2: 86:7a:4f:0e:b9:8f:73:ed:e0:75:c5:b5:0d:5a:8e:be:df:35: 91:a1:0e:a4 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDEgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw ODUzNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY5Q0ZCQzYxOEQ2RDNC RUE4Q0MwQjEwRjQ0OEMwNTFCNTJDM0YyMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDSY7O9VJSUUsI42RmqZXKoX68n/9zJ5At7ah7dFco/MX9JsIhj toHxvfsBle85HE/QUxB31YaRXyljOt081AklrQ/xH0MjXetgQsLCwC4cGJIa3zpf 6xdZNzNyTf2PH+ShfNemVLs7oAa4QFa96sUkIZFcPRIuE4ngGT/FLjSyiMX5aLET ejVdXbYXD1vi7h73d3Nz2o/W8GmGU7K2ty0SVeIWYQrXJnM/4E4uC9V2PXs8I8HV kWnFb8MdJ4YtgLQ7vmD6TEluqaw1t/XhJ9VlZQ4+g7yE/ujGHv4xbXyj8HxTrVQe IxCamjiXtXz4rSuOJUOB17r+HbSuWmoBt9J9AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUac+8YY1tO+qMwLEPRIwFG1LD8ikwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2FjLThZWTF0Ty1xTXdM RVBSSXdGRzFMRDhpay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ7YjQwDQYJKoZIhvcNAQELBQADggEBAGSden6gi6IlVE9KhY6ziMdeaPfatyd+ /m4/WePd5wAWkgmz8zciWRtI4q3uDC+PX6akpEKKVPLGX8Qhw5uPH3cFkJwwQQR0 R/C8zQVr3AiLcuZZsza7Ga86XRt0Y3x3mJs+JourQYShISlOMxv3VNFJeq8yT8Sx /izFaE46T2yaVD01vs1yg4bEAWQqGwoDepLfuXdgWveoM4zyW2BopjdmFHH/YUnN tyevM5aLFrol032UUTLyeRgsjs0zTwiu5ymSe1BqQE+kclSJWb6RaRpU9NyYznR8 sordjvWtf2EN3aBgd5rdeF8O4oZ6Tw65j3Pt4HXFtQ1ajr7fNZGhDqQ= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:12 2024 by rpki-client on console-fra.rpki-client.org