$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/cgFgGuVAGU050RorXHk8wL_a5Gc.roa File: cgFgGuVAGU050RorXHk8wL_a5Gc.roa (raw, json) Hash identifier: oZht95N9G6h8JOgwC3aTIfeMZ26xZQmsVLJ6LN8wido= Subject key identifier: 72:01:60:1A:E5:40:19:4D:39:D1:1A:2B:5C:79:3C:C0:BF:DA:E4:67 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0C57 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/cgFgGuVAGU050RorXHk8wL_a5Gc.roa Signing time: Wed 28 Aug 2024 08:53:58 +0000 ROA not before: Wed 28 Aug 2024 08:53:58 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 62387 IP address blocks: 123.98.24.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3159 (0xc57) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Aug 28 08:53:58 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=7201601AE540194D39D11A2B5C793CC0BFDAE467 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:71:51:5e:04:ba:85:0f:22:37:0a:ac:b8:1d: 39:d3:1d:16:18:e8:f1:b2:85:d5:65:c6:17:e4:06: d2:6d:f4:db:0b:ef:74:c0:98:fc:4c:47:e3:13:02: b7:1b:dd:93:2a:26:47:41:e9:fe:98:f7:1e:68:7e: eb:83:94:cf:52:d1:19:d6:06:82:1a:93:cf:74:44: f8:29:15:b4:70:33:72:c7:2a:e6:25:a4:55:d6:bf: 92:c9:34:3b:89:2d:b7:5b:45:f5:55:a3:52:ad:20: d0:47:a7:68:bb:ab:36:bd:66:09:2a:19:07:f3:0b: 6a:f8:d8:4f:43:8d:37:9d:38:12:fc:65:79:ee:1c: c6:c6:e2:29:85:14:f0:cc:d7:d7:5f:67:4d:5b:c5: d6:08:7b:28:15:7c:08:6b:3b:71:85:89:3b:90:1d: 28:86:3d:d4:cf:27:99:ef:d3:25:cd:4f:74:b4:81: e8:e9:94:cf:96:b7:0e:6f:91:c1:7e:5b:9b:8b:36: 7a:24:97:cf:f1:89:2c:24:95:f8:e0:fd:b2:23:bc: f9:a3:13:3c:7e:6c:08:60:9b:b1:c1:e4:51:ba:6a: 42:8d:d0:3e:c9:80:48:63:b2:fd:7f:76:ae:3d:dd: e9:f3:66:7e:26:99:3a:99:00:db:26:ca:4f:dc:92: 62:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:01:60:1A:E5:40:19:4D:39:D1:1A:2B:5C:79:3C:C0:BF:DA:E4:67 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/cgFgGuVAGU050RorXHk8wL_a5Gc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.98.24.0/22 Signature Algorithm: sha256WithRSAEncryption 3f:57:a1:72:c5:cc:90:12:ab:9a:39:c4:6b:61:66:ab:a9:e6: 57:4f:02:d8:e8:44:bc:bc:d4:65:fe:14:b9:d7:e3:ab:f5:1a: 21:05:6e:b7:f7:0b:6c:aa:96:c0:b7:de:5c:18:dd:7f:a5:7f: 75:67:24:a8:59:cd:31:92:7e:96:1f:86:94:13:58:3d:0c:13: a8:7d:14:31:7c:6c:41:87:0c:c6:db:1a:2d:e0:c6:30:4d:10: 81:8e:1f:76:41:f2:79:65:b0:ea:b8:4b:18:b1:2a:7a:75:21: cb:55:34:12:ce:71:4b:67:84:35:1d:54:a3:8d:05:32:d3:53: ae:ac:03:e8:48:51:0e:e2:b2:f7:ce:cc:b7:85:45:d7:16:d4: 7a:b6:3d:98:dd:b0:4f:da:79:9a:f9:8a:55:5d:0b:83:56:53: 0d:64:dd:c8:9a:2c:8c:89:75:da:11:75:b3:f6:30:68:1e:80: 1d:77:19:64:24:0a:59:a1:d7:39:03:be:81:0e:9d:45:96:80: 1e:b9:93:2b:dd:9d:0d:57:c3:70:7f:e7:ca:56:c7:9b:95:b3: 45:5c:f5:3a:d9:5c:79:06:9c:10:f2:a4:3e:4b:f8:ef:93:62: c8:81:49:d4:93:cd:37:8c:51:b5:2a:c1:cb:50:1e:90:29:3d: 2e:7e:09:79 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDFcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw ODUzNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcyMDE2MDFBRTU0MDE5 NEQzOUQxMUEyQjVDNzkzQ0MwQkZEQUU0NjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWcVFeBLqFDyI3Cqy4HTnTHRYY6PGyhdVlxhfkBtJt9NsL73TA mPxMR+MTArcb3ZMqJkdB6f6Y9x5ofuuDlM9S0RnWBoIak890RPgpFbRwM3LHKuYl pFXWv5LJNDuJLbdbRfVVo1KtINBHp2i7qza9ZgkqGQfzC2r42E9DjTedOBL8ZXnu HMbG4imFFPDM19dfZ01bxdYIeygVfAhrO3GFiTuQHSiGPdTPJ5nv0yXNT3S0gejp lM+Wtw5vkcF+W5uLNnokl8/xiSwklfjg/bIjvPmjEzx+bAhgm7HB5FG6akKN0D7J gEhjsv1/dq493enzZn4mmTqZANsmyk/ckmJzAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUcgFgGuVAGU050RorXHk8wL/a5GcwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2NnRmdHdVZBR1UwNTBS b3JYSGs4d0xfYTVHYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ7YhgwDQYJKoZIhvcNAQELBQADggEBAD9XoXLFzJASq5o5xGthZqup5ldPAtjo RLy81GX+FLnX46v1GiEFbrf3C2yqlsC33lwY3X+lf3VnJKhZzTGSfpYfhpQTWD0M E6h9FDF8bEGHDMbbGi3gxjBNEIGOH3ZB8nllsOq4SxixKnp1IctVNBLOcUtnhDUd VKONBTLTU66sA+hIUQ7isvfOzLeFRdcW1Hq2PZjdsE/aeZr5ilVdC4NWUw1k3cia LIyJddoRdbP2MGgegB13GWQkClmh1zkDvoEOnUWWgB65kyvdnQ1Xw3B/58pWx5uV s0Vc9TrZXHkGnBDypD5L+O+TYsiBSdSTzTeMUbUqwctQHpApPS5+CXk= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:12 2024 by rpki-client on console-fra.rpki-client.org