$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/jERgBDa-3YW8RABEpns63g7vrbI.roa File: jERgBDa-3YW8RABEpns63g7vrbI.roa (raw, json) Hash identifier: hGJ4Ev8AnacEQsSVpeB7vj9FwtqAUQGlRqUrg0ftwag= Subject key identifier: 8C:44:60:04:36:BE:DD:85:BC:44:00:44:A6:7B:3A:DE:0E:EF:AD:B2 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0C51 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/jERgBDa-3YW8RABEpns63g7vrbI.roa Signing time: Wed 28 Aug 2024 08:53:55 +0000 ROA not before: Wed 28 Aug 2024 08:53:55 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 62387 IP address blocks: 119.59.212.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3153 (0xc51) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Aug 28 08:53:55 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=8C44600436BEDD85BC440044A67B3ADE0EEFADB2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:79:7e:50:f2:be:60:00:08:d2:9f:97:ef:29: 87:74:36:b5:d0:2b:69:c3:5e:69:a3:71:6d:b0:cf: 49:7d:fb:b6:20:15:43:34:7c:8f:b4:58:88:ca:9c: ba:95:b4:3e:b6:8b:12:9e:98:d7:1e:1c:20:60:0d: 0c:7a:98:b4:88:34:cd:34:51:ec:07:2d:a7:e7:d6: 0d:d0:97:0c:25:11:68:da:29:86:b8:df:d8:96:a8: 7f:d0:73:74:b3:88:d8:f4:48:8e:2c:96:65:27:d5: 0f:95:66:47:c5:02:66:28:c4:be:6f:2d:f2:5e:27: ed:eb:b3:cb:b7:8e:7b:10:5a:80:b8:bf:2f:43:3c: c6:1e:c1:99:58:19:40:e2:9b:b6:8d:ae:48:3e:d0: 6f:a1:51:5a:c2:dd:d2:9f:d1:27:3e:73:eb:03:c6: e0:d9:c5:a2:ec:78:96:d1:94:2a:9a:7b:7f:ca:a7: 39:a5:9c:20:9d:e8:66:43:68:74:e3:7f:96:f3:07: 36:8b:39:58:1e:c3:1f:b6:32:3f:bb:e4:b8:5b:93: 97:04:c1:b1:ee:a3:6f:c3:f9:11:e3:7d:79:35:97: 82:11:73:60:cd:2d:54:fa:0e:f7:7b:b5:44:2f:c6: ab:ea:27:bd:dc:49:19:a2:a3:75:83:2c:24:a6:48: 96:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:44:60:04:36:BE:DD:85:BC:44:00:44:A6:7B:3A:DE:0E:EF:AD:B2 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/jERgBDa-3YW8RABEpns63g7vrbI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.59.212.0/22 Signature Algorithm: sha256WithRSAEncryption ce:62:67:e2:fa:f9:2e:84:5a:4b:15:e3:b6:e6:7b:f6:5d:db: 44:71:a9:d3:17:b6:59:4d:44:32:7f:06:42:f6:77:8a:11:2d: 66:cd:82:ad:9c:1c:b2:d2:4f:f0:cf:23:23:1d:f6:09:f7:1c: 91:54:e7:0a:82:38:c2:41:36:4f:11:9d:f6:bb:a4:de:e0:97: 83:21:f8:ac:22:c5:57:49:41:97:81:b9:d7:f2:44:7b:d0:cf: bd:fd:d7:83:ae:c4:94:e7:fe:6e:56:3b:fd:1d:4e:35:b9:4c: b2:27:fc:3b:9a:84:d3:3b:a1:4a:ae:a8:36:38:04:d7:e2:ac: 81:62:3f:7e:1d:58:2c:0f:9c:9d:31:45:a2:42:39:13:ae:89: 4d:b2:f4:8f:f9:44:1a:0e:44:36:67:a0:46:98:53:52:96:4c: 2f:41:77:f5:2a:e0:29:45:0f:84:61:be:ab:55:5d:bc:de:32: 29:ca:b7:a5:7f:45:de:e7:d4:84:6c:79:36:e7:7a:e7:9d:27: ae:86:54:f8:c9:39:aa:33:7a:4a:77:e4:52:39:fa:03:4c:a5: 6a:65:84:a0:03:79:ef:2b:0f:32:22:a2:da:17:35:27:3c:a9: 96:84:84:8a:1a:c2:79:5d:97:bf:02:22:c0:6f:f2:de:38:4c: 4d:df:b6:e1 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDFEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw ODUzNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhDNDQ2MDA0MzZCRURE ODVCQzQ0MDA0NEE2N0IzQURFMEVFRkFEQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDyeX5Q8r5gAAjSn5fvKYd0NrXQK2nDXmmjcW2wz0l9+7YgFUM0 fI+0WIjKnLqVtD62ixKemNceHCBgDQx6mLSINM00UewHLafn1g3QlwwlEWjaKYa4 39iWqH/Qc3SziNj0SI4slmUn1Q+VZkfFAmYoxL5vLfJeJ+3rs8u3jnsQWoC4vy9D PMYewZlYGUDim7aNrkg+0G+hUVrC3dKf0Sc+c+sDxuDZxaLseJbRlCqae3/Kpzml nCCd6GZDaHTjf5bzBzaLOVgewx+2Mj+75Lhbk5cEwbHuo2/D+RHjfXk1l4IRc2DN LVT6Dvd7tUQvxqvqJ73cSRmio3WDLCSmSJYrAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUjERgBDa+3YW8RABEpns63g7vrbIwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2pFUmdCRGEtM1lXOFJB QkVwbnM2M2c3dnJiSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ3O9QwDQYJKoZIhvcNAQELBQADggEBAM5iZ+L6+S6EWksV47bme/Zd20RxqdMX tllNRDJ/BkL2d4oRLWbNgq2cHLLST/DPIyMd9gn3HJFU5wqCOMJBNk8Rnfa7pN7g l4Mh+KwixVdJQZeBudfyRHvQz73914OuxJTn/m5WO/0dTjW5TLIn/DuahNM7oUqu qDY4BNfirIFiP34dWCwPnJ0xRaJCOROuiU2y9I/5RBoORDZnoEaYU1KWTC9Bd/Uq 4ClFD4RhvqtVXbzeMinKt6V/Rd7n1IRseTbneuedJ66GVPjJOaozekp35FI5+gNM pWplhKADee8rDzIiotoXNSc8qZaEhIoawnldl78CIsBv8t44TE3ftuE= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org