$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/lFIpyiqcL8UkVryaK3S0LvNynWE.roa File: lFIpyiqcL8UkVryaK3S0LvNynWE.roa (raw, json) Hash identifier: APnRh7E2GPZaAl7MMaAXj246BjEM42/y9g6uY9tCb6E= Subject key identifier: 94:52:29:CA:2A:9C:2F:C5:24:56:BC:9A:2B:74:B4:2E:F3:72:9D:61 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0C49 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/lFIpyiqcL8UkVryaK3S0LvNynWE.roa Signing time: Wed 28 Aug 2024 08:53:52 +0000 ROA not before: Wed 28 Aug 2024 08:53:52 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 62387 IP address blocks: 119.59.224.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3145 (0xc49) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Aug 28 08:53:52 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=945229CA2A9C2FC52456BC9A2B74B42EF3729D61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ae:72:37:bc:ff:0f:33:81:71:73:cb:f9:58: 1c:ed:fe:76:f0:bb:19:21:b7:3e:eb:33:b7:3d:ab: 5c:e4:d2:88:db:0d:4e:1c:2f:51:9e:99:d8:61:b2: 8f:1d:0a:e4:a9:d1:48:15:5a:4c:b0:6c:c4:75:ba: 50:7a:24:60:45:c6:27:0b:49:14:d0:ad:ff:81:e4: 30:eb:8c:45:26:50:0b:90:a6:00:6f:21:73:df:45: c4:23:83:08:4e:fa:a9:25:c5:54:93:f1:77:e1:33: 08:94:a8:29:ec:53:1c:43:92:42:2d:6b:65:a3:56: 7c:58:77:a4:92:c8:07:02:0f:3d:64:40:13:89:dc: f2:b8:0f:85:b2:8d:cb:4d:91:fa:41:d1:93:35:03: 8d:c7:08:7b:30:04:49:09:8e:14:9a:ec:0c:fd:69: 0e:8e:0f:b2:73:b1:19:57:0c:1e:6a:3f:b9:de:67: 3f:a2:64:31:f6:42:41:80:2e:ca:34:e2:b6:f6:b2: da:c9:55:72:b3:48:26:b0:c7:81:8e:f7:46:45:2a: 96:88:18:01:40:da:bf:39:89:ef:9a:83:55:dc:87: c5:e1:ba:37:c9:de:07:f1:c5:9a:9c:ec:8c:d3:65: 1c:e8:f3:42:c2:e2:59:cf:b9:bb:96:23:ec:a6:04: d0:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:52:29:CA:2A:9C:2F:C5:24:56:BC:9A:2B:74:B4:2E:F3:72:9D:61 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/lFIpyiqcL8UkVryaK3S0LvNynWE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.59.224.0/22 Signature Algorithm: sha256WithRSAEncryption 11:41:66:a0:d6:a9:43:8f:0b:21:67:ef:4b:b0:bb:5d:b1:e1: 21:8e:b5:86:ff:5a:8d:8d:b1:2c:37:0f:eb:1d:44:22:51:09: df:e0:6e:24:5d:fe:33:85:00:c2:1a:78:cc:95:a8:18:d9:3b: ec:46:e1:b7:c6:40:16:7e:3e:3d:cd:0e:e2:96:27:e0:9c:3d: 68:41:ab:44:56:dd:d0:fb:2f:67:03:d1:42:fe:ab:c4:a2:e2: 51:95:01:32:a9:05:42:14:a0:55:55:fb:30:6a:b4:c6:9d:23: 45:f5:77:48:17:a0:75:14:04:54:d4:95:b8:52:16:f6:89:4e: e1:9a:d5:3c:df:f4:8e:99:44:bf:54:82:44:5d:da:1a:4c:dd: b1:90:75:dc:48:25:0e:9a:f9:56:07:5f:72:ff:56:2b:92:51: 20:30:bd:34:09:87:17:d1:65:81:6a:00:5d:73:77:8b:32:e1: 5f:a2:9e:e9:c3:bc:f5:a1:2e:65:6d:2b:da:84:5c:5a:86:44: 39:ed:dc:f9:69:93:cb:85:c3:a4:02:13:07:1c:bf:bd:fc:a2: 96:a4:22:86:d6:7a:db:ae:50:3f:89:2a:ab:95:a0:9d:c3:ca: 9b:3b:2d:d9:03:94:1b:18:5c:d7:82:a5:36:e1:3d:01:5c:b4: bf:dd:44:fd -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDEkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw ODUzNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk0NTIyOUNBMkE5QzJG QzUyNDU2QkM5QTJCNzRCNDJFRjM3MjlENjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHrnI3vP8PM4Fxc8v5WBzt/nbwuxkhtz7rM7c9q1zk0ojbDU4c L1Gemdhhso8dCuSp0UgVWkywbMR1ulB6JGBFxicLSRTQrf+B5DDrjEUmUAuQpgBv IXPfRcQjgwhO+qklxVST8XfhMwiUqCnsUxxDkkIta2WjVnxYd6SSyAcCDz1kQBOJ 3PK4D4WyjctNkfpB0ZM1A43HCHswBEkJjhSa7Az9aQ6OD7JzsRlXDB5qP7neZz+i ZDH2QkGALso04rb2strJVXKzSCawx4GO90ZFKpaIGAFA2r85ie+ag1Xch8XhujfJ 3gfxxZqc7IzTZRzo80LC4lnPubuWI+ymBNBvAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUlFIpyiqcL8UkVryaK3S0LvNynWEwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2xGSXB5aXFjTDhVa1Zy eWFLM1MwTHZOeW5XRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ3O+AwDQYJKoZIhvcNAQELBQADggEBABFBZqDWqUOPCyFn70uwu12x4SGOtYb/ Wo2NsSw3D+sdRCJRCd/gbiRd/jOFAMIaeMyVqBjZO+xG4bfGQBZ+Pj3NDuKWJ+Cc PWhBq0RW3dD7L2cD0UL+q8Si4lGVATKpBUIUoFVV+zBqtMadI0X1d0gXoHUUBFTU lbhSFvaJTuGa1Tzf9I6ZRL9UgkRd2hpM3bGQddxIJQ6a+VYHX3L/ViuSUSAwvTQJ hxfRZYFqAF1zd4sy4V+inunDvPWhLmVtK9qEXFqGRDnt3Plpk8uFw6QCEwccv738 opakIobWetuuUD+JKquVoJ3Dyps7LdkDlBsYXNeCpTbhPQFctL/dRP0= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:12 2024 by rpki-client on console-fra.rpki-client.org