$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/udQDiA36AiBCehvigpkvxVB4Pm4.roa File: udQDiA36AiBCehvigpkvxVB4Pm4.roa (raw, json) Hash identifier: pGDtKzroTyWYxDdwn0zB+5Chq0WhXjrT4Mpa3bf3+Zk= Subject key identifier: B9:D4:03:88:0D:FA:02:20:42:7A:1B:E2:82:99:2F:C5:50:78:3E:6E Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0C58 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/udQDiA36AiBCehvigpkvxVB4Pm4.roa Signing time: Wed 28 Aug 2024 08:53:59 +0000 ROA not before: Wed 28 Aug 2024 08:53:59 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 34549 IP address blocks: 123.98.100.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 11:23:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3160 (0xc58) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Aug 28 08:53:59 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=B9D403880DFA0220427A1BE282992FC550783E6E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:88:a8:87:35:6d:ec:cf:7e:f0:9f:fa:4b:80: 66:1f:1a:b0:d5:7e:1b:d1:c0:73:18:3a:94:b1:9b: f0:8e:50:72:61:be:4f:66:b0:fd:15:0e:3b:77:b9: 2c:f4:8b:d3:c3:c5:d0:b2:06:90:c6:ce:af:e5:f7: 00:e6:50:35:2f:62:43:b8:43:5f:60:f2:2c:1f:96: 6f:c3:8c:9d:bd:d3:96:73:70:c4:90:ee:71:61:46: 4d:50:5c:e6:06:af:af:28:a9:d5:51:8f:60:c6:31: a4:95:fd:e7:23:b0:71:8b:4b:b1:17:ce:e4:50:7a: 49:51:8d:d0:f4:7b:e7:13:ef:40:f1:3b:5e:d6:b3: 16:95:a1:1b:dd:e6:31:de:a7:e2:56:56:30:60:a8: 41:5d:1b:b0:07:e4:79:91:9e:0f:b1:d5:cd:81:70: 23:b6:06:f8:95:72:27:56:5a:64:3a:cb:59:dd:48: 00:38:60:31:f0:68:54:0a:7b:27:3a:91:ba:5e:9d: 12:2c:da:52:25:27:a5:f9:b0:64:b2:8d:90:1f:70: d1:3e:97:10:31:a9:48:2f:66:27:80:b8:d3:92:a4: d2:2d:18:0d:0f:91:3b:0b:85:24:b0:c5:82:be:95: c5:a1:c5:ac:30:69:20:6a:40:0e:da:52:df:ef:81: a4:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:D4:03:88:0D:FA:02:20:42:7A:1B:E2:82:99:2F:C5:50:78:3E:6E X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/udQDiA36AiBCehvigpkvxVB4Pm4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.98.100.0/23 Signature Algorithm: sha256WithRSAEncryption 13:cf:e9:7a:8d:8b:dc:91:ec:f6:d7:75:3a:71:3c:34:c4:7a: 97:41:a1:53:eb:11:42:ce:f6:4a:ea:a1:1f:a5:8d:e9:71:90: f5:8e:f3:47:2e:8b:12:db:84:a3:5d:95:5a:55:95:8d:8e:72: 85:ee:6c:ad:91:de:85:94:5f:5e:55:83:57:00:58:84:4d:3b: c3:04:4e:88:e6:ce:8c:e8:dd:61:2b:48:c3:5a:d0:f3:3c:aa: 44:ee:ce:89:b5:2d:c0:f0:0b:77:a9:69:ca:a6:fd:73:7e:0d: e8:6d:c6:12:08:18:6d:4a:57:43:5c:81:ee:2f:3f:61:92:87: 81:e4:2a:24:14:0f:92:34:57:f9:f3:91:e8:24:f1:55:e5:05: f2:45:56:8d:fd:30:e3:b6:69:c6:fd:be:7f:ef:6e:5d:c4:3a: 6b:7e:a2:9b:c2:66:f7:bb:5c:0e:20:ff:fd:a8:c6:06:0c:c9: dc:90:67:83:54:e7:2c:f7:d4:3c:d6:bd:08:b1:71:27:3f:76: cd:7b:93:b5:05:b2:e4:aa:0f:83:bd:0c:7f:20:61:a9:c3:8d: bb:8a:7e:14:12:07:be:d7:b2:fd:79:9c:e3:2a:cb:b8:9e:2e: 91:e2:e4:b3:85:cc:34:e2:d8:46:98:c3:b1:ef:b8:70:7e:41: 7e:3d:f1:dc -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDFgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw ODUzNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI5RDQwMzg4MERGQTAy MjA0MjdBMUJFMjgyOTkyRkM1NTA3ODNFNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLiKiHNW3sz37wn/pLgGYfGrDVfhvRwHMYOpSxm/COUHJhvk9m sP0VDjt3uSz0i9PDxdCyBpDGzq/l9wDmUDUvYkO4Q19g8iwflm/DjJ2905ZzcMSQ 7nFhRk1QXOYGr68oqdVRj2DGMaSV/ecjsHGLS7EXzuRQeklRjdD0e+cT70DxO17W sxaVoRvd5jHep+JWVjBgqEFdG7AH5HmRng+x1c2BcCO2BviVcidWWmQ6y1ndSAA4 YDHwaFQKeyc6kbpenRIs2lIlJ6X5sGSyjZAfcNE+lxAxqUgvZieAuNOSpNItGA0P kTsLhSSwxYK+lcWhxawwaSBqQA7aUt/vgaS/AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUudQDiA36AiBCehvigpkvxVB4Pm4wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL3VkUURpQTM2QWlCQ2Vo dmlncGt2eFZCNFBtNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAF7YmQwDQYJKoZIhvcNAQELBQADggEBABPP6XqNi9yR7PbXdTpxPDTEepdBoVPr EULO9krqoR+ljelxkPWO80cuixLbhKNdlVpVlY2OcoXubK2R3oWUX15Vg1cAWIRN O8METojmzozo3WErSMNa0PM8qkTuzom1LcDwC3epacqm/XN+DehtxhIIGG1KV0Nc ge4vP2GSh4HkKiQUD5I0V/nzkegk8VXlBfJFVo39MOO2acb9vn/vbl3EOmt+opvC Zve7XA4g//2oxgYMydyQZ4NU5yz31DzWvQixcSc/ds17k7UFsuSqD4O9DH8gYanD jbuKfhQSB77Xsv15nOMqy7ieLpHi5LOFzDTi2EaYw7HvuHB+QX498dw= -----END CERTIFICATE-----Generated at Fri Nov 22 09:32:46 2024 by rpki-client on console-fra.rpki-client.org