$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/479/YhfguG2ongrNwT7Av75WeJ4YSJo.roa File: YhfguG2ongrNwT7Av75WeJ4YSJo.roa (raw, json) Hash identifier: C5/5G4t2c66TjFYQDoHH4NEIqcQjisrhZax4gdANzbA= Subject key identifier: 62:17:E0:B8:6D:A8:9E:0A:CD:C1:3E:C0:BF:BE:56:78:9E:18:48:9A Certificate issuer: /CN=025E2D794E6FFAE295BACE491100E3D18B9C7141 Certificate serial: 0CA0 Authority key identifier: 02:5E:2D:79:4E:6F:FA:E2:95:BA:CE:49:11:00:E3:D1:8B:9C:71:41 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Al4teU5v-uKVus5JEQDj0YuccUE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/YhfguG2ongrNwT7Av75WeJ4YSJo.roa Signing time: Wed 13 Mar 2024 01:23:46 +0000 ROA not before: Wed 13 Mar 2024 01:23:46 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 38283 IP address blocks: 60.247.128.0/17 maxlen: 24 211.149.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Al4teU5v-uKVus5JEQDj0YuccUE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:25:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3232 (0xca0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=025E2D794E6FFAE295BACE491100E3D18B9C7141 Validity Not Before: Mar 13 01:23:46 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=6217E0B86DA89E0ACDC13EC0BFBE56789E18489A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:c2:37:4b:3c:fe:02:48:c6:09:0d:37:c7:e0: a1:3f:ac:28:23:2d:02:b3:c9:2a:13:ee:df:02:cf: fc:8a:36:8c:3c:f3:12:36:8b:f4:12:0d:d4:99:19: f3:2f:92:a5:9b:18:1c:f6:d0:0c:31:fa:eb:b2:72: 8e:7e:ec:7e:5d:1f:e4:a8:56:55:2d:ee:41:96:5c: 22:b1:46:be:7f:ab:6a:9d:45:8f:98:08:7a:99:82: 37:0c:7c:67:8e:fd:e3:38:77:31:a5:fd:6d:d5:6d: 2a:9a:08:c5:25:48:a1:86:8f:82:04:21:ce:98:ba: 3f:d6:b3:3c:5d:fd:f6:8e:4d:1a:a1:5b:99:b9:96: cb:cf:9f:2c:54:19:d2:70:ac:f9:8b:7e:82:83:99: 4c:f5:7b:8b:3a:d5:c2:4c:f0:f1:2a:66:63:36:a5: 6c:87:fd:89:ff:fb:a4:b4:99:79:f1:d4:ac:d8:27: db:15:80:15:4c:7f:60:62:e5:25:50:78:00:cf:a9: 01:fb:05:50:92:ef:66:5b:81:0a:b4:5e:b5:bd:b4: 4e:a0:e7:06:45:a4:d3:c1:bb:57:97:78:68:74:8f: 4d:43:18:94:37:fe:41:2d:a5:4c:f3:85:1d:de:2f: 0d:ae:01:1c:56:3e:ec:94:18:12:d4:2e:7c:4b:ed: 61:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:17:E0:B8:6D:A8:9E:0A:CD:C1:3E:C0:BF:BE:56:78:9E:18:48:9A X509v3 Authority Key Identifier: keyid:02:5E:2D:79:4E:6F:FA:E2:95:BA:CE:49:11:00:E3:D1:8B:9C:71:41 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Al4teU5v-uKVus5JEQDj0YuccUE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/YhfguG2ongrNwT7Av75WeJ4YSJo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 60.247.128.0/17 211.149.128.0/17 Signature Algorithm: sha256WithRSAEncryption 9a:11:f3:44:94:7c:f1:c9:c6:a0:1a:16:da:2c:97:eb:16:1e: e7:b8:dc:da:cb:5d:57:b7:d6:85:77:52:73:b7:a0:f5:73:2e: 38:bf:19:d4:63:73:2c:a3:80:25:c0:ac:87:63:63:7c:ad:6b: 1d:d6:f7:03:f4:43:5b:23:ff:19:43:c6:fe:59:61:42:a0:da: 10:98:33:d9:17:2f:1c:d6:03:51:a5:1e:03:a5:5e:b2:86:b2: 26:41:42:1c:f1:78:95:a9:1f:99:60:04:17:a7:29:b3:a2:d9: e9:01:aa:dd:c5:0f:8e:9e:71:44:fa:f7:7d:9a:c5:2d:ef:35: 99:81:04:d0:8f:d8:78:07:35:71:bf:3c:e2:35:7a:87:ab:7d: d2:b2:e4:db:1c:f0:fc:45:b2:6e:85:53:05:2b:85:c1:1f:40: 21:eb:1d:e0:60:7f:7b:2d:4f:c4:00:02:d2:da:67:06:11:ca: b5:85:53:d6:5e:cf:5a:6e:43:95:ea:a0:00:0b:47:3d:59:00: cb:72:8c:78:f4:44:a5:3a:5d:3b:66:c0:ed:80:69:7a:ad:e2: 9b:b4:cc:10:06:13:67:1e:32:a4:9f:b2:29:52:ef:f8:e5:65: ba:e2:d9:25:34:ab:c7:e8:33:c9:32:4b:de:ce:27:e6:a9:28: 2b:02:79:2b -----BEGIN CERTIFICATE----- MIIE2zCCA8OgAwIBAgICDKAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDI1 RTJENzk0RTZGRkFFMjk1QkFDRTQ5MTEwMEUzRDE4QjlDNzE0MTAeFw0yNDAzMTMw MTIzNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYyMTdFMEI4NkRBODlF MEFDREMxM0VDMEJGQkU1Njc4OUUxODQ4OUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAwjdLPP4CSMYJDTfH4KE/rCgjLQKzySoT7t8Cz/yKNow88xI2 i/QSDdSZGfMvkqWbGBz20Awx+uuyco5+7H5dH+SoVlUt7kGWXCKxRr5/q2qdRY+Y CHqZgjcMfGeO/eM4dzGl/W3VbSqaCMUlSKGGj4IEIc6Yuj/Wszxd/faOTRqhW5m5 lsvPnyxUGdJwrPmLfoKDmUz1e4s61cJM8PEqZmM2pWyH/Yn/+6S0mXnx1KzYJ9sV gBVMf2Bi5SVQeADPqQH7BVCS72ZbgQq0XrW9tE6g5wZFpNPBu1eXeGh0j01DGJQ3 /kEtpUzzhR3eLw2uARxWPuyUGBLULnxL7WFbAgMBAAGjggH3MIIB8zAdBgNVHQ4E FgQUYhfguG2ongrNwT7Av75WeJ4YSJowHwYDVR0jBBgwFoAUAl4teU5v+uKVus5J EQDj0YuccUEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDc5 L0FsNHRlVTV2LXVLVnVzNUpFUURqMFl1Y2NVRS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvQWw0dGVVNXYtdUtWdXM1SkVRRGowWXVjY1VFLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDc5L1loZmd1RzJvbmdyTndU N0F2NzVXZUo0WVNKby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD BAc894ADBAfTlYAwDQYJKoZIhvcNAQELBQADggEBAJoR80SUfPHJxqAaFtosl+sW Hue43NrLXVe31oV3UnO3oPVzLji/GdRjcyyjgCXArIdjY3ytax3W9wP0Q1sj/xlD xv5ZYUKg2hCYM9kXLxzWA1GlHgOlXrKGsiZBQhzxeJWpH5lgBBenKbOi2ekBqt3F D46ecUT6932axS3vNZmBBNCP2HgHNXG/POI1eoerfdKy5Nsc8PxFsm6FUwUrhcEf QCHrHeBgf3stT8QAAtLaZwYRyrWFU9Zez1puQ5XqoAALRz1ZAMtyjHj0RKU6XTtm wO2AaXqt4pu0zBAGE2ceMqSfsilS7/jlZbri2SU0q8foM8kyS97OJ+apKCsCeSs= -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:51 2024 by rpki-client on console-ams.rpki-client.org