$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/I-ykZaN13GcR9wPHGlIjnvppNcM.roa File: I-ykZaN13GcR9wPHGlIjnvppNcM.roa (raw, json) Hash identifier: YZ1qdBSy6eBs2MvMSZVJEF+r9BngmwopStQUth9pzcQ= Subject key identifier: 23:EC:A4:65:A3:75:DC:67:11:F7:03:C7:1A:52:23:9E:FA:69:35:C3 Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Certificate serial: 15CC Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/I-ykZaN13GcR9wPHGlIjnvppNcM.roa Signing time: Wed 13 Mar 2024 01:23:59 +0000 ROA not before: Wed 13 Mar 2024 01:23:59 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 56282 IP address blocks: 211.155.88.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Sep 2024 01:47:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5580 (0x15cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Validity Not Before: Mar 13 01:23:59 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=23ECA465A375DC6711F703C71A52239EFA6935C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:68:56:72:2c:a0:f9:23:c0:dc:8e:fa:86:42: 9e:96:dc:4b:36:fd:0b:b2:53:8a:d7:ea:b1:c4:36: 43:ae:e0:f5:af:26:48:98:6d:b8:e1:4e:8a:a1:12: fb:d8:62:95:8a:f6:4e:88:c7:09:01:79:9a:19:03: c3:a3:b4:ef:37:c4:21:bc:b2:b2:d7:95:71:e0:c0: 8c:42:4d:40:ff:a8:47:b8:54:27:02:c8:5e:99:a0: bf:85:50:2d:16:2b:80:7a:0a:cd:72:42:4d:98:ed: ac:5e:ab:97:2d:3f:95:dd:5b:a9:d8:e5:e9:50:33: c3:4d:d8:66:4e:ed:e6:23:cf:74:ea:cd:51:7d:be: b0:00:c7:cc:06:c6:2c:8e:4d:f5:7a:89:87:4f:82: c7:45:3a:1e:f9:96:55:74:f8:43:57:c4:fc:a6:af: 72:1b:63:f6:cf:68:27:03:7c:f3:87:d2:e9:e3:38: 58:80:5b:e0:5f:48:fb:80:77:45:01:d8:ec:5e:b2: 29:e9:3a:3a:34:1a:dc:d6:7d:b4:46:4b:78:6a:b9: 65:cd:c6:60:10:42:af:0a:93:f0:5d:69:08:71:83: b8:1b:9c:11:aa:55:73:bb:25:41:be:f1:a1:16:ac: 2f:7b:c8:62:b4:53:dc:8e:78:a0:2e:a6:df:45:36: 64:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:EC:A4:65:A3:75:DC:67:11:F7:03:C7:1A:52:23:9E:FA:69:35:C3 X509v3 Authority Key Identifier: keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/I-ykZaN13GcR9wPHGlIjnvppNcM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.155.88.0/21 Signature Algorithm: sha256WithRSAEncryption 5a:c5:db:b0:da:ea:17:f1:9b:01:21:a4:49:02:bf:16:ff:bb: 73:b3:d4:2d:36:69:23:9c:0b:a0:44:b9:2b:0c:19:22:86:a9: e1:cb:44:78:3a:62:8f:b7:5c:eb:7a:5c:2b:d4:b2:1a:54:c1: 64:b9:e8:de:e0:54:77:5a:21:f1:3a:89:31:2f:be:36:6a:81: a5:36:13:f0:5e:3f:b6:6e:a2:df:fc:7f:49:2c:de:06:09:86: 94:05:b9:cd:4e:7c:af:eb:38:70:22:1a:3a:68:6e:58:32:ca: 3c:39:7c:37:23:54:d1:6e:4f:b0:34:0e:23:40:77:a2:62:e0: a9:57:84:c2:77:ff:71:21:34:f9:69:c8:0a:31:2f:b5:84:9e: 23:d9:3d:e1:c9:5f:26:08:c6:35:43:3a:c6:d6:6c:da:df:ee: bb:9b:3a:28:a1:5a:a1:3f:df:2b:cf:48:d0:0f:15:cf:ef:ce: d0:f4:1d:6b:5a:4c:69:89:c5:5c:1f:6c:25:3b:08:db:21:f6: 63:20:cd:5c:79:16:94:86:4d:ed:86:63:f5:12:bf:c2:1d:a8: 3d:25:16:78:4e:52:8a:1e:32:59:14:96:bd:99:aa:45:e4:58: 4d:7e:ed:35:1e:0b:3f:a4:e3:82:0a:38:0b:66:5a:a1:58:ee: 39:a8:89:25 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFcwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNDAzMTMw MTIzNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIzRUNBNDY1QTM3NURD NjcxMUY3MDNDNzFBNTIyMzlFRkE2OTM1QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC3aFZyLKD5I8DcjvqGQp6W3Es2/QuyU4rX6rHENkOu4PWvJkiY bbjhToqhEvvYYpWK9k6IxwkBeZoZA8OjtO83xCG8srLXlXHgwIxCTUD/qEe4VCcC yF6ZoL+FUC0WK4B6Cs1yQk2Y7axeq5ctP5XdW6nY5elQM8NN2GZO7eYjz3TqzVF9 vrAAx8wGxiyOTfV6iYdPgsdFOh75llV0+ENXxPymr3IbY/bPaCcDfPOH0unjOFiA W+BfSPuAd0UB2OxesinpOjo0GtzWfbRGS3hquWXNxmAQQq8Kk/BdaQhxg7gbnBGq VXO7JUG+8aEWrC97yGK0U9yOeKAupt9FNmSbAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUI+ykZaN13GcR9wPHGlIjnvppNcMwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow 7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL0kteWtaYU4xM0djUjl3 UEhHbElqbnZwcE5jTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAPTm1gwDQYJKoZIhvcNAQELBQADggEBAFrF27Da6hfxmwEhpEkCvxb/u3Oz1C02 aSOcC6BEuSsMGSKGqeHLRHg6Yo+3XOt6XCvUshpUwWS56N7gVHdaIfE6iTEvvjZq gaU2E/BeP7Zuot/8f0ks3gYJhpQFuc1OfK/rOHAiGjpoblgyyjw5fDcjVNFuT7A0 DiNAd6Ji4KlXhMJ3/3EhNPlpyAoxL7WEniPZPeHJXyYIxjVDOsbWbNrf7rubOiih WqE/3yvPSNAPFc/vztD0HWtaTGmJxVwfbCU7CNsh9mMgzVx5FpSGTe2GY/USv8Id qD0lFnhOUooeMlkUlr2ZqkXkWE1+7TUeCz+k44IKOAtmWqFY7jmoiSU= -----END CERTIFICATE-----Generated at Sat Sep 21 00:27:22 2024 by rpki-client on console-fra.rpki-client.org