$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/kFdv23cMAs1A4DbC2fKI0D5BpM8.roa File: kFdv23cMAs1A4DbC2fKI0D5BpM8.roa (raw, json) Hash identifier: wtJvkAJRVnfirv0gVqhVAsJYuxcKPvxG14TekmWqWt0= Subject key identifier: 90:57:6F:DB:77:0C:02:CD:40:E0:36:C2:D9:F2:88:D0:3E:41:A4:CF Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Certificate serial: 15CD Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/kFdv23cMAs1A4DbC2fKI0D5BpM8.roa Signing time: Wed 13 Mar 2024 01:24:00 +0000 ROA not before: Wed 13 Mar 2024 01:24:00 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 4808 IP address blocks: 211.155.88.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5581 (0x15cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Validity Not Before: Mar 13 01:24:00 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=90576FDB770C02CD40E036C2D9F288D03E41A4CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:9f:67:09:07:b3:73:d1:22:ec:7e:e1:d5:08: 8c:53:8d:48:10:78:40:df:86:88:97:77:2c:b2:40: fe:47:96:86:eb:06:b1:67:0b:96:9e:ef:ba:44:62: 2a:02:03:54:e9:1e:ea:53:ad:21:26:ee:10:cb:fb: 33:54:a1:e3:db:bf:78:d6:9b:69:2d:63:8f:5a:6a: c3:20:a9:38:60:3a:10:e8:7b:95:a8:ec:43:21:e7: a0:c5:39:8e:d9:19:c0:30:73:fc:27:72:21:97:03: e7:82:65:45:da:5b:48:3c:b4:7e:12:81:cd:cc:3f: c2:4e:33:a0:2a:9d:be:4e:b7:64:98:ee:d5:df:56: 06:53:d3:44:0e:8b:f1:07:3a:d9:22:a2:ce:6c:37: cf:ee:7c:6f:98:b8:0e:21:4a:95:7a:c3:59:05:d7: 14:fa:f1:46:ea:64:d6:8a:63:cf:a1:4a:ec:a3:b8: 38:28:d2:42:4e:37:89:cd:af:2a:5c:50:98:1f:87: 0f:20:02:aa:60:97:95:1f:ac:7c:d7:9e:b3:7b:39: 28:35:a9:d5:95:60:ea:ba:c1:3f:89:2b:10:e9:cd: db:eb:33:1c:7e:11:a4:d3:cc:1d:fd:80:50:8a:6e: a4:0c:dc:c5:49:fd:19:19:2e:65:09:2f:36:a5:13: 7d:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:57:6F:DB:77:0C:02:CD:40:E0:36:C2:D9:F2:88:D0:3E:41:A4:CF X509v3 Authority Key Identifier: keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/kFdv23cMAs1A4DbC2fKI0D5BpM8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.155.88.0/21 Signature Algorithm: sha256WithRSAEncryption 9b:8e:5c:12:76:36:4a:c0:26:3b:0a:1a:ce:0b:e8:86:78:41: fc:60:01:c5:df:f7:86:ca:96:62:5a:3c:af:6a:91:24:9a:e3: 9c:6f:5b:29:47:c2:ae:85:ac:e0:2e:ae:c9:6f:f1:b5:0a:1a: cd:4f:ef:e6:9f:11:3d:6f:ef:c0:f6:e7:0f:8e:88:af:92:c3: a0:46:f9:3d:2b:a7:9a:b3:47:dc:63:ee:58:e7:43:41:d5:31: f9:62:0c:ff:42:e6:9d:77:5b:98:d1:c5:5c:14:04:16:b6:1a: d7:3a:66:5e:f2:2f:34:e0:50:b4:b6:e8:a6:82:fb:65:15:d0: e9:45:d6:e3:ef:8e:b1:3a:13:62:1a:be:13:39:33:74:7d:88: 5d:1b:dc:e6:f0:a2:3d:4b:97:37:22:b6:87:99:15:96:47:8c: a7:24:71:fd:a0:27:4b:63:c5:ec:b6:38:43:3a:03:90:4f:b3: e0:76:c8:0f:a4:57:07:85:00:ea:80:9f:dc:23:c6:11:b1:b3: 68:ec:73:1d:34:8f:c4:87:65:62:6a:f2:0d:8b:53:7e:3f:5c: 04:f9:c9:40:b1:22:e2:9b:33:66:2d:29:09:0a:ca:e9:43:c9: 81:35:52:57:89:c8:e4:23:0e:e6:13:8f:a8:95:77:0f:4b:75: f5:0b:e3:50 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFc0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNDAzMTMw MTI0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwNTc2RkRCNzcwQzAy Q0Q0MEUwMzZDMkQ5RjI4OEQwM0U0MUE0Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDfn2cJB7Nz0SLsfuHVCIxTjUgQeEDfhoiXdyyyQP5HlobrBrFn C5ae77pEYioCA1TpHupTrSEm7hDL+zNUoePbv3jWm2ktY49aasMgqThgOhDoe5Wo 7EMh56DFOY7ZGcAwc/wnciGXA+eCZUXaW0g8tH4Sgc3MP8JOM6Aqnb5Ot2SY7tXf VgZT00QOi/EHOtkios5sN8/ufG+YuA4hSpV6w1kF1xT68UbqZNaKY8+hSuyjuDgo 0kJON4nNrypcUJgfhw8gAqpgl5UfrHzXnrN7OSg1qdWVYOq6wT+JKxDpzdvrMxx+ EaTTzB39gFCKbqQM3MVJ/RkZLmUJLzalE31bAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUkFdv23cMAs1A4DbC2fKI0D5BpM8wHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow 7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL2tGZHYyM2NNQXMxQTRE YkMyZktJMEQ1QnBNOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAPTm1gwDQYJKoZIhvcNAQELBQADggEBAJuOXBJ2NkrAJjsKGs4L6IZ4QfxgAcXf 94bKlmJaPK9qkSSa45xvWylHwq6FrOAurslv8bUKGs1P7+afET1v78D25w+OiK+S w6BG+T0rp5qzR9xj7ljnQ0HVMfliDP9C5p13W5jRxVwUBBa2Gtc6Zl7yLzTgULS2 6KaC+2UV0OlF1uPvjrE6E2IavhM5M3R9iF0b3Obwoj1LlzcitoeZFZZHjKckcf2g J0tjxey2OEM6A5BPs+B2yA+kVweFAOqAn9wjxhGxs2jscx00j8SHZWJq8g2LU34/ XAT5yUCxIuKbM2YtKQkKyulDyYE1UleJyOQjDuYTj6iVdw9LdfUL41A= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org