$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/42LO_ls08xVz6r0Ydg7hc90DIJI.roa File: 42LO_ls08xVz6r0Ydg7hc90DIJI.roa (raw, json) Hash identifier: yCMPFlMFsV2mzZ3ek0GEyvh8mJE5HScilUeKl3e+FxM= Subject key identifier: E3:62:CE:FE:5B:34:F3:15:73:EA:BD:18:76:0E:E1:73:DD:03:20:92 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1471 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/42LO_ls08xVz6r0Ydg7hc90DIJI.roa Signing time: Wed 11 Sep 2024 02:23:18 +0000 ROA not before: Wed 11 Sep 2024 02:23:18 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 59083 IP address blocks: 202.136.250.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5233 (0x1471) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:18 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=E362CEFE5B34F31573EABD18760EE173DD032092 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:2a:7c:27:8d:e9:4b:fa:0c:f3:0e:12:16:3b: f7:fd:a2:de:58:f1:9f:47:17:69:4d:06:b8:7f:0c: 99:10:30:4a:e4:4c:a7:f5:ea:46:a7:2e:4b:c9:dc: 0c:ad:88:52:0e:37:46:a8:62:fe:9e:76:cb:2b:96: 52:e2:73:fc:d4:a3:f2:19:7c:70:9f:ea:6d:92:7f: ba:17:21:f9:33:d8:76:49:af:e8:88:1c:da:89:a6: 9c:c6:ae:9f:dd:99:b2:00:9a:fc:2f:5d:9c:96:65: 29:0b:d2:09:95:f2:80:78:20:57:eb:14:d5:95:b9: 3f:52:21:fc:4a:ab:a1:bd:37:58:4c:6c:bd:ed:65: 31:d6:65:cb:18:af:e9:c4:21:9c:5c:b0:6e:b0:6c: 19:0b:bc:9c:c6:b9:d5:83:54:03:ad:fe:a1:98:0c: 29:7a:d9:b4:64:cc:d2:75:2d:40:ef:5f:30:9e:2b: c2:99:db:01:49:54:50:2e:c3:70:06:36:6e:ca:73: 21:16:fa:ba:1e:8c:97:cc:84:b0:53:86:50:4c:4e: 3b:92:64:ef:1b:65:81:01:11:17:53:c9:4d:42:13: 63:70:ab:27:6e:92:a6:a3:42:08:24:c3:3b:bc:b7: b6:df:75:14:46:c6:58:43:2c:cc:4a:3c:7e:b5:31: 7f:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:62:CE:FE:5B:34:F3:15:73:EA:BD:18:76:0E:E1:73:DD:03:20:92 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/42LO_ls08xVz6r0Ydg7hc90DIJI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.136.250.0/24 Signature Algorithm: sha256WithRSAEncryption ba:e0:51:8f:fa:05:be:dd:33:23:3a:37:4b:4e:5c:1e:48:82: c6:54:db:9e:d7:c9:16:55:4a:28:07:03:ab:fa:d9:d2:6b:0b: 12:4d:1e:97:2b:2f:cb:ef:17:db:60:1d:8a:40:8a:43:33:b0: 89:12:9d:a1:8c:7c:bf:21:12:c4:5b:f8:ae:b2:39:c0:7e:b6: d0:2c:f8:b4:cd:6b:0c:37:75:bc:cc:5e:48:27:22:3c:2a:7f: 6f:1a:e7:61:bd:3c:60:b8:c4:83:a6:1a:a4:cf:fe:d6:53:18: d7:87:4a:d5:ee:26:ce:56:db:bf:4d:b1:ee:02:1e:b2:1b:79: 2e:a6:22:ee:f1:db:05:39:04:4a:3d:a4:bb:8e:04:87:30:9d: 2a:ab:13:2f:fb:93:98:10:94:de:db:d4:58:4d:9f:14:ee:e0: 1e:94:63:93:61:f6:c9:34:b0:f6:3b:44:37:b1:2d:20:b8:c5: 37:78:28:64:9e:f3:9a:a9:74:f9:98:d9:53:c3:61:a2:04:77: c4:f9:40:d0:10:4f:a0:8f:8e:17:d2:ae:67:4d:dd:43:e1:51: 60:6e:3b:d8:09:90:bf:b0:e1:1f:aa:49:65:b8:5d:e5:c4:46: 86:76:0e:1c:7b:8e:6c:2e:55:2f:b0:1c:d0:a5:d9:13:8d:ab: 14:36:66:78 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFHEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUzNjJDRUZFNUIzNEYz MTU3M0VBQkQxODc2MEVFMTczREQwMzIwOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDaKnwnjelL+gzzDhIWO/f9ot5Y8Z9HF2lNBrh/DJkQMErkTKf1 6kanLkvJ3AytiFION0aoYv6edssrllLic/zUo/IZfHCf6m2Sf7oXIfkz2HZJr+iI HNqJppzGrp/dmbIAmvwvXZyWZSkL0gmV8oB4IFfrFNWVuT9SIfxKq6G9N1hMbL3t ZTHWZcsYr+nEIZxcsG6wbBkLvJzGudWDVAOt/qGYDCl62bRkzNJ1LUDvXzCeK8KZ 2wFJVFAuw3AGNm7KcyEW+roejJfMhLBThlBMTjuSZO8bZYEBERdTyU1CE2Nwqydu kqajQggkwzu8t7bfdRRGxlhDLMxKPH61MX/zAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU42LO/ls08xVz6r0Ydg7hc90DIJIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzQyTE9fbHMwOHhWejZy MFlkZzdoYzkwRElKSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKiPowDQYJKoZIhvcNAQELBQADggEBALrgUY/6Bb7dMyM6N0tOXB5IgsZU257X yRZVSigHA6v62dJrCxJNHpcrL8vvF9tgHYpAikMzsIkSnaGMfL8hEsRb+K6yOcB+ ttAs+LTNaww3dbzMXkgnIjwqf28a52G9PGC4xIOmGqTP/tZTGNeHStXuJs5W279N se4CHrIbeS6mIu7x2wU5BEo9pLuOBIcwnSqrEy/7k5gQlN7b1FhNnxTu4B6UY5Nh 9sk0sPY7RDexLSC4xTd4KGSe85qpdPmY2VPDYaIEd8T5QNAQT6CPjhfSrmdN3UPh UWBuO9gJkL+w4R+qSWW4XeXERoZ2Dhx7jmwuVS+wHNCl2RONqxQ2Zng= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org