$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/K5MF8fmm7sOzpe8SyojmkgAzGaE.roa File: K5MF8fmm7sOzpe8SyojmkgAzGaE.roa (raw, json) Hash identifier: /ghxMiJvXOFUdYqTnOuncPBXE3AdVRVLfCTvH1hCIiA= Subject key identifier: 2B:93:05:F1:F9:A6:EE:C3:B3:A5:EF:12:CA:88:E6:92:00:33:19:A1 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 14B1 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/K5MF8fmm7sOzpe8SyojmkgAzGaE.roa Signing time: Wed 11 Sep 2024 02:23:40 +0000 ROA not before: Wed 11 Sep 2024 02:23:40 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 59083 IP address blocks: 59.153.168.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5297 (0x14b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:40 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=2B9305F1F9A6EEC3B3A5EF12CA88E692003319A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:c0:64:54:8b:21:14:7a:34:3b:0d:a0:35:51: f0:0e:a9:91:09:f0:d7:ff:f7:36:44:5c:de:39:07: 8b:01:2d:2c:ad:64:fd:95:ee:db:e6:af:16:aa:d4: 48:81:8d:d5:9c:89:04:9a:9a:46:1e:3f:28:e3:0e: fd:98:d3:ae:b5:ca:8b:31:61:bb:cc:4f:9a:b7:9a: d8:fc:70:d2:b9:1a:6f:88:84:7b:a2:84:6e:59:7a: 11:f4:82:f8:39:eb:68:4c:9a:96:3c:70:a2:d1:bd: 6d:1b:3f:9a:0c:a7:57:c5:6b:ca:bf:8d:ff:b2:fd: cf:90:43:ed:f1:f1:44:e7:c5:f9:2c:79:c5:08:30: 38:14:d1:9f:97:2f:e2:d6:b3:dc:42:2c:9a:d6:0e: 48:79:d3:2b:d1:fe:ea:d8:48:66:e9:7c:07:9b:bd: ca:a2:0b:1e:8f:5b:2c:ff:39:ec:fe:a9:47:d7:f6: 6d:4f:b9:77:6a:1b:87:c2:02:23:de:8f:35:f5:dc: 4f:cb:be:b6:0c:70:b6:82:41:d1:56:1f:43:90:ec: 97:4b:db:7b:0a:72:d8:05:87:cf:64:c4:ba:43:00: 11:63:68:18:ac:9d:49:9d:dc:72:b2:50:11:d0:ab: 01:ac:a7:38:56:6b:ee:3e:f1:a8:91:72:bc:97:45: 04:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:93:05:F1:F9:A6:EE:C3:B3:A5:EF:12:CA:88:E6:92:00:33:19:A1 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/K5MF8fmm7sOzpe8SyojmkgAzGaE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 59.153.168.0/23 Signature Algorithm: sha256WithRSAEncryption 04:d7:89:89:7b:50:1f:ce:ec:a6:83:e2:9f:38:5a:ab:c7:ea: b3:5d:25:77:2f:8a:8c:f7:69:7e:e0:cd:c9:91:b4:a8:55:bb: 0b:38:81:5b:f2:21:f5:88:9c:da:f2:2b:67:70:ea:ff:10:93: 1a:31:3d:1d:5f:da:75:03:3f:8a:d0:40:79:db:6c:8d:0a:4a: d4:e3:2b:0b:6d:b1:38:21:a6:9c:2c:74:a5:da:57:5a:92:e9: 6b:e1:79:92:a5:69:db:b6:52:5c:b5:d4:84:4d:70:80:db:af: 8c:59:e2:e7:e1:c5:ca:60:0d:96:24:63:3b:44:7d:1a:10:aa: a6:2e:07:1a:55:8e:ce:18:d4:ee:10:8d:f2:55:6c:8b:70:78: 9e:15:f5:54:22:8c:94:da:0b:52:25:7c:f6:ba:35:6e:a2:8c: 23:22:46:20:12:ba:ca:29:ef:04:11:68:37:12:fb:3d:70:96: 7e:70:74:c1:40:69:c7:48:bf:62:ad:74:20:fe:1a:51:92:cc: 8c:e7:45:b7:7c:35:41:69:97:c3:8c:46:1c:1c:5d:44:ed:2e: c7:a2:61:5e:79:fc:38:18:c5:84:8d:5c:60:a2:03:78:fa:1f: c8:b2:c8:69:b0:e9:3d:e1:a8:24:f0:1d:42:63:46:5e:b5:04: 14:6d:b1:f4 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFLEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJCOTMwNUYxRjlBNkVF QzNCM0E1RUYxMkNBODhFNjkyMDAzMzE5QTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDpwGRUiyEUejQ7DaA1UfAOqZEJ8Nf/9zZEXN45B4sBLSytZP2V 7tvmrxaq1EiBjdWciQSamkYePyjjDv2Y0661yosxYbvMT5q3mtj8cNK5Gm+IhHui hG5ZehH0gvg562hMmpY8cKLRvW0bP5oMp1fFa8q/jf+y/c+QQ+3x8UTnxfksecUI MDgU0Z+XL+LWs9xCLJrWDkh50yvR/urYSGbpfAebvcqiCx6PWyz/Oez+qUfX9m1P uXdqG4fCAiPejzX13E/LvrYMcLaCQdFWH0OQ7JdL23sKctgFh89kxLpDABFjaBis nUmd3HKyUBHQqwGspzhWa+4+8aiRcryXRQRTAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUK5MF8fmm7sOzpe8SyojmkgAzGaEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0s1TUY4Zm1tN3NPenBl OFN5b2pta2dBekdhRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAE7magwDQYJKoZIhvcNAQELBQADggEBAATXiYl7UB/O7KaD4p84WqvH6rNdJXcv ioz3aX7gzcmRtKhVuws4gVvyIfWInNryK2dw6v8QkxoxPR1f2nUDP4rQQHnbbI0K StTjKwttsTghppwsdKXaV1qS6WvheZKladu2Uly11IRNcIDbr4xZ4ufhxcpgDZYk YztEfRoQqqYuBxpVjs4Y1O4QjfJVbItweJ4V9VQijJTaC1IlfPa6NW6ijCMiRiAS usop7wQRaDcS+z1wln5wdMFAacdIv2KtdCD+GlGSzIznRbd8NUFpl8OMRhwcXUTt LseiYV55/DgYxYSNXGCiA3j6H8iyyGmw6T3hqCTwHUJjRl61BBRtsfQ= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org