$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/M9GqTh0Bgcd-idrzIDgewKyAYG4.roa File: M9GqTh0Bgcd-idrzIDgewKyAYG4.roa (raw, json) Hash identifier: i4XiWnyDTdtQhWzN0LeTAOsrQLwpwKqEX0V3ZkIiIto= Subject key identifier: 33:D1:AA:4E:1D:01:81:C7:7E:89:DA:F3:20:38:1E:C0:AC:80:60:6E Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 14B5 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/M9GqTh0Bgcd-idrzIDgewKyAYG4.roa Signing time: Wed 11 Sep 2024 02:23:42 +0000 ROA not before: Wed 11 Sep 2024 02:23:42 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 59083 IP address blocks: 43.254.153.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5301 (0x14b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:42 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=33D1AA4E1D0181C77E89DAF320381EC0AC80606E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:16:cc:7a:3b:5f:8b:10:3f:02:61:e1:c7:f0: df:41:7e:89:2c:41:ca:5e:de:cf:70:1f:d3:a0:4e: af:cf:54:6b:6d:1d:d4:58:db:cf:c3:a4:59:01:ae: 7d:17:e8:b6:fd:51:e1:dd:1e:ba:5f:7c:ba:8f:b2: d7:5a:29:5b:3e:e4:ec:12:b0:1e:ef:cd:d7:5d:cb: 6a:08:26:f3:c7:26:c9:cb:a2:a4:34:62:5b:f0:a2: e7:0c:78:0b:12:af:66:66:34:f6:bb:7c:35:a7:a7: 4b:fd:7f:03:a2:38:ab:41:17:c0:0b:12:85:33:24: 41:8b:3a:c6:8e:a8:0e:e6:9f:5e:b5:0d:53:6e:f3: ac:a1:53:f3:9f:c7:03:7c:8b:28:95:b2:0e:ae:0b: be:20:d7:33:31:e9:77:e3:c4:9a:ef:be:da:a8:c1: f5:f7:f6:10:77:12:f0:c4:99:aa:1f:25:ab:f9:57: 51:4f:8b:e6:ad:70:ff:88:18:c5:59:03:59:08:e3: 70:93:7e:cf:9b:de:f7:a1:09:28:b4:da:94:aa:d5: cd:4f:da:e4:61:b8:63:9a:ea:17:d6:8c:55:d5:33: d2:a7:7e:ee:89:a0:fa:a6:6e:b9:10:9a:78:45:6d: 20:e8:d3:54:fb:5f:95:02:2d:40:33:20:3d:04:78: 27:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:D1:AA:4E:1D:01:81:C7:7E:89:DA:F3:20:38:1E:C0:AC:80:60:6E X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/M9GqTh0Bgcd-idrzIDgewKyAYG4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.153.0/24 Signature Algorithm: sha256WithRSAEncryption 84:0c:07:d5:73:6d:e9:65:a0:ac:f2:69:6e:17:b5:e1:8a:b6: cc:3e:9c:26:a2:7b:2a:da:4d:d5:56:fe:e9:60:f4:3b:a9:e3: d1:33:9f:71:48:c0:ae:24:68:0e:d4:01:dc:16:bb:59:f6:12: 6f:c0:61:c3:df:84:c9:c0:ce:e0:68:7c:de:02:42:dc:3a:02: ea:8c:2b:09:94:6f:4d:6b:76:83:90:38:e0:c1:24:77:e5:c7: ae:f5:d0:c1:ec:1d:24:32:80:46:5d:86:3a:9d:c4:e7:2c:20: 16:5e:9d:b0:a4:6d:cc:e8:04:34:5c:c8:77:5d:bb:3a:a4:5f: 1b:ce:27:5d:6c:a0:fa:72:b4:21:75:0f:79:eb:e9:84:a0:e3: ce:50:ae:bc:3a:b4:f8:a5:57:22:81:28:3c:a4:24:d3:34:5c: 94:c8:7c:5c:e6:f8:ab:46:d9:a8:67:c4:be:53:2f:48:66:3a: b1:e1:92:b6:69:48:4a:46:f2:6a:05:a3:ac:44:c8:c6:89:40: 48:21:cc:05:b4:c4:3f:05:6e:6d:62:a4:a3:b6:b4:4d:1d:5b: 14:f9:9d:3b:c8:5b:28:0e:27:9c:f2:06:7e:17:2e:30:c4:67: 05:98:fe:6c:f1:7e:2a:b2:65:36:d7:07:03:e4:c1:4d:24:d1: b8:11:7a:d0 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFLUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMzRDFBQTRFMUQwMTgx Qzc3RTg5REFGMzIwMzgxRUMwQUM4MDYwNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDXFsx6O1+LED8CYeHH8N9BfoksQcpe3s9wH9OgTq/PVGttHdRY 28/DpFkBrn0X6Lb9UeHdHrpffLqPstdaKVs+5OwSsB7vzdddy2oIJvPHJsnLoqQ0 YlvwoucMeAsSr2ZmNPa7fDWnp0v9fwOiOKtBF8ALEoUzJEGLOsaOqA7mn161DVNu 86yhU/OfxwN8iyiVsg6uC74g1zMx6XfjxJrvvtqowfX39hB3EvDEmaofJav5V1FP i+atcP+IGMVZA1kI43CTfs+b3vehCSi02pSq1c1P2uRhuGOa6hfWjFXVM9Knfu6J oPqmbrkQmnhFbSDo01T7X5UCLUAzID0EeCfZAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUM9GqTh0Bgcd+idrzIDgewKyAYG4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L005R3FUaDBCZ2NkLWlk cnpJRGdld0t5QVlHNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAr/pkwDQYJKoZIhvcNAQELBQADggEBAIQMB9VzbelloKzyaW4XteGKtsw+nCai eyraTdVW/ulg9Dup49Ezn3FIwK4kaA7UAdwWu1n2Em/AYcPfhMnAzuBofN4CQtw6 AuqMKwmUb01rdoOQOODBJHflx6710MHsHSQygEZdhjqdxOcsIBZenbCkbczoBDRc yHdduzqkXxvOJ11soPpytCF1D3nr6YSg485Qrrw6tPilVyKBKDykJNM0XJTIfFzm +KtG2ahnxL5TL0hmOrHhkrZpSEpG8moFo6xEyMaJQEghzAW0xD8Fbm1ipKO2tE0d WxT5nTvIWygOJ5zyBn4XLjDEZwWY/mzxfiqyZTbXBwPkwU0k0bgRetA= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:13 2024 by rpki-client on console-fra.rpki-client.org