$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/PG1DWNKPYuWolSxV9vH_1yX8WMY.roa File: PG1DWNKPYuWolSxV9vH_1yX8WMY.roa (raw, json) Hash identifier: 9k5NVfg0SVP1cjPVPH1uLlxt6gKw4r3MWiIu1p0IdyM= Subject key identifier: 3C:6D:43:58:D2:8F:62:E5:A8:95:2C:55:F6:F1:FF:D7:25:FC:58:C6 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 14C5 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/PG1DWNKPYuWolSxV9vH_1yX8WMY.roa Signing time: Wed 11 Sep 2024 02:23:48 +0000 ROA not before: Wed 11 Sep 2024 02:23:48 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 59083 IP address blocks: 43.254.154.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5317 (0x14c5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:48 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=3C6D4358D28F62E5A8952C55F6F1FFD725FC58C6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:2b:12:b3:b7:73:02:fc:84:f8:af:b9:e1:a3: 6e:30:c0:7a:b8:23:d0:8c:92:49:7a:4c:31:db:dc: 71:64:86:cf:fb:1b:17:8c:41:91:42:17:4b:05:91: 5b:c8:fd:35:62:12:b7:51:1e:65:f2:2e:50:40:d2: 47:e2:da:b4:8a:3e:5e:9b:16:f7:bf:4a:e7:ff:31: fc:37:98:57:0a:1f:d9:87:3f:f3:2d:65:a6:bc:9c: b7:95:23:9b:e7:86:50:7b:5d:1a:c8:f6:ad:6e:3f: b3:b3:4c:75:fb:51:c6:a9:ae:82:2f:a1:eb:0d:40: a2:e7:22:03:16:ab:b3:ef:dd:6a:c9:d2:38:4b:3d: 4f:48:59:03:b2:04:8f:a4:a7:7c:c2:7f:40:ac:b5: 38:4a:4b:cb:8c:78:1b:1a:48:90:bd:46:b9:10:6f: 99:dc:ab:ee:74:c4:1d:4f:99:a5:3e:6a:c3:68:87: d6:55:e1:28:b1:cf:19:98:70:6f:f3:20:cc:43:99: 12:ef:93:72:11:1a:f5:f3:90:a1:4e:78:1e:27:b6: 16:8d:c9:9b:a1:01:9b:cb:f7:d3:ab:f8:1d:9c:c2: 77:15:e4:bd:90:6d:5e:33:b2:1a:26:f7:f2:ee:98: 44:6b:09:0e:9d:4d:65:9f:24:8b:a7:a4:91:35:f3: bf:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:6D:43:58:D2:8F:62:E5:A8:95:2C:55:F6:F1:FF:D7:25:FC:58:C6 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/PG1DWNKPYuWolSxV9vH_1yX8WMY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.154.0/23 Signature Algorithm: sha256WithRSAEncryption 60:33:ad:33:c5:a7:0d:4a:4f:ff:50:c4:1d:5d:aa:6f:72:21: d9:26:e1:50:36:27:32:72:1c:e5:94:d3:43:4b:b0:2f:c9:02: d9:b6:e1:0b:cc:8c:9e:a4:37:ee:09:3c:f0:4e:c5:78:11:e4: 93:c2:56:13:06:f7:7d:3c:6a:a6:3d:f4:2d:ab:f4:c1:aa:dc: 44:dd:00:46:b5:b8:f9:68:f9:0b:8a:70:5f:08:0a:f6:fb:db: 2e:4f:b5:45:ef:a2:6b:08:f2:ae:9d:b7:a5:78:6b:bd:b5:d8: df:6e:40:a5:1f:96:ab:2e:d8:3f:70:4a:3c:f0:3a:49:5c:98: e2:10:82:85:df:3f:b2:d7:96:fc:0e:95:e3:7f:58:62:92:a8: 6f:24:10:19:2c:85:4f:9c:86:05:5b:dc:1f:96:62:2f:75:7c: 75:51:d7:98:5e:d4:24:5b:f9:c2:a3:93:d9:93:1c:f5:cb:c0: cd:8e:6a:2f:87:62:2c:0a:65:bb:9d:1e:e1:73:25:e6:87:a0: e9:60:21:2c:f0:41:ba:00:ad:90:e9:71:6e:a4:fb:8f:8d:0a: 58:65:ad:ca:db:e8:9c:6d:bf:a1:5a:ae:df:ad:86:05:ca:c2: 06:8c:4b:76:dc:ec:c4:34:be:44:0d:51:c1:ad:6e:66:77:4a: c2:fc:66:dd -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNDNkQ0MzU4RDI4RjYy RTVBODk1MkM1NUY2RjFGRkQ3MjVGQzU4QzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOKxKzt3MC/IT4r7nho24wwHq4I9CMkkl6TDHb3HFkhs/7GxeM QZFCF0sFkVvI/TViErdRHmXyLlBA0kfi2rSKPl6bFve/Suf/Mfw3mFcKH9mHP/Mt Zaa8nLeVI5vnhlB7XRrI9q1uP7OzTHX7UcaproIvoesNQKLnIgMWq7Pv3WrJ0jhL PU9IWQOyBI+kp3zCf0CstThKS8uMeBsaSJC9RrkQb5ncq+50xB1PmaU+asNoh9ZV 4SixzxmYcG/zIMxDmRLvk3IRGvXzkKFOeB4nthaNyZuhAZvL99Or+B2cwncV5L2Q bV4zshom9/LumERrCQ6dTWWfJIunpJE187+ZAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUPG1DWNKPYuWolSxV9vH/1yX8WMYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1BHMURXTktQWXVXb2xT eFY5dkhfMXlYOFdNWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAEr/powDQYJKoZIhvcNAQELBQADggEBAGAzrTPFpw1KT/9QxB1dqm9yIdkm4VA2 JzJyHOWU00NLsC/JAtm24QvMjJ6kN+4JPPBOxXgR5JPCVhMG9308aqY99C2r9MGq 3ETdAEa1uPlo+QuKcF8ICvb72y5PtUXvomsI8q6dt6V4a7212N9uQKUflqsu2D9w SjzwOklcmOIQgoXfP7LXlvwOleN/WGKSqG8kEBkshU+chgVb3B+WYi91fHVR15he 1CRb+cKjk9mTHPXLwM2Oai+HYiwKZbudHuFzJeaHoOlgISzwQboArZDpcW6k+4+N Clhlrcrb6Jxtv6Fart+thgXKwgaMS3bc7MQ0vkQNUcGtbmZ3SsL8Zt0= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org