$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/cfigs9KHt7Qvq7HaY7yr6ribp-g.roa File: cfigs9KHt7Qvq7HaY7yr6ribp-g.roa (raw, json) Hash identifier: yvpkQllVgNfis2eqqiioRYCKaTVePaYmgeH8MB5oRMA= Subject key identifier: 71:F8:A0:B3:D2:87:B7:B4:2F:AB:B1:DA:63:BC:AB:EA:B8:9B:A7:E8 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1490 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/cfigs9KHt7Qvq7HaY7yr6ribp-g.roa Signing time: Wed 11 Sep 2024 02:23:29 +0000 ROA not before: Wed 11 Sep 2024 02:23:29 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 17621 IP address blocks: 202.89.96.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5264 (0x1490) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:29 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=71F8A0B3D287B7B42FABB1DA63BCABEAB89BA7E8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:6c:bb:16:48:5b:57:a0:13:ab:d8:ec:63:c2: 23:2a:d2:20:62:ce:28:0a:47:d3:d2:bf:96:5f:d3: 12:28:46:2b:b9:63:d8:f4:d5:e6:52:5f:41:12:e3: b5:ef:8f:65:47:56:13:76:03:68:e2:d0:df:f6:16: a9:f0:39:25:fa:1f:aa:5e:c9:09:3e:08:fb:3f:53: 1c:2e:2f:bd:d3:95:4f:89:cc:43:92:d8:34:f4:f0: 6d:88:ed:7f:e3:0c:26:ab:26:fd:28:6b:66:37:ee: c1:33:b7:75:bc:a5:f8:85:da:ac:b5:67:25:4e:50: f2:f9:2d:4c:9c:87:a3:98:8a:77:76:da:65:96:cf: 9d:f9:d5:0e:22:87:c5:be:ff:f8:fc:0a:dc:a1:a7: a1:a8:40:76:34:6a:52:45:c5:6f:d8:a1:7d:17:4a: b8:5a:af:23:c8:56:d8:26:f9:c7:f7:64:0a:c7:d6: b5:b5:8a:a0:ba:b8:4b:9d:f7:43:49:3e:cf:8c:6c: 50:46:d5:47:b6:37:3d:02:3b:ab:23:ea:5b:0a:8f: 18:a0:3e:bf:a2:07:61:0b:f0:bc:ac:a4:1d:51:d8: 95:00:26:d1:42:4d:94:4c:9d:17:05:a1:a5:0b:78: f6:1b:55:50:e5:a1:17:10:86:c4:fb:83:c0:aa:8c: 28:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:F8:A0:B3:D2:87:B7:B4:2F:AB:B1:DA:63:BC:AB:EA:B8:9B:A7:E8 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/cfigs9KHt7Qvq7HaY7yr6ribp-g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.89.96.0/24 Signature Algorithm: sha256WithRSAEncryption 66:25:10:0e:0d:2c:fa:06:00:7f:ca:77:41:a0:2e:98:e1:22: 3a:2c:b0:5e:e4:a3:e3:6e:29:b5:fe:0e:ca:0f:b2:c7:72:5d: fb:eb:6d:52:59:81:7b:76:7c:ec:05:11:be:c9:26:38:67:fb: 00:5c:c0:a5:11:61:0e:03:a0:77:81:d6:58:a1:f4:c5:5e:1d: 85:61:84:5c:af:e0:a6:8e:6c:bb:9c:3e:42:af:ed:bf:3c:67: c8:c9:26:de:63:5e:79:47:01:ff:0b:eb:46:b7:d4:86:5c:53: f9:95:d9:f9:a6:d1:80:30:6c:84:92:27:9e:69:3c:6b:36:d8: db:7d:b0:83:52:a7:9b:97:db:c1:d7:7b:a9:e7:b0:84:cf:5f: 48:32:fe:b5:28:c9:c5:56:9c:87:68:ce:d1:64:0f:44:93:b6: 14:fd:f0:eb:d1:e7:89:7e:7b:c0:4a:dd:f0:89:79:1b:68:98: 20:a4:5b:81:c2:33:9b:56:5b:44:6e:ac:ff:0b:e0:59:37:da: 17:1d:ef:0a:20:96:61:3f:62:11:f6:b1:fd:61:e7:ea:5d:bc: 06:9d:15:92:04:b0:67:27:77:ba:b3:f9:ef:f4:12:9f:8c:a6: 85:93:f6:2a:9b:96:93:b5:0c:c4:c7:5d:cf:39:6e:89:a3:58: 7e:bd:f6:6f -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFJAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcxRjhBMEIzRDI4N0I3 QjQyRkFCQjFEQTYzQkNBQkVBQjg5QkE3RTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5bLsWSFtXoBOr2OxjwiMq0iBizigKR9PSv5Zf0xIoRiu5Y9j0 1eZSX0ES47Xvj2VHVhN2A2ji0N/2FqnwOSX6H6peyQk+CPs/UxwuL73TlU+JzEOS 2DT08G2I7X/jDCarJv0oa2Y37sEzt3W8pfiF2qy1ZyVOUPL5LUych6OYind22mWW z5351Q4ih8W+//j8Ctyhp6GoQHY0alJFxW/YoX0XSrharyPIVtgm+cf3ZArH1rW1 iqC6uEud90NJPs+MbFBG1Ue2Nz0CO6sj6lsKjxigPr+iB2EL8LyspB1R2JUAJtFC TZRMnRcFoaULePYbVVDloRcQhsT7g8CqjChnAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUcfigs9KHt7Qvq7HaY7yr6ribp+gwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2NmaWdzOUtIdDdRdnE3 SGFZN3lyNnJpYnAtZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKWWAwDQYJKoZIhvcNAQELBQADggEBAGYlEA4NLPoGAH/Kd0GgLpjhIjossF7k o+NuKbX+DsoPssdyXfvrbVJZgXt2fOwFEb7JJjhn+wBcwKURYQ4DoHeB1lih9MVe HYVhhFyv4KaObLucPkKv7b88Z8jJJt5jXnlHAf8L60a31IZcU/mV2fmm0YAwbISS J55pPGs22Nt9sINSp5uX28HXe6nnsITPX0gy/rUoycVWnIdoztFkD0STthT98OvR 54l+e8BK3fCJeRtomCCkW4HCM5tWW0RurP8L4Fk32hcd7woglmE/YhH2sf1h5+pd vAadFZIEsGcnd7qz+e/0Ep+MpoWT9iqblpO1DMTHXc85bomjWH699m8= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:13 2024 by rpki-client on console-fra.rpki-client.org