$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/U2UULPVDQoa94MXg45u49FP5zeo.roa File: U2UULPVDQoa94MXg45u49FP5zeo.roa (raw, json) Hash identifier: 1tgHnhCc/uzpBmNsxT31rcNe0j7Wr+0gBa+0QvLXj/A= Subject key identifier: 53:65:14:2C:F5:43:42:86:BD:E0:C5:E0:E3:9B:B8:F4:53:F9:CD:EA Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0 Certificate serial: 0815 Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/U2UULPVDQoa94MXg45u49FP5zeo.roa Signing time: Tue 19 Nov 2024 12:40:42 +0000 ROA not before: Tue 19 Nov 2024 12:40:42 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 398704 IP address blocks: 58.66.182.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 09:50:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2069 (0x815) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0 Validity Not Before: Nov 19 12:40:42 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=5365142CF5434286BDE0C5E0E39BB8F453F9CDEA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:29:f9:03:0c:f0:b6:da:9a:12:9f:c1:af:d6: 80:fe:b1:aa:5c:1f:ba:56:47:05:77:fa:d7:1e:ac: 8f:4c:8f:ed:b0:8e:dc:5c:f6:61:8a:bf:69:26:0d: c1:2a:1f:28:db:c5:e0:d3:14:84:8c:10:ba:7a:e3: 2b:0d:c2:48:94:47:92:db:6c:42:0f:4f:c6:ef:9f: 1a:16:da:10:96:95:79:87:9e:f6:84:ec:c5:a1:8e: 96:41:a5:a0:fb:70:0d:da:f9:ff:24:9e:09:92:0e: e3:38:ad:81:54:ad:64:0d:ac:7b:05:81:fc:83:65: 71:35:c6:65:82:f2:76:69:5e:d9:d5:13:b2:bf:58: e1:32:37:e0:34:44:08:29:a4:5b:d1:05:fe:e6:41: c2:34:e6:85:be:33:c0:50:fd:45:34:0d:78:e6:8b: 00:70:72:46:f9:39:44:8e:73:51:4b:0f:19:a5:dd: b1:8e:41:42:f7:1d:79:dc:9d:06:42:f2:32:18:04: f1:cb:95:7a:b4:e4:9a:3d:70:a4:54:ce:f1:d9:51: 35:f1:05:87:7f:62:79:b6:f2:aa:45:d6:43:e9:37: 1d:04:c7:6d:7c:dc:2e:9d:e6:d3:fe:2b:6d:91:be: 10:e0:74:45:59:0c:fc:11:22:95:18:87:65:5d:9a: 6d:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:65:14:2C:F5:43:42:86:BD:E0:C5:E0:E3:9B:B8:F4:53:F9:CD:EA X509v3 Authority Key Identifier: keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/U2UULPVDQoa94MXg45u49FP5zeo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 58.66.182.0/24 Signature Algorithm: sha256WithRSAEncryption 4d:01:1e:a7:e0:3a:2e:18:c6:63:e7:38:d4:00:6a:83:18:48: 04:49:a0:30:ed:a6:c2:be:db:4f:a4:25:3f:3b:c6:dc:6d:e4: fa:25:39:bf:e4:f4:8d:84:da:5f:6b:d3:cf:0e:ee:22:84:26: 80:11:a0:f3:8b:28:3b:99:e3:9f:91:5c:51:0d:be:22:53:a7: 62:87:07:6a:48:d9:ad:f7:f2:4c:35:0a:ac:92:f0:96:d1:e1: 8d:a1:9c:81:77:ef:57:3f:ee:05:d2:e0:27:bb:c6:18:88:80: 67:b5:9a:27:5e:9a:9a:c6:ef:b9:3d:d4:22:9a:04:04:50:7a: 8f:c0:2b:bd:fb:68:da:d3:8c:ec:d9:e4:62:7f:e5:a6:32:8c: 9c:e9:7c:9b:45:82:67:9c:86:12:99:06:0d:dd:1d:c3:2a:ae: 1f:3c:21:b1:bf:50:c6:61:8b:25:d1:20:2e:0e:37:6a:3f:ba: ba:8e:b8:65:30:72:12:29:28:15:12:6b:9b:47:f2:ae:41:37: 9f:1f:ba:6a:9d:02:4d:6d:07:8e:98:9c:da:7e:3a:38:ab:3a: f2:9c:ba:f5:9e:06:e0:61:a4:72:88:00:95:01:8e:27:18:2b: c0:07:88:aa:6d:19:0f:8a:ef:43:01:17:79:c3:36:09:59:85: be:fd:0d:d2 -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgICCBUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4 MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNDExMTkx MjQwNDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDUzNjUxNDJDRjU0MzQy ODZCREUwQzVFMEUzOUJCOEY0NTNGOUNERUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJKfkDDPC22poSn8Gv1oD+sapcH7pWRwV3+tcerI9Mj+2wjtxc 9mGKv2kmDcEqHyjbxeDTFISMELp64ysNwkiUR5LbbEIPT8bvnxoW2hCWlXmHnvaE 7MWhjpZBpaD7cA3a+f8kngmSDuM4rYFUrWQNrHsFgfyDZXE1xmWC8nZpXtnVE7K/ WOEyN+A0RAgppFvRBf7mQcI05oW+M8BQ/UU0DXjmiwBwckb5OUSOc1FLDxml3bGO QUL3HXncnQZC8jIYBPHLlXq05Jo9cKRUzvHZUTXxBYd/Ynm28qpF1kPpNx0Ex218 3C6d5tP+K22RvhDgdEVZDPwRIpUYh2Vdmm3/AgMBAAGjggHtMIIB6TAdBgNVHQ4E FgQUU2UULPVDQoa94MXg45u49FP5zeowHwYDVR0jBBgwFoAUlIG05AkBXY630D82 A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvVTJVVUxQVkRRb2E5NE1YZzQ1 dTQ5RlA1emVvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADpC tjANBgkqhkiG9w0BAQsFAAOCAQEATQEep+A6LhjGY+c41ABqgxhIBEmgMO2mwr7b T6QlPzvG3G3k+iU5v+T0jYTaX2vTzw7uIoQmgBGg84soO5njn5FcUQ2+IlOnYocH akjZrffyTDUKrJLwltHhjaGcgXfvVz/uBdLgJ7vGGIiAZ7WaJ16amsbvuT3UIpoE BFB6j8Arvfto2tOM7NnkYn/lpjKMnOl8m0WCZ5yGEpkGDd0dwyquHzwhsb9QxmGL JdEgLg43aj+6uo64ZTByEikoFRJrm0fyrkE3nx+6ap0CTW0Hjpic2n46OKs68py6 9Z4G4GGkcogAlQGOJxgrwAeIqm0ZD4rvQwEXecM2CVmFvv0N0g== -----END CERTIFICATE-----Generated at Fri Nov 22 06:38:13 2024 by rpki-client on console-ams.rpki-client.org