$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/FLVIGbsruxVWVDpy-8qGy3_w5jY.roa File: FLVIGbsruxVWVDpy-8qGy3_w5jY.roa (raw, json) Hash identifier: /mnYVQ/yZMEqRo2dCkTnU6O8eqJ/xyzKsJGvGGnpF8Y= Subject key identifier: 14:B5:48:19:BB:2B:BB:15:56:54:3A:72:FB:CA:86:CB:7F:F0:E6:36 Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Certificate serial: 1B87 Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/FLVIGbsruxVWVDpy-8qGy3_w5jY.roa Signing time: Thu 21 Nov 2024 09:32:18 +0000 ROA not before: Thu 21 Nov 2024 09:32:18 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 398704 IP address blocks: 43.254.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7047 (0x1b87) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Validity Not Before: Nov 21 09:32:18 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=14B54819BB2BBB1556543A72FBCA86CB7FF0E636 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:34:75:bf:64:de:49:9b:76:5a:5f:b8:15:09: 5c:6e:2d:46:db:76:b1:a3:cb:f0:45:80:67:2a:18: 63:63:9a:8e:41:d0:af:a9:d8:10:1a:25:cb:5f:a7: 47:52:95:76:6e:98:6e:ee:1e:39:af:ae:2a:4f:d8: e7:4c:db:40:eb:e1:51:39:da:b4:0e:26:b4:d1:e6: 4f:17:9f:42:e1:24:37:33:39:bf:a5:7b:92:6a:cb: 7c:db:d4:c8:6d:9b:45:21:a5:f2:cb:b2:4b:4b:9a: 3e:0a:a0:88:b7:00:a3:a1:21:3e:9f:fa:23:6e:b8: 48:6d:75:93:20:ad:04:fb:b0:32:1a:b8:8f:26:2b: 7f:a5:1a:e9:25:3f:1a:e1:65:0a:0c:b3:46:e6:3b: 79:3b:b7:48:6b:ab:cd:55:98:8d:6f:b3:49:c7:6b: 6b:fb:54:55:cc:77:cc:50:76:51:c1:48:5b:cd:8a: 71:c8:5b:76:20:81:de:d7:5b:70:a2:3d:35:0c:83: a7:e4:04:2a:d8:88:bd:43:81:9e:10:1e:a4:fd:64: 6a:70:5b:5a:fa:a0:f5:d6:3e:44:0c:d7:aa:ed:d9: f3:c1:85:16:f3:70:72:9d:78:8b:3c:b2:f0:1a:12: 84:97:02:2c:38:b9:7b:b2:7c:d8:01:60:82:7a:a5: 9f:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:B5:48:19:BB:2B:BB:15:56:54:3A:72:FB:CA:86:CB:7F:F0:E6:36 X509v3 Authority Key Identifier: keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/FLVIGbsruxVWVDpy-8qGy3_w5jY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.128.0/22 Signature Algorithm: sha256WithRSAEncryption 9d:a2:ba:aa:51:7e:59:9d:f2:1b:e0:b5:ac:ea:35:17:2d:20: 6e:ba:9a:f2:2f:aa:66:4f:bd:33:5f:57:00:e0:6e:7c:2d:3d: ea:cd:94:22:d2:b7:bc:4b:67:c6:7d:0a:d0:34:05:bf:59:48: c6:5b:e4:c4:a9:62:03:5d:fe:3b:d2:60:f7:83:db:51:98:96: b6:b6:d8:a4:18:25:3a:4c:81:10:02:7b:67:8a:61:44:d8:f0: 1d:cb:09:46:ec:59:82:19:1d:e1:87:8e:d3:c3:50:11:77:d0: fb:e5:73:73:4e:fd:40:d1:57:40:54:48:01:6c:b0:6d:e4:bc: 0c:d5:48:a0:39:8a:b8:47:1f:2c:3e:cc:92:a5:50:a0:e3:2f: c1:b3:57:6a:e0:7e:73:cb:66:14:38:fb:8e:73:7f:66:5d:44: 1d:dd:91:13:92:53:16:12:2b:40:32:73:a6:30:3c:90:b5:de: 3e:b0:a6:89:f2:05:38:d9:33:6f:e5:f8:9a:37:27:23:fb:6a: 50:df:64:e7:c4:1f:ed:dc:26:88:da:4a:26:da:e9:71:d0:37: 2f:48:5b:75:55:d9:3a:38:b1:e6:f2:bc:5a:45:fa:ca:03:0b: 9b:85:0c:28:20:82:14:b1:ae:4e:eb:31:61:f9:3d:7f:95:bc: 05:52:10:ea -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG4cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNDExMjEw OTMyMThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDE0QjU0ODE5QkIyQkJC MTU1NjU0M0E3MkZCQ0E4NkNCN0ZGMEU2MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCgNHW/ZN5Jm3ZaX7gVCVxuLUbbdrGjy/BFgGcqGGNjmo5B0K+p 2BAaJctfp0dSlXZumG7uHjmvripP2OdM20Dr4VE52rQOJrTR5k8Xn0LhJDczOb+l e5Jqy3zb1Mhtm0UhpfLLsktLmj4KoIi3AKOhIT6f+iNuuEhtdZMgrQT7sDIauI8m K3+lGuklPxrhZQoMs0bmO3k7t0hrq81VmI1vs0nHa2v7VFXMd8xQdlHBSFvNinHI W3Yggd7XW3CiPTUMg6fkBCrYiL1DgZ4QHqT9ZGpwW1r6oPXWPkQM16rt2fPBhRbz cHKdeIs8svAaEoSXAiw4uXuyfNgBYIJ6pZ+FAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUFLVIGbsruxVWVDpy+8qGy3/w5jYwHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL0ZMVklHYnNydXhWV1ZE cHktOHFHeTNfdzVqWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr/oAwDQYJKoZIhvcNAQELBQADggEBAJ2iuqpRflmd8hvgtazqNRctIG66mvIv qmZPvTNfVwDgbnwtPerNlCLSt7xLZ8Z9CtA0Bb9ZSMZb5MSpYgNd/jvSYPeD21GY lra22KQYJTpMgRACe2eKYUTY8B3LCUbsWYIZHeGHjtPDUBF30Pvlc3NO/UDRV0BU SAFssG3kvAzVSKA5irhHHyw+zJKlUKDjL8GzV2rgfnPLZhQ4+45zf2ZdRB3dkROS UxYSK0Ayc6YwPJC13j6wponyBTjZM2/l+Jo3JyP7alDfZOfEH+3cJojaSiba6XHQ Ny9IW3VV2To4sebyvFpF+soDC5uFDCggghSxrk7rMWH5PX+VvAVSEOo= -----END CERTIFICATE-----Generated at Fri Nov 22 06:38:13 2024 by rpki-client on console-ams.rpki-client.org