$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/JynpDsSDkWV5dekeW1fq5pnqy3w.roa File: JynpDsSDkWV5dekeW1fq5pnqy3w.roa (raw, json) Hash identifier: RFpoMPy6U13YCdc2oKIn/tjTfjtqRZYp6WXwUO7ksk4= Subject key identifier: 27:29:E9:0E:C4:83:91:65:79:75:E9:1E:5B:57:EA:E6:99:EA:CB:7C Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Certificate serial: 1B8E Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/JynpDsSDkWV5dekeW1fq5pnqy3w.roa Signing time: Thu 21 Nov 2024 09:32:20 +0000 ROA not before: Thu 21 Nov 2024 09:32:20 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 7018 IP address blocks: 43.254.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 02:23:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7054 (0x1b8e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Validity Not Before: Nov 21 09:32:20 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=2729E90EC48391657975E91E5B57EAE699EACB7C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:8b:c4:5d:3d:af:52:50:0e:b4:9d:54:ed:7c: 01:59:3e:e4:cf:c7:f8:91:53:fc:79:15:bd:13:64: a7:e3:79:23:e4:a3:61:f4:ad:c5:c5:5e:21:ea:5b: 59:e4:9e:f9:e5:7e:2f:a2:4c:f5:3c:77:79:87:24: d8:06:33:6e:14:76:0f:b9:be:0a:8f:d0:b0:93:28: 74:8f:ee:be:49:91:13:25:84:04:a8:2f:73:45:9e: 53:df:48:32:41:33:3d:08:3b:85:9b:43:c0:b7:78: b4:8f:ea:3f:7f:45:0e:46:04:89:e4:e4:b5:12:fc: 69:37:3e:34:2f:85:bc:25:d6:9e:d2:a2:90:6d:a3: 94:ce:2e:20:8f:ab:fb:47:43:7a:cd:ed:49:7e:e8: a4:7f:5a:43:90:40:cb:4f:8e:bb:d4:e2:f9:4a:90: fa:d3:24:7c:5c:f1:ee:f9:60:11:5d:bb:2c:59:42: 69:35:bc:10:2b:9c:12:1a:f7:be:1c:4f:61:df:65: ba:f9:34:46:75:bd:4f:68:6f:d4:d2:7b:c4:6c:2d: b9:6d:16:89:13:91:aa:56:f4:be:93:30:a7:c9:3b: 03:a8:11:3a:8c:9e:60:bd:48:1f:4f:ac:1a:1a:53: 7d:13:62:6a:63:03:58:67:0f:ed:77:bf:cf:05:5e: b2:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:29:E9:0E:C4:83:91:65:79:75:E9:1E:5B:57:EA:E6:99:EA:CB:7C X509v3 Authority Key Identifier: keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/JynpDsSDkWV5dekeW1fq5pnqy3w.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.128.0/22 Signature Algorithm: sha256WithRSAEncryption 21:3d:f2:a9:5e:da:6a:1f:17:3e:fc:d8:74:8f:1a:dd:f5:6f: 69:64:5f:71:eb:1c:e8:96:37:e9:97:a6:47:94:3f:99:fe:fe: 01:35:ef:c9:88:2a:6a:36:ab:85:20:65:6f:75:17:da:99:58: 98:38:c1:34:b7:b2:a4:ba:9f:8c:73:bb:c1:dd:04:3f:31:97: 64:8d:be:9b:41:27:ef:d3:3f:a7:94:79:24:98:5f:ea:02:26: fc:e4:05:a9:38:f7:e6:36:d5:2e:4c:2f:73:96:c0:bf:e8:57: 06:ef:04:0c:5b:52:09:7a:8b:8d:80:15:87:3b:c4:40:fa:da: 0d:4c:b4:93:be:49:a9:66:07:25:5d:dd:41:3a:3f:64:e9:90: 27:10:16:d1:2c:3d:2a:0e:3d:73:78:23:84:86:17:29:8b:db: 2e:ce:f4:50:18:52:60:69:ad:79:c5:4b:51:5f:3a:ff:06:0b: 5b:5e:18:fb:37:b5:99:cc:7e:42:bd:82:3e:a0:cb:74:53:9e: 80:d9:f5:4f:ce:c8:32:e9:fb:04:de:06:a5:04:aa:99:fa:0a: 6c:c2:75:72:d3:51:7b:2f:f7:0c:d6:45:23:b0:6e:f0:69:6d: 6b:fc:bd:bc:3d:c2:25:4d:be:f8:10:6c:e0:f8:65:b6:36:b3: 8b:ef:4e:35 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG44wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNDExMjEw OTMyMjBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDI3MjlFOTBFQzQ4Mzkx NjU3OTc1RTkxRTVCNTdFQUU2OTlFQUNCN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCmi8RdPa9SUA60nVTtfAFZPuTPx/iRU/x5Fb0TZKfjeSPko2H0 rcXFXiHqW1nknvnlfi+iTPU8d3mHJNgGM24Udg+5vgqP0LCTKHSP7r5JkRMlhASo L3NFnlPfSDJBMz0IO4WbQ8C3eLSP6j9/RQ5GBInk5LUS/Gk3PjQvhbwl1p7SopBt o5TOLiCPq/tHQ3rN7Ul+6KR/WkOQQMtPjrvU4vlKkPrTJHxc8e75YBFduyxZQmk1 vBArnBIa974cT2HfZbr5NEZ1vU9ob9TSe8RsLbltFokTkapW9L6TMKfJOwOoETqM nmC9SB9PrBoaU30TYmpjA1hnD+13v88FXrIzAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUJynpDsSDkWV5dekeW1fq5pnqy3wwHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL0p5bnBEc1NEa1dWNWRl a2VXMWZxNXBucXkzdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr/oAwDQYJKoZIhvcNAQELBQADggEBACE98qle2mofFz782HSPGt31b2lkX3Hr HOiWN+mXpkeUP5n+/gE178mIKmo2q4UgZW91F9qZWJg4wTS3sqS6n4xzu8HdBD8x l2SNvptBJ+/TP6eUeSSYX+oCJvzkBak49+Y21S5ML3OWwL/oVwbvBAxbUgl6i42A FYc7xED62g1MtJO+SalmByVd3UE6P2TpkCcQFtEsPSoOPXN4I4SGFymL2y7O9FAY UmBprXnFS1FfOv8GC1teGPs3tZnMfkK9gj6gy3RTnoDZ9U/OyDLp+wTeBqUEqpn6 CmzCdXLTUXsv9wzWRSOwbvBpbWv8vbw9wiVNvvgQbOD4ZbY2s4vvTjU= -----END CERTIFICATE-----Generated at Fri Nov 22 02:02:57 2024 by rpki-client on console-ams.rpki-client.org