$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/eHJWiqsGCG9ZLkRLTHRsGltYIS4.roa File: eHJWiqsGCG9ZLkRLTHRsGltYIS4.roa (raw, json) Hash identifier: hyWQF1LXsHiVIwgtK9t0cmYGbdq03Hyk+mzotFIK7xQ= Subject key identifier: 78:72:56:8A:AB:06:08:6F:59:2E:44:4B:4C:74:6C:1A:5B:58:21:2E Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Certificate serial: 1B82 Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/eHJWiqsGCG9ZLkRLTHRsGltYIS4.roa Signing time: Thu 21 Nov 2024 09:32:16 +0000 ROA not before: Thu 21 Nov 2024 09:32:16 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 7018 IP address blocks: 115.31.68.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 16 Feb 2025 16:56:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7042 (0x1b82) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Validity Not Before: Nov 21 09:32:16 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=7872568AAB06086F592E444B4C746C1A5B58212E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:aa:c2:39:8d:b7:b1:00:76:a1:2e:92:a8:37: 99:df:a9:22:c3:8c:73:50:91:78:c9:62:86:93:07: 0d:b8:00:67:1d:5e:44:19:bc:28:f9:74:c0:45:75: 2c:b3:08:d1:3f:c1:74:f4:f0:81:a0:60:b4:35:3e: 01:7d:5a:6f:cd:6c:10:b7:8d:38:ac:a1:8b:65:79: b0:44:7d:31:d4:95:7d:46:eb:3f:7b:8a:fd:a9:99: 00:7a:ce:d8:78:4c:da:d4:08:90:dd:d7:71:37:7f: c0:11:2e:96:0c:0a:e7:76:82:c8:e9:be:ec:a4:75: 93:fc:09:48:16:84:df:c8:6e:77:a5:a6:8d:76:55: b1:7a:a7:27:96:83:03:75:00:9b:c4:c8:ef:5d:4e: ec:52:25:ec:4f:1b:3e:ab:1b:cc:09:65:6c:76:3b: 20:f8:82:7f:2f:95:74:ea:3f:42:91:fe:7a:29:93: 8f:5c:c7:57:7c:b0:15:c3:9d:12:e9:3d:ca:fe:1a: a0:1e:8c:7f:7d:fc:cc:82:25:a6:1b:58:95:01:6c: 2b:60:6f:00:c6:85:5e:7e:fc:a8:cb:0a:ca:68:0c: 9f:64:da:8e:16:9e:73:8a:4a:10:1f:e6:1e:9f:8b: 3f:72:40:a4:03:ad:c5:51:c5:f3:bb:ee:31:2a:e2: b9:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:72:56:8A:AB:06:08:6F:59:2E:44:4B:4C:74:6C:1A:5B:58:21:2E X509v3 Authority Key Identifier: keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/eHJWiqsGCG9ZLkRLTHRsGltYIS4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.31.68.0/22 Signature Algorithm: sha256WithRSAEncryption 37:a8:ba:a7:08:34:70:83:43:d0:fa:71:90:7b:9c:cf:22:66: 57:55:c0:6e:5d:59:54:d9:1d:37:d5:90:28:2b:3d:08:5e:59: c8:53:d3:06:55:72:16:8e:ab:7d:4e:3f:28:b1:8a:d5:11:c9: 1f:4e:3d:5d:96:76:3c:2f:e1:6c:ad:04:b1:02:16:5a:36:11: 8b:22:2a:8a:f8:7e:d3:da:be:31:db:a8:5d:29:7a:12:b2:f4: 1d:47:fa:46:e2:5e:5e:5a:4d:c0:cd:7f:ba:9e:7b:0d:92:76: 25:fc:69:b5:aa:2c:44:eb:47:eb:6e:b8:b9:25:18:09:fd:a8: c0:56:e5:24:8c:5c:a6:a7:1d:1e:45:ac:3e:df:3a:11:79:2f: 03:aa:c1:92:18:0f:79:4e:81:0f:3a:b4:a3:ef:de:f8:0d:51: 1b:98:35:5f:54:7c:cb:b4:b4:22:c2:27:ee:03:f0:85:85:9e: 02:48:eb:9c:ac:91:cd:f9:3e:9c:ae:c7:fe:6a:8d:87:42:f8: d3:b7:bc:64:83:e3:c8:c4:2d:7a:e1:9b:a9:c9:3c:91:10:60: 19:74:bb:6c:9c:f7:d1:61:09:51:54:0d:9c:c1:01:34:f7:2c: 08:7c:c4:f4:f5:ef:a1:d7:06:27:cb:47:fd:bd:62:2d:f1:22: 82:e7:e9:47 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG4IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNDExMjEw OTMyMTZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDc4NzI1NjhBQUIwNjA4 NkY1OTJFNDQ0QjRDNzQ2QzFBNUI1ODIxMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOqsI5jbexAHahLpKoN5nfqSLDjHNQkXjJYoaTBw24AGcdXkQZ vCj5dMBFdSyzCNE/wXT08IGgYLQ1PgF9Wm/NbBC3jTisoYtlebBEfTHUlX1G6z97 iv2pmQB6zth4TNrUCJDd13E3f8ARLpYMCud2gsjpvuykdZP8CUgWhN/Ibnelpo12 VbF6pyeWgwN1AJvEyO9dTuxSJexPGz6rG8wJZWx2OyD4gn8vlXTqP0KR/nopk49c x1d8sBXDnRLpPcr+GqAejH99/MyCJaYbWJUBbCtgbwDGhV5+/KjLCspoDJ9k2o4W nnOKShAf5h6fiz9yQKQDrcVRxfO77jEq4rnHAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUeHJWiqsGCG9ZLkRLTHRsGltYIS4wHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL2VISldpcXNHQ0c5Wkxr UkxUSFJzR2x0WUlTNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJzH0QwDQYJKoZIhvcNAQELBQADggEBADeouqcINHCDQ9D6cZB7nM8iZldVwG5d WVTZHTfVkCgrPQheWchT0wZVchaOq31OPyixitURyR9OPV2Wdjwv4WytBLECFlo2 EYsiKor4ftPavjHbqF0pehKy9B1H+kbiXl5aTcDNf7qeew2SdiX8abWqLETrR+tu uLklGAn9qMBW5SSMXKanHR5FrD7fOhF5LwOqwZIYD3lOgQ86tKPv3vgNURuYNV9U fMu0tCLCJ+4D8IWFngJI65yskc35Ppyux/5qjYdC+NO3vGSD48jELXrhm6nJPJEQ YBl0u2yc99FhCVFUDZzBATT3LAh8xPT176HXBifLR/29Yi3xIoLn6Uc= -----END CERTIFICATE-----Generated at Sun Feb 16 15:20:57 2025 by rpki-client