$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/K2RGS6jm4kRR9OqeQBXJX6AYF88.roa File: K2RGS6jm4kRR9OqeQBXJX6AYF88.roa (raw, json) Hash identifier: cO9dVVNLGT6sRRdy6lFZe+sBC1hhCLRlB9ZNvzieM4E= Subject key identifier: 2B:64:46:4B:A8:E6:E2:44:51:F4:EA:9E:40:15:C9:5F:A0:18:17:CF Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Certificate serial: 07 Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/K2RGS6jm4kRR9OqeQBXJX6AYF88.roa Signing time: Tue 16 Apr 2024 01:14:00 +0000 ROA not before: Tue 16 Apr 2024 01:14:00 +0000 ROA not after: Tue 15 Apr 2025 09:24:38 +0000 asID: 58834 IP address blocks: 119.2.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Apr 2024 04:53:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7 (0x7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Validity Not Before: Apr 16 01:14:00 2024 GMT Not After : Apr 15 09:24:38 2025 GMT Subject: CN=2B64464BA8E6E24451F4EA9E4015C95FA01817CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:24:8e:55:b7:ee:33:7e:ed:00:f0:dd:4a:4d: 04:90:b6:3e:85:a3:e0:79:76:cb:4a:a3:b0:3e:e5: e0:87:21:5c:1c:74:64:4e:9c:22:0f:5c:7b:38:2f: b4:cc:e3:65:ca:0a:15:1b:f4:1a:3e:89:42:71:45: f5:e5:ab:e1:60:18:02:17:88:57:d6:f0:db:c4:e2: 60:fc:af:44:bd:cb:66:78:fb:2e:19:4d:52:3f:46: 20:9f:10:cf:71:5a:3c:e9:d0:0c:b4:82:cc:49:2d: b6:93:44:13:b1:cc:d0:b7:64:67:a7:e4:df:65:29: 75:3b:d9:f5:dd:eb:d0:9d:2d:fa:03:97:e6:58:19: 8d:ee:f6:7c:50:d4:2a:82:39:f1:35:ea:af:5c:43: d1:f9:0a:83:4f:fa:68:71:a7:c1:09:ea:55:96:25: f8:dd:93:bc:6d:fb:55:4c:33:5d:d5:b7:64:c1:ab: 0a:c9:45:09:a0:89:69:d4:a3:c5:1d:6d:0e:09:26: 8a:ec:02:6b:87:d2:80:f0:1e:4c:c2:d4:cb:e7:6e: 39:15:ee:5d:7e:d3:4c:59:06:a2:fa:60:19:60:ba: bb:a4:03:b7:90:f4:8e:fd:54:aa:b5:f3:9b:39:04: bc:87:8f:27:1e:54:47:6a:c5:2e:dd:6b:5a:c7:f7: 6c:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:64:46:4B:A8:E6:E2:44:51:F4:EA:9E:40:15:C9:5F:A0:18:17:CF X509v3 Authority Key Identifier: keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/K2RGS6jm4kRR9OqeQBXJX6AYF88.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.2.255.0/24 Signature Algorithm: sha256WithRSAEncryption 3c:10:1f:25:4f:8b:c0:ec:d8:d9:dc:f0:57:b3:a4:bc:6e:78: 6e:af:30:8d:a3:ae:48:77:5a:fa:18:c0:38:33:95:87:5d:b9: 8f:1f:f7:b8:f9:fc:ab:76:8e:e4:3f:61:61:64:b9:3d:62:b8: 34:9a:5d:ef:66:cf:3f:3a:75:a0:ed:db:de:ef:71:8f:bb:8e: 94:a3:40:3b:d8:0d:af:4f:21:f5:b8:9e:f5:df:1a:31:da:d6: 14:6c:de:6c:d4:ce:d9:61:2b:b3:b5:59:75:55:30:07:73:03: 51:cb:7a:3c:1c:b9:a6:c3:ec:c2:72:1d:13:b7:33:09:61:e4: c9:21:9d:ac:5d:52:37:63:43:11:fe:5e:13:62:d2:d9:7c:80: fa:7a:51:db:c3:c1:27:75:3d:5d:98:9b:c6:9f:d6:4a:9d:2e: 33:a8:f7:3b:91:d3:c1:3d:a3:9d:98:c7:78:94:89:a5:3f:e5: 67:16:21:cc:11:c9:6c:ea:e5:6b:d6:57:86:42:2c:3e:64:b0: 21:52:68:97:46:23:cf:d8:4b:d2:e4:b3:6f:44:71:ed:84:9b: 88:a8:c2:fb:b6:69:4e:71:79:3a:1b:46:ec:83:ea:42:c9:7d: 18:6e:1e:ca:ea:1b:a9:3d:b3:f4:4f:02:fc:ef:fe:ce:35:ca: 36:3b:65:69 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIBBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhERUJG QzkwMEVEQzM0RjgxREE0ODI3RjFGOUY2M0QwNEUwRTJGNzU2MB4XDTI0MDQxNjAx MTQwMFoXDTI1MDQxNTA5MjQzOFowMzExMC8GA1UEAxMoMkI2NDQ2NEJBOEU2RTI0 NDUxRjRFQTlFNDAxNUM5NUZBMDE4MTdDRjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALEkjlW37jN+7QDw3UpNBJC2PoWj4Hl2y0qjsD7l4IchXBx0ZE6c Ig9cezgvtMzjZcoKFRv0Gj6JQnFF9eWr4WAYAheIV9bw28TiYPyvRL3LZnj7LhlN Uj9GIJ8Qz3FaPOnQDLSCzEkttpNEE7HM0LdkZ6fk32UpdTvZ9d3r0J0t+gOX5lgZ je72fFDUKoI58TXqr1xD0fkKg0/6aHGnwQnqVZYl+N2TvG37VUwzXdW3ZMGrCslF CaCJadSjxR1tDgkmiuwCa4fSgPAeTMLUy+duORXuXX7TTFkGovpgGWC6u6QDt5D0 jv1UqrXzmzkEvIePJx5UR2rFLt1rWsf3bAsCAwEAAaOCAfEwggHtMB0GA1UdDgQW BBQrZEZLqObiRFH06p5AFclfoBgXzzAfBgNVHSMEGDAWgBTev8kA7cNPgdpIJ/H5 9j0E4OL3VjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82MjMv M3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC8zcl9KQU8zRFQ0SGFTQ2Z4LWZZOUJPRGk5MVkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82MjMvSzJSR1M2am00a1JSOU9x ZVFCWEpYNkFZRjg4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj LmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AHcC/zANBgkqhkiG9w0BAQsFAAOCAQEAPBAfJU+LwOzY2dzwV7OkvG54bq8wjaOu SHda+hjAODOVh125jx/3uPn8q3aO5D9hYWS5PWK4NJpd72bPPzp1oO3b3u9xj7uO lKNAO9gNr08h9bie9d8aMdrWFGzebNTO2WErs7VZdVUwB3MDUct6PBy5psPswnId E7czCWHkySGdrF1SN2NDEf5eE2LS2XyA+npR28PBJ3U9XZibxp/WSp0uM6j3O5HT wT2jnZjHeJSJpT/lZxYhzBHJbOrla9ZXhkIsPmSwIVJol0Yjz9hL0uSzb0Rx7YSb iKjC+7ZpTnF5OhtG7IPqQsl9GG4eyuobqT2z9E8C/O/+zjXKNjtlaQ== -----END CERTIFICATE-----Generated at Sun Apr 21 04:20:07 2024 by rpki-client on console-ams.rpki-client.org