$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/29ub-lKLtsbqs62l_yVrlPwipLM.roa File: 29ub-lKLtsbqs62l_yVrlPwipLM.roa (raw, json) Hash identifier: 9bSep+SZQmcZFQp9cG1lHj2vCQhovlsaLPVG+yNqaY4= Subject key identifier: DB:DB:9B:FA:52:8B:B6:C6:EA:B3:AD:A5:FF:25:6B:94:FC:22:A4:B3 Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Certificate serial: 0B8C Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/29ub-lKLtsbqs62l_yVrlPwipLM.roa Signing time: Fri 31 May 2024 08:22:24 +0000 ROA not before: Fri 31 May 2024 08:22:24 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 23853 IP address blocks: 211.147.79.0/24 maxlen: 32 211.147.92.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2956 (0xb8c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Validity Not Before: May 31 08:22:24 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=DBDB9BFA528BB6C6EAB3ADA5FF256B94FC22A4B3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:9d:72:82:e9:63:65:80:df:06:9e:3a:1d:5b: e2:a9:f5:0d:50:ef:d8:3b:b5:d2:c6:40:e0:b2:86: 2a:d8:53:33:ba:a8:3f:80:7e:53:41:6a:ef:0e:15: 18:cf:99:91:e6:60:e4:fc:7c:b5:b2:5e:9d:a0:d2: ab:f4:06:f5:81:e6:85:69:bf:75:73:b2:aa:03:f1: 27:d0:86:c6:64:8b:ec:af:62:4b:bd:d6:5f:04:bf: e7:6a:6f:5a:77:43:e8:42:2c:6f:d8:b1:44:dd:a9: 31:6a:5d:c3:f0:c3:17:1d:3b:63:ac:34:23:9f:8c: 98:54:cb:7f:29:81:ef:18:7b:89:05:04:ad:81:eb: 13:5d:ea:98:20:d8:6a:fd:9d:1f:ef:ab:8e:b7:8c: 43:af:fc:18:4c:8f:0c:5e:ae:8f:66:64:8a:a4:e6: 6d:7c:60:0d:e0:9a:d5:60:5e:39:54:10:47:c4:25: 40:45:3c:4f:ab:b8:32:a9:1b:32:0e:33:c9:97:bb: 5d:8a:f4:cf:a7:cb:96:71:56:d9:98:a4:19:6d:c8: ee:03:d8:ac:73:06:1c:f8:3b:15:ae:9a:a3:c7:66: 37:85:b1:b8:f6:e0:3b:36:52:57:b5:9f:ae:4f:63: 3f:92:fb:ec:28:25:22:a3:cb:ae:84:54:e3:83:a1: df:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:DB:9B:FA:52:8B:B6:C6:EA:B3:AD:A5:FF:25:6B:94:FC:22:A4:B3 X509v3 Authority Key Identifier: keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/29ub-lKLtsbqs62l_yVrlPwipLM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.147.79.0/24 211.147.92.0/24 Signature Algorithm: sha256WithRSAEncryption 83:41:50:ce:16:72:2f:be:6d:fa:31:4d:db:61:b2:34:9e:cb: a4:16:66:1f:61:45:8d:1f:b4:97:2c:1a:b6:ba:00:8f:83:8f: e3:ca:6f:93:e2:91:c9:97:e0:26:a7:9b:e9:59:1f:af:fe:47: 5f:f2:bb:68:ce:17:fb:55:d2:79:8b:19:e3:65:d4:6a:6d:78: c1:bc:8f:8a:2d:ad:d2:b4:45:54:ab:e6:f9:f1:28:1d:1c:ad: 52:c7:5c:f9:35:4e:9e:1c:e5:aa:36:c2:08:0c:6a:02:75:5b: 98:9b:75:7e:3d:26:7b:dc:a7:bb:7e:19:bb:59:34:6f:e0:91: 46:a2:4b:c1:f2:ae:49:8d:d4:8d:1f:d2:f0:d8:a5:80:88:67: 31:7d:35:f8:86:38:d2:aa:84:18:f6:07:46:a2:6b:0a:a9:72: 64:ea:b6:f6:da:a0:95:7f:08:73:9a:dd:38:72:a0:ec:d3:d0: 0a:ad:17:a6:82:44:4c:0a:df:87:77:c2:48:64:d8:9a:76:a7: 0c:32:b3:8e:c6:1b:f1:a0:69:33:e2:19:4c:35:fa:66:86:8b: f4:37:62:91:fc:8e:0d:e5:1d:1d:9a:9d:3c:bb:54:af:df:a7: 0c:9f:d1:0f:04:82:ba:dc:8d:38:c9:6f:1c:4c:d1:d1:2b:bb: a0:04:5b:21 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICC4wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yNDA1MzEw ODIyMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERCREI5QkZBNTI4QkI2 QzZFQUIzQURBNUZGMjU2Qjk0RkMyMkE0QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvnXKC6WNlgN8GnjodW+Kp9Q1Q79g7tdLGQOCyhirYUzO6qD+A flNBau8OFRjPmZHmYOT8fLWyXp2g0qv0BvWB5oVpv3VzsqoD8SfQhsZki+yvYku9 1l8Ev+dqb1p3Q+hCLG/YsUTdqTFqXcPwwxcdO2OsNCOfjJhUy38pge8Ye4kFBK2B 6xNd6pgg2Gr9nR/vq463jEOv/BhMjwxero9mZIqk5m18YA3gmtVgXjlUEEfEJUBF PE+ruDKpGzIOM8mXu12K9M+ny5ZxVtmYpBltyO4D2KxzBhz4OxWumqPHZjeFsbj2 4Ds2Ule1n65PYz+S++woJSKjy66EVOODod+RAgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQU29ub+lKLtsbqs62l/yVrlPwipLMwHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7 wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS8yOXViLWxLTHRzYnFzNjJs X3lWcmxQd2lwTE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA 05NPAwQA05NcMA0GCSqGSIb3DQEBCwUAA4IBAQCDQVDOFnIvvm36MU3bYbI0nsuk FmYfYUWNH7SXLBq2ugCPg4/jym+T4pHJl+Amp5vpWR+v/kdf8rtozhf7VdJ5ixnj ZdRqbXjBvI+KLa3StEVUq+b58SgdHK1Sx1z5NU6eHOWqNsIIDGoCdVuYm3V+PSZ7 3Ke7fhm7WTRv4JFGokvB8q5JjdSNH9Lw2KWAiGcxfTX4hjjSqoQY9gdGomsKqXJk 6rb22qCVfwhzmt04cqDs09AKrRemgkRMCt+Hd8JIZNiadqcMMrOOxhvxoGkz4hlM Nfpmhov0N2KR/I4N5R0dmp08u1Sv36cMn9EPBIK63I04yW8cTNHRK7ugBFsh -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:14 2024 by rpki-client on console-fra.rpki-client.org