$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/721/pCD7g6xZIOYEt3L4B5Kw69Iijwg.roa File: pCD7g6xZIOYEt3L4B5Kw69Iijwg.roa (raw, json) Hash identifier: GqobMFyHZb/uTGS5by9T74r2Dh3iM+3w+uYHclash2A= Subject key identifier: A4:20:FB:83:AC:59:20:E6:04:B7:72:F8:07:92:B0:EB:D2:22:8F:08 Certificate issuer: /CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A Certificate serial: 17C2 Authority key identifier: EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/pCD7g6xZIOYEt3L4B5Kw69Iijwg.roa Signing time: Tue 24 Sep 2024 00:18:54 +0000 ROA not before: Tue 24 Sep 2024 00:18:54 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 56040 IP address blocks: 43.255.212.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6082 (0x17c2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A Validity Not Before: Sep 24 00:18:54 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=A420FB83AC5920E604B772F80792B0EBD2228F08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:ae:e3:08:0e:35:25:7e:84:ce:af:15:2d:21: b8:5d:83:4c:e9:23:d2:01:61:70:ec:2b:81:4b:a9: cf:a3:d7:25:2c:30:92:d2:b4:05:96:83:90:99:b2: e4:97:95:17:e3:dd:dc:cc:bc:f6:4a:e7:eb:d3:4b: ae:a1:1d:85:4f:ba:f3:42:4f:62:9f:b8:57:b6:a8: 23:77:2b:69:89:da:27:d3:bf:81:1b:a4:58:8a:c8: 5e:56:e7:10:a6:fa:0c:12:66:f8:35:36:2d:c2:89: d2:f3:b6:07:9e:03:a5:eb:d1:fd:a5:98:5f:72:20: 75:d8:d2:96:ee:ff:df:f7:b5:b1:36:b7:19:43:a4: 12:10:5a:e3:b8:af:39:3d:29:c6:ab:7a:05:c7:9f: f1:59:1f:d5:df:91:74:f1:e1:08:0f:c1:37:c6:c7: 35:6e:2c:c1:bd:e6:fe:d6:e6:e5:07:4b:4d:6d:c6: 72:a0:c3:70:7b:40:ea:8f:2e:c0:9c:d2:ac:b4:c5: 56:55:9a:4a:15:12:d7:ad:d1:fa:cc:a0:a9:35:52: d5:ab:27:23:ef:1c:ae:73:38:a0:7e:b3:80:0e:b8: fc:a4:e1:b4:f8:12:e7:20:fb:9f:b6:e3:54:18:ea: dc:2e:63:86:96:33:01:a5:72:cb:f3:dc:d9:d9:59: 36:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:20:FB:83:AC:59:20:E6:04:B7:72:F8:07:92:B0:EB:D2:22:8F:08 X509v3 Authority Key Identifier: keyid:EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/pCD7g6xZIOYEt3L4B5Kw69Iijwg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.255.212.0/22 Signature Algorithm: sha256WithRSAEncryption 45:4f:cf:56:de:bb:bf:a6:21:c3:53:5c:73:6a:f1:cf:5f:62: e3:71:25:80:f9:51:be:d3:30:70:3b:91:1c:22:70:b5:85:37: f8:db:62:a8:dd:1e:8c:b9:a6:a8:3a:7e:74:66:01:bc:7e:17: 7d:1a:6e:58:c3:4d:63:db:51:e3:11:54:0d:f3:f9:75:e4:f0: 3f:1c:2f:a2:d4:89:5a:d6:39:65:27:c6:ce:4a:fb:21:51:9b: 83:68:cc:e1:12:26:4f:09:91:86:a0:46:f0:d3:ec:a9:90:6f: 37:04:a7:95:4f:39:10:f2:27:bc:ba:b6:92:a4:4f:8a:0c:42: b3:f1:18:7b:b6:66:de:df:31:4d:49:94:26:07:5c:6c:89:4a: 43:d8:c9:c4:c6:f8:08:f7:6e:40:5a:72:0a:f0:eb:6f:10:ee: 77:a9:b8:a3:bb:aa:48:37:36:1a:99:c8:9d:18:3b:b2:ba:2d: 59:2b:a1:a1:28:ba:14:4e:9d:1a:af:8d:9b:67:7d:63:d4:e3: 1c:9f:3d:26:5b:2c:1c:58:ed:4f:43:54:f5:80:56:a6:f0:ae: ca:bc:21:3b:0f:6e:e8:2c:4c:c1:0a:e9:95:48:4a:41:1b:ca: 01:ff:f9:15:a5:de:76:eb:dd:df:38:97:67:3d:fe:f0:f5:88: c8:31:08:8a -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICF8IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUU4 ODdBQ0M3Q0U0QjVGNjZDQ0Y0OTQ2RjAyQkZBQ0JERTI4Qjc2QTAeFw0yNDA5MjQw MDE4NTRaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKEE0MjBGQjgzQUM1OTIw RTYwNEI3NzJGODA3OTJCMEVCRDIyMjhGMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKruMIDjUlfoTOrxUtIbhdg0zpI9IBYXDsK4FLqc+j1yUsMJLS tAWWg5CZsuSXlRfj3dzMvPZK5+vTS66hHYVPuvNCT2KfuFe2qCN3K2mJ2ifTv4Eb pFiKyF5W5xCm+gwSZvg1Ni3CidLztgeeA6Xr0f2lmF9yIHXY0pbu/9/3tbE2txlD pBIQWuO4rzk9KcaregXHn/FZH9XfkXTx4QgPwTfGxzVuLMG95v7W5uUHS01txnKg w3B7QOqPLsCc0qy0xVZVmkoVEtet0frMoKk1UtWrJyPvHK5zOKB+s4AOuPyk4bT4 Eucg+5+241QY6twuY4aWMwGlcsvz3NnZWTaVAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUpCD7g6xZIOYEt3L4B5Kw69IijwgwHwYDVR0jBBgwFoAU7oh6zHzktfZsz0lG 8Cv6y94ot2owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIx LzdvaDZ6SHprdGZac3owbEc4Q3Y2eTk0b3Qyby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvN29oNnpIemt0ZlpzejBsRzhDdjZ5OTRvdDJvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIxL3BDRDdnNnhaSU9ZRXQz TDRCNUt3NjlJaWp3Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr/9QwDQYJKoZIhvcNAQELBQADggEBAEVPz1beu7+mIcNTXHNq8c9fYuNxJYD5 Ub7TMHA7kRwicLWFN/jbYqjdHoy5pqg6fnRmAbx+F30abljDTWPbUeMRVA3z+XXk 8D8cL6LUiVrWOWUnxs5K+yFRm4NozOESJk8JkYagRvDT7KmQbzcEp5VPORDyJ7y6 tpKkT4oMQrPxGHu2Zt7fMU1JlCYHXGyJSkPYycTG+Aj3bkBacgrw628Q7nepuKO7 qkg3NhqZyJ0YO7K6LVkroaEouhROnRqvjZtnfWPU4xyfPSZbLBxY7U9DVPWAVqbw rsq8ITsPbugsTMEK6ZVISkEbygH/+RWl3nbr3d84l2c9/vD1iMgxCIo= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:47 2024 by rpki-client on console-ams.rpki-client.org