$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/4CPbz1Q971itbf4bXNw_7tOqmyc.roa File: 4CPbz1Q971itbf4bXNw_7tOqmyc.roa (raw, json) Hash identifier: 4pu1JSAQfcEMBJgg7ptM6XR79OtQhF6xYtF7auaz0+k= Subject key identifier: E0:23:DB:CF:54:3D:EF:58:AD:6D:FE:1B:5C:DC:3F:EE:D3:AA:9B:27 Certificate issuer: /CN=9A5C74AE3F8CD3B679AC56C473F450378591926B Certificate serial: 19D8 Authority key identifier: 9A:5C:74:AE:3F:8C:D3:B6:79:AC:56:C4:73:F4:50:37:85:91:92:6B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4CPbz1Q971itbf4bXNw_7tOqmyc.roa Signing time: Tue 03 Sep 2024 19:46:42 +0000 ROA not before: Tue 03 Sep 2024 19:46:42 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 9391 IP address blocks: 211.156.224.0/20 maxlen: 20 218.97.224.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mlx0rj-M07Z5rFbEc_RQN4WRkms.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mlx0rj-M07Z5rFbEc_RQN4WRkms.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6616 (0x19d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9A5C74AE3F8CD3B679AC56C473F450378591926B Validity Not Before: Sep 3 19:46:42 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=E023DBCF543DEF58AD6DFE1B5CDC3FEED3AA9B27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:22:05:4f:7e:e4:e5:96:af:4c:6b:8a:15:9d: 65:16:69:b9:21:46:4f:17:5f:e0:5c:08:9e:09:69: d1:56:06:4a:07:95:4b:94:1c:60:3d:00:c8:92:ec: fb:ab:ab:e0:50:c0:e6:6e:19:41:33:ff:d1:0e:5f: 78:86:29:e1:ff:c9:4b:8d:0e:d1:a5:94:56:b4:f4: 05:d5:d8:5d:43:d3:2f:76:0a:ac:01:a8:01:e6:2f: 72:41:75:ed:98:9e:8d:0d:30:92:69:ed:d8:5f:dd: 2b:25:be:9c:6a:80:b0:90:ab:83:3a:a5:6c:7c:90: 86:36:a3:24:c6:c0:e6:26:c1:26:d9:2f:a2:4c:5b: 67:eb:31:d4:98:cc:a5:09:3a:90:07:9b:9a:24:d1: 97:3b:5a:60:e7:e6:96:74:8f:6d:8a:a5:12:a2:59: 05:81:34:63:4b:07:30:66:02:d7:a8:6f:98:37:61: 10:f0:e6:42:32:64:07:f5:33:7d:cb:d8:52:ae:3c: 8e:ad:85:35:9c:aa:7d:8a:78:2d:1c:60:9a:00:c7: a1:a3:7b:a5:4a:f5:63:95:86:2d:2b:6a:2b:17:ad: 3d:d0:60:f6:5a:b8:f5:c7:9c:29:f9:bc:55:7f:ea: 41:c6:ed:09:59:ea:79:cb:d3:36:c6:46:99:39:93: db:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:23:DB:CF:54:3D:EF:58:AD:6D:FE:1B:5C:DC:3F:EE:D3:AA:9B:27 X509v3 Authority Key Identifier: keyid:9A:5C:74:AE:3F:8C:D3:B6:79:AC:56:C4:73:F4:50:37:85:91:92:6B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mlx0rj-M07Z5rFbEc_RQN4WRkms.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4CPbz1Q971itbf4bXNw_7tOqmyc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.156.224.0/20 218.97.224.0/20 Signature Algorithm: sha256WithRSAEncryption ca:0d:73:1b:69:5b:3d:83:e1:96:ab:e6:72:e3:42:45:45:30: de:de:39:b9:04:cb:61:7f:df:27:37:b9:4f:f2:cc:e7:aa:c3: 60:e9:8e:ed:a2:09:ce:07:64:4c:af:3b:42:3a:d9:64:b2:82: f6:8d:8f:3a:15:3b:8c:fa:a8:8c:a4:f3:db:3d:f4:50:7f:c6: 6c:82:55:38:22:3c:9f:1a:b2:56:03:f9:2b:cb:18:aa:45:1e: 39:27:87:da:b5:ef:54:e1:91:46:f3:7b:f0:43:db:51:d1:bd: ce:65:3e:c1:6d:10:be:59:ad:fa:f9:38:93:e6:4d:3b:44:d6: 1f:6b:dd:6f:83:82:a6:10:ea:a5:3f:0f:6d:66:51:3e:be:53: f0:36:b9:04:8f:f9:65:cd:9e:2b:59:71:9e:41:9a:8b:d0:69: b3:dd:20:4e:b1:83:a1:87:37:a3:90:c4:3d:08:0e:3c:d4:96: 47:92:54:06:eb:20:5c:5b:fe:f8:e9:b6:5a:07:6a:4f:46:43: 20:d7:88:b1:cd:f3:c1:c5:43:96:bf:16:f2:54:83:c7:55:a0: 16:73:97:7a:94:57:21:13:6b:a4:0a:dd:e0:89:65:0f:12:d3: c8:92:f5:d1:f6:55:e7:3f:8e:14:6d:07:37:61:be:f5:8f:16: e1:54:b1:33 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICGdgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUE1 Qzc0QUUzRjhDRDNCNjc5QUM1NkM0NzNGNDUwMzc4NTkxOTI2QjAeFw0yNDA5MDMx OTQ2NDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUwMjNEQkNGNTQzREVG NThBRDZERkUxQjVDREMzRkVFRDNBQTlCMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxIgVPfuTllq9Ma4oVnWUWabkhRk8XX+BcCJ4JadFWBkoHlUuU HGA9AMiS7Purq+BQwOZuGUEz/9EOX3iGKeH/yUuNDtGllFa09AXV2F1D0y92CqwB qAHmL3JBde2Yno0NMJJp7dhf3SslvpxqgLCQq4M6pWx8kIY2oyTGwOYmwSbZL6JM W2frMdSYzKUJOpAHm5ok0Zc7WmDn5pZ0j22KpRKiWQWBNGNLBzBmAteob5g3YRDw 5kIyZAf1M33L2FKuPI6thTWcqn2KeC0cYJoAx6Gje6VK9WOVhi0raisXrT3QYPZa uPXHnCn5vFV/6kHG7QlZ6nnL0zbGRpk5k9vfAgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQU4CPbz1Q971itbf4bXNw/7tOqmycwHwYDVR0jBBgwFoAUmlx0rj+M07Z5rFbE c/RQN4WRkmswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv bWx4MHJqLU0wN1o1ckZiRWNfUlFONFdSa21zLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9tbHgwcmotTTA3WjVyRmJFY19SUU40V1JrbXMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni80Q1BiejFROTcxaXRiZjRi WE53Xzd0T3FteWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQE 05zgAwQE2mHgMA0GCSqGSIb3DQEBCwUAA4IBAQDKDXMbaVs9g+GWq+Zy40JFRTDe 3jm5BMthf98nN7lP8sznqsNg6Y7tognOB2RMrztCOtlksoL2jY86FTuM+qiMpPPb PfRQf8ZsglU4IjyfGrJWA/kryxiqRR45J4fate9U4ZFG83vwQ9tR0b3OZT7BbRC+ Wa36+TiT5k07RNYfa91vg4KmEOqlPw9tZlE+vlPwNrkEj/llzZ4rWXGeQZqL0Gmz 3SBOsYOhhzejkMQ9CA481JZHklQG6yBcW/746bZaB2pPRkMg14ixzfPBxUOWvxby VIPHVaAWc5d6lFchE2ukCt3giWUPEtPIkvXR9lXnP44UbQc3Yb71jxbhVLEz -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:51 2024 by rpki-client on console-ams.rpki-client.org