$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/upTyCNqEZWn89tUrN96fiy_SSFQ.roa File: upTyCNqEZWn89tUrN96fiy_SSFQ.roa (raw, json) Hash identifier: xU36AHhe5xF6wSTSVZtI2AgOCRoNR76kOePGwIlbZ40= Subject key identifier: BA:94:F2:08:DA:84:65:69:FC:F6:D5:2B:37:DE:9F:8B:2F:D2:48:54 Certificate issuer: /CN=9A5C74AE3F8CD3B679AC56C473F450378591926B Certificate serial: 19D9 Authority key identifier: 9A:5C:74:AE:3F:8C:D3:B6:79:AC:56:C4:73:F4:50:37:85:91:92:6B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/upTyCNqEZWn89tUrN96fiy_SSFQ.roa Signing time: Tue 03 Sep 2024 19:46:42 +0000 ROA not before: Tue 03 Sep 2024 19:46:42 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 9391 IP address blocks: 203.118.192.0/19 maxlen: 19 210.77.96.0/19 maxlen: 19 210.78.64.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mlx0rj-M07Z5rFbEc_RQN4WRkms.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mlx0rj-M07Z5rFbEc_RQN4WRkms.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 02:50:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6617 (0x19d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9A5C74AE3F8CD3B679AC56C473F450378591926B Validity Not Before: Sep 3 19:46:42 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=BA94F208DA846569FCF6D52B37DE9F8B2FD24854 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:db:96:c0:5d:d6:22:55:1e:5c:0f:17:59:6f: 5c:c3:e3:a6:50:67:99:58:f0:3e:bb:ff:fc:d9:bf: 9b:0a:27:62:e1:02:28:77:5f:cc:c4:8a:33:c9:63: 42:1b:bc:82:3c:00:24:5c:d5:57:b9:66:af:64:38: 8d:c9:63:03:71:00:80:07:f4:82:aa:f1:59:83:ad: 94:ae:cd:a1:29:ef:42:36:1b:51:ce:15:41:03:70: 3e:ef:b8:71:3e:20:d4:27:b4:83:b9:db:2e:5c:90: 34:80:2c:95:bc:6c:89:82:a3:fc:9d:fa:a7:33:f5: ab:6d:d2:c7:2f:93:b2:95:0c:18:10:83:5c:42:62: bd:78:48:df:c9:6e:16:c7:c2:d2:82:0d:21:86:b4: 37:4e:9f:37:54:16:b7:f3:a1:12:74:86:90:0f:c5: 38:5c:c3:e4:37:06:7b:53:79:9f:8d:de:53:a6:5e: 09:49:be:cb:31:d3:2f:9c:fe:4f:e1:6d:64:cb:d8: 57:2b:13:02:0a:98:33:45:10:e4:8f:03:20:9b:b4: 3e:5f:17:5e:57:28:09:2a:e2:3e:61:61:5b:3d:19: b2:c0:3f:4e:d8:b3:46:56:2d:50:63:93:f3:b7:4f: 20:92:d7:22:16:d2:d0:f3:67:8f:4d:90:2d:5c:4f: ca:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:94:F2:08:DA:84:65:69:FC:F6:D5:2B:37:DE:9F:8B:2F:D2:48:54 X509v3 Authority Key Identifier: keyid:9A:5C:74:AE:3F:8C:D3:B6:79:AC:56:C4:73:F4:50:37:85:91:92:6B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mlx0rj-M07Z5rFbEc_RQN4WRkms.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/upTyCNqEZWn89tUrN96fiy_SSFQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.118.192.0/19 210.77.96.0/19 210.78.64.0/19 Signature Algorithm: sha256WithRSAEncryption b3:09:bf:65:c2:53:09:5d:22:8a:23:df:65:53:77:54:e7:09: 40:95:f0:71:5e:44:ab:eb:0a:b2:a2:cc:08:e7:38:3c:1a:e2: ec:75:e4:75:60:d2:69:95:a2:1a:7b:67:31:a6:5e:41:d0:e1: db:bf:ee:7f:52:88:b3:fb:8c:6a:ad:a9:90:81:21:ab:d6:21: 8c:6f:37:b6:91:48:6d:db:c7:a2:5b:c2:00:b5:c7:05:c3:33: 3e:f7:6a:74:0f:49:88:69:ee:bc:4d:6c:ed:c9:3f:a4:c0:92: c1:4d:d3:89:9b:ce:fa:68:69:79:74:8c:1c:80:35:8c:9f:13: 9f:60:15:4e:77:33:d9:8e:2e:38:61:ba:cd:68:59:53:86:f7: 37:73:25:16:40:c4:70:58:d1:03:e4:fb:b6:00:20:51:61:f8: 3e:87:65:16:0e:15:42:d0:39:d2:d5:6b:48:d5:27:85:47:a9: a9:ee:58:7d:b0:00:9a:78:2d:0e:0c:c8:34:66:6e:56:44:41: 32:67:2b:d0:85:4d:6e:40:d9:5b:9d:0c:4c:28:84:05:78:9b: dd:d1:35:c9:f2:98:1b:49:aa:63:75:0e:76:fd:f6:85:15:50: f8:cd:f8:91:c9:a6:9d:f0:9f:19:c0:a9:15:6f:f7:a1:41:e8: 08:e6:b2:c0 -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgICGdkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUE1 Qzc0QUUzRjhDRDNCNjc5QUM1NkM0NzNGNDUwMzc4NTkxOTI2QjAeFw0yNDA5MDMx OTQ2NDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJBOTRGMjA4REE4NDY1 NjlGQ0Y2RDUyQjM3REU5RjhCMkZEMjQ4NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDq25bAXdYiVR5cDxdZb1zD46ZQZ5lY8D67//zZv5sKJ2LhAih3 X8zEijPJY0IbvII8ACRc1Ve5Zq9kOI3JYwNxAIAH9IKq8VmDrZSuzaEp70I2G1HO FUEDcD7vuHE+INQntIO52y5ckDSALJW8bImCo/yd+qcz9att0scvk7KVDBgQg1xC Yr14SN/JbhbHwtKCDSGGtDdOnzdUFrfzoRJ0hpAPxThcw+Q3BntTeZ+N3lOmXglJ vssx0y+c/k/hbWTL2FcrEwIKmDNFEOSPAyCbtD5fF15XKAkq4j5hYVs9GbLAP07Y s0ZWLVBjk/O3TyCS1yIW0tDzZ49NkC1cT8o7AgMBAAGjggH7MIIB9zAdBgNVHQ4E FgQUupTyCNqEZWn89tUrN96fiy/SSFQwHwYDVR0jBBgwFoAUmlx0rj+M07Z5rFbE c/RQN4WRkmswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv bWx4MHJqLU0wN1o1ckZiRWNfUlFONFdSa21zLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9tbHgwcmotTTA3WjVyRmJFY19SUU40V1JrbXMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91cFR5Q05xRVpXbjg5dFVy Tjk2Zml5X1NTRlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQF y3bAAwQF0k1gAwQF0k5AMA0GCSqGSIb3DQEBCwUAA4IBAQCzCb9lwlMJXSKKI99l U3dU5wlAlfBxXkSr6wqyoswI5zg8GuLsdeR1YNJplaIae2cxpl5B0OHbv+5/Uoiz +4xqramQgSGr1iGMbze2kUht28eiW8IAtccFwzM+92p0D0mIae68TWztyT+kwJLB TdOJm876aGl5dIwcgDWMnxOfYBVOdzPZji44YbrNaFlThvc3cyUWQMRwWNED5Pu2 ACBRYfg+h2UWDhVC0DnS1WtI1SeFR6mp7lh9sACaeC0ODMg0Zm5WREEyZyvQhU1u QNlbnQxMKIQFeJvd0TXJ8pgbSapjdQ52/faFFVD4zfiRyaad8J8ZwKkVb/ehQegI 5rLA -----END CERTIFICATE-----Generated at Fri Nov 22 23:40:50 2024 by rpki-client on console-fra.rpki-client.org