$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/767/N1dupYuWa4aI3SEYctGFZgXpWT4.roa File: N1dupYuWa4aI3SEYctGFZgXpWT4.roa (raw, json) Hash identifier: BKzyhbGxW5GCzlbytkLbvUZ4L5u4bcw3HnWu9dLaEmI= Subject key identifier: 37:57:6E:A5:8B:96:6B:86:88:DD:21:18:72:D1:85:66:05:E9:59:3E Certificate issuer: /CN=CC8CF726F2323299108744D6930BEF18D677445D Certificate serial: 1040 Authority key identifier: CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/N1dupYuWa4aI3SEYctGFZgXpWT4.roa Signing time: Tue 26 Mar 2024 01:14:44 +0000 ROA not before: Tue 26 Mar 2024 01:14:44 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 59015 IP address blocks: 43.224.240.0/22 maxlen: 32 103.43.240.0/22 maxlen: 32 119.38.224.0/19 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:23:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4160 (0x1040) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CC8CF726F2323299108744D6930BEF18D677445D Validity Not Before: Mar 26 01:14:44 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=37576EA58B966B8688DD211872D1856605E9593E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:82:07:4a:21:47:71:67:09:cc:45:37:9e:d3: 41:e5:53:e3:31:f0:5d:ee:f7:3a:02:bf:af:23:62: 9c:94:93:81:b0:0e:38:86:54:c2:5e:a2:20:f2:af: 0e:2f:3f:40:fa:a0:b6:cd:92:b0:70:8a:0c:fe:f7: e0:5f:fd:a7:9e:ed:b9:a6:12:c8:ae:ae:8c:3f:4e: 66:8d:39:ab:00:c9:3e:f3:a6:7a:e8:64:1a:94:a3: e4:3f:69:8e:7a:7c:03:db:66:6c:88:29:53:f6:53: ba:73:79:6c:5d:84:fe:a0:da:d2:f8:88:ae:8d:e4: 65:8e:da:92:43:d4:62:9d:c1:a7:18:26:35:32:1b: b0:79:e9:44:eb:75:ae:5e:de:b9:58:3c:8c:e4:ea: 34:91:9a:fb:b1:7c:69:9e:b2:0d:25:2d:22:b7:c5: 2f:20:4c:3b:c5:da:07:ae:8e:5e:d2:de:0f:50:fe: 42:b1:a3:e6:d3:b2:14:e3:d1:9a:74:12:ea:7b:1d: 14:e9:3f:e0:3d:2f:b0:a3:34:1b:cb:27:67:18:10: a1:e1:48:f5:a6:9b:52:92:8d:4f:a6:86:53:0c:c0: 06:67:0a:0c:65:17:4f:27:43:c7:81:60:ad:5a:b1: 7e:2b:da:1a:32:34:cb:54:20:de:f4:4b:87:29:76: 53:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:57:6E:A5:8B:96:6B:86:88:DD:21:18:72:D1:85:66:05:E9:59:3E X509v3 Authority Key Identifier: keyid:CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/N1dupYuWa4aI3SEYctGFZgXpWT4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.224.240.0/22 103.43.240.0/22 119.38.224.0/19 Signature Algorithm: sha256WithRSAEncryption 33:8b:6e:f5:0e:d9:4a:ca:30:5f:30:9d:c9:c6:33:d4:01:3b: 3b:c1:d2:1f:09:8d:b2:58:5b:62:0e:93:67:45:2c:ff:42:fc: eb:ba:ab:7e:de:14:21:96:3d:f5:86:b0:7d:b8:66:94:26:e7: 1d:f3:54:ee:07:c2:69:da:3c:36:ba:42:dc:4b:24:21:2e:20: bb:16:b3:d6:2b:0e:6d:b2:4c:08:af:97:41:56:91:05:74:3a: 02:52:61:3c:7c:9d:ad:c9:70:a3:9a:13:72:05:2d:c8:8d:8d: 61:2b:cf:f9:67:18:2c:5a:a8:f1:27:8c:1f:86:0c:d6:a0:43: e4:47:34:27:00:fc:88:78:a3:b7:2b:41:bd:88:95:ec:4a:a5: 50:49:e7:46:f6:06:2e:3d:d4:a1:b3:10:7d:32:d1:b9:32:fd: 41:d8:7f:ab:41:6a:a1:11:f8:7d:4c:78:f0:15:20:1f:5f:0d: e2:70:b5:e4:26:a9:df:87:e8:50:ce:5e:5f:7b:88:25:67:72: fa:40:fe:86:b1:d0:bf:62:36:2c:a3:63:18:33:74:b3:4e:19: a4:21:71:c7:3f:e1:a0:73:43:e7:6c:81:fa:76:b4:b9:4a:67: c6:37:a5:92:da:59:ac:60:be:78:04:87:fa:3e:e6:25:73:c9: f1:59:16:14 -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgICEEAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0M4 Q0Y3MjZGMjMyMzI5OTEwODc0NEQ2OTMwQkVGMThENjc3NDQ1RDAeFw0yNDAzMjYw MTE0NDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM3NTc2RUE1OEI5NjZC ODY4OEREMjExODcyRDE4NTY2MDVFOTU5M0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDZggdKIUdxZwnMRTee00HlU+Mx8F3u9zoCv68jYpyUk4GwDjiG VMJeoiDyrw4vP0D6oLbNkrBwigz+9+Bf/aee7bmmEsiurow/TmaNOasAyT7zpnro ZBqUo+Q/aY56fAPbZmyIKVP2U7pzeWxdhP6g2tL4iK6N5GWO2pJD1GKdwacYJjUy G7B56UTrda5e3rlYPIzk6jSRmvuxfGmesg0lLSK3xS8gTDvF2geujl7S3g9Q/kKx o+bTshTj0Zp0Eup7HRTpP+A9L7CjNBvLJ2cYEKHhSPWmm1KSjU+mhlMMwAZnCgxl F08nQ8eBYK1asX4r2hoyNMtUIN70S4cpdlO5AgMBAAGjggH9MIIB+TAdBgNVHQ4E FgQUN1dupYuWa4aI3SEYctGFZgXpWT4wHwYDVR0jBBgwFoAUzIz3JvIyMpkQh0TW kwvvGNZ3RF0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3 L3pJejNKdkl5TXBrUWgwVFdrd3Z2R05aM1JGMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvekl6M0p2SXlNcGtRaDBUV2t3dnZHTlozUkYwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3L04xZHVwWXVXYTRhSTNT RVljdEdGWmdYcFdUNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID BAIr4PADBAJnK/ADBAV3JuAwDQYJKoZIhvcNAQELBQADggEBADOLbvUO2UrKMF8w ncnGM9QBOzvB0h8JjbJYW2IOk2dFLP9C/Ou6q37eFCGWPfWGsH24ZpQm5x3zVO4H wmnaPDa6QtxLJCEuILsWs9YrDm2yTAivl0FWkQV0OgJSYTx8na3JcKOaE3IFLciN jWErz/lnGCxaqPEnjB+GDNagQ+RHNCcA/Ih4o7crQb2IlexKpVBJ50b2Bi491KGz EH0y0bky/UHYf6tBaqER+H1MePAVIB9fDeJwteQmqd+H6FDOXl97iCVncvpA/oax 0L9iNiyjYxgzdLNOGaQhccc/4aBzQ+dsgfp2tLlKZ8Y3pZLaWaxgvngEh/o+5iVz yfFZFhQ= -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:54 2024 by rpki-client on console-ams.rpki-client.org