$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/1h7MjSQkDHW0g0wxTf5pE-fkqNg.roa File: 1h7MjSQkDHW0g0wxTf5pE-fkqNg.roa (raw, json) Hash identifier: s33f7SFvTxJ40vJ42UpvBavXht/UaSIuqUD5A0fKGlg= Subject key identifier: D6:1E:CC:8D:24:24:0C:75:B4:83:4C:31:4D:FE:69:13:E7:E4:A8:D8 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 1703 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/1h7MjSQkDHW0g0wxTf5pE-fkqNg.roa Signing time: Wed 13 Mar 2024 01:21:53 +0000 ROA not before: Wed 13 Mar 2024 01:21:53 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 4812 IP address blocks: 106.75.224.0/20 maxlen: 20 106.75.240.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5891 (0x1703) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Mar 13 01:21:53 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=D61ECC8D24240C75B4834C314DFE6913E7E4A8D8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:c4:d7:6f:09:f9:00:a3:93:07:c2:29:f7:31: 2b:2f:0e:33:d5:d0:c6:0f:1c:2e:16:2a:b6:0b:63: f9:b0:b8:53:2d:d8:99:7e:5d:4c:2a:18:b9:61:a2: f3:8f:4f:c1:d6:d4:72:5b:54:53:ec:d3:46:fa:a8: 36:37:65:90:e3:4a:4c:a4:15:09:df:88:67:d1:1b: 1f:1a:85:99:45:ee:55:6d:59:1e:37:6d:d8:c3:85: 14:be:df:8f:55:e9:5b:cc:0b:d0:ec:25:8a:f6:6c: fb:48:93:00:53:40:98:88:d7:05:88:d0:d7:ff:7f: 1c:50:a3:33:81:54:54:7e:15:2c:69:ca:1d:96:95: eb:2a:c4:0a:16:94:71:da:f0:c3:4b:4b:e8:86:71: 37:9e:35:8f:d8:50:fd:e4:ce:ca:f2:3f:35:a6:8b: c4:50:64:ce:d2:ae:0d:72:90:cd:ac:29:8d:b3:ad: 88:c4:37:6d:e2:5e:d3:23:17:5e:57:01:ca:16:f4: b0:fa:7a:68:ae:e4:d1:3e:eb:e9:4b:73:09:63:84: 96:15:98:67:a6:eb:62:cc:10:71:0a:19:26:e2:a9: d1:89:85:a1:77:d7:78:55:d9:ea:d1:ee:41:d7:99: 47:64:5b:30:dc:ac:c7:f6:47:d7:eb:36:c4:81:38: 90:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:1E:CC:8D:24:24:0C:75:B4:83:4C:31:4D:FE:69:13:E7:E4:A8:D8 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/1h7MjSQkDHW0g0wxTf5pE-fkqNg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.224.0/19 Signature Algorithm: sha256WithRSAEncryption 83:50:8b:f4:f5:b1:b4:4c:dc:f3:71:40:4e:79:93:cd:eb:8f: 6a:bf:a6:6b:8b:d5:0d:85:c4:e5:39:eb:91:26:f0:4d:0b:6d: 02:36:bc:bf:bf:d7:05:3f:41:22:31:91:fd:80:1d:04:32:18: 3a:74:32:59:c4:7b:0a:67:d7:f8:36:19:b4:b8:dd:b6:11:16: 2c:3e:14:66:1d:00:3a:57:20:33:0a:30:c6:11:aa:fe:6d:17: a1:a8:a5:47:2e:29:38:16:08:07:cc:33:fe:1b:8c:ee:ea:b1: 48:e1:07:28:2a:d5:1c:1c:79:f7:c8:1e:be:1c:52:ea:22:ef: 34:c4:29:c2:58:48:36:de:fb:af:74:cc:06:d9:67:96:5b:30: 9d:4e:f9:c7:0f:f5:f9:76:af:99:9f:89:b2:fd:7d:0c:65:20: 43:93:88:6d:98:42:c8:31:96:7f:09:15:69:27:e6:61:b7:23: 63:f5:63:d8:f9:18:01:6d:8e:9e:48:3b:60:d1:7c:27:b4:38: 42:cb:69:00:a3:af:c1:5e:78:9e:80:f1:e0:46:33:ff:11:fd: 6a:1d:ac:86:3d:59:cd:42:83:0e:99:64:e0:90:a3:2a:f8:af: b7:ab:6d:43:da:bf:81:cf:3c:10:9c:e5:dc:a0:fd:59:1b:b1: a0:bb:b8:51 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFwMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNDAzMTMw MTIxNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ2MUVDQzhEMjQyNDBD NzVCNDgzNEMzMTRERkU2OTEzRTdFNEE4RDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1xNdvCfkAo5MHwin3MSsvDjPV0MYPHC4WKrYLY/mwuFMt2Jl+ XUwqGLlhovOPT8HW1HJbVFPs00b6qDY3ZZDjSkykFQnfiGfRGx8ahZlF7lVtWR43 bdjDhRS+349V6VvMC9DsJYr2bPtIkwBTQJiI1wWI0Nf/fxxQozOBVFR+FSxpyh2W lesqxAoWlHHa8MNLS+iGcTeeNY/YUP3kzsryPzWmi8RQZM7Srg1ykM2sKY2zrYjE N23iXtMjF15XAcoW9LD6emiu5NE+6+lLcwljhJYVmGem62LMEHEKGSbiqdGJhaF3 13hV2erR7kHXmUdkWzDcrMf2R9frNsSBOJC9AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU1h7MjSQkDHW0g0wxTf5pE+fkqNgwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3LzFoN01qU1FrREhXMGcw d3hUZjVwRS1ma3FOZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAVqS+AwDQYJKoZIhvcNAQELBQADggEBAINQi/T1sbRM3PNxQE55k83rj2q/pmuL 1Q2FxOU565Em8E0LbQI2vL+/1wU/QSIxkf2AHQQyGDp0MlnEewpn1/g2GbS43bYR Fiw+FGYdADpXIDMKMMYRqv5tF6GopUcuKTgWCAfMM/4bjO7qsUjhBygq1RwceffI Hr4cUuoi7zTEKcJYSDbe+690zAbZZ5ZbMJ1O+ccP9fl2r5mfibL9fQxlIEOTiG2Y Qsgxln8JFWkn5mG3I2P1Y9j5GAFtjp5IO2DRfCe0OELLaQCjr8FeeJ6A8eBGM/8R /WodrIY9Wc1Cgw6ZZOCQoyr4r7erbUPav4HPPBCc5dyg/VkbsaC7uFE= -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:44 2024 by rpki-client on console-fra.rpki-client.org