$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/ERJ4ZQmOKZWoIaY-XUq47ePPW8E.roa File: ERJ4ZQmOKZWoIaY-XUq47ePPW8E.roa (raw, json) Hash identifier: tK2zEk6GVSNiqaFhgWyde3Br5IA+HhMCVF8coBM7RBw= Subject key identifier: 11:12:78:65:09:8E:29:95:A8:21:A6:3E:5D:4A:B8:ED:E3:CF:5B:C1 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 16FF Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/ERJ4ZQmOKZWoIaY-XUq47ePPW8E.roa Signing time: Wed 13 Mar 2024 01:21:52 +0000 ROA not before: Wed 13 Mar 2024 01:21:52 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 135377 IP address blocks: 106.75.192.0/24 maxlen: 24 106.75.193.0/24 maxlen: 24 106.75.194.0/24 maxlen: 24 106.75.195.0/24 maxlen: 24 106.75.196.0/24 maxlen: 24 106.75.197.0/24 maxlen: 24 106.75.198.0/24 maxlen: 24 106.75.199.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5887 (0x16ff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Mar 13 01:21:52 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=11127865098E2995A821A63E5D4AB8EDE3CF5BC1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:1b:97:16:58:c1:ac:e2:60:35:f2:06:0c:ae: b1:be:cc:5c:ef:7a:53:5e:e7:f6:ba:3a:26:15:7f: 20:05:d5:4d:74:4f:a8:28:d3:9f:59:1d:5c:11:47: 64:94:31:5a:5a:fb:46:3e:93:88:55:df:df:b9:e0: 26:41:a6:3e:4a:1d:27:8c:cd:80:8c:73:3f:2e:94: f7:32:f3:a3:8b:9d:dc:5e:90:8d:70:8d:d5:b7:cb: 5f:5f:6b:ab:0b:e0:9b:fa:ef:ad:f2:4c:8a:bc:7a: e1:1e:79:e1:81:77:78:bf:58:fa:80:81:e7:c4:2f: c6:26:28:7c:58:08:c5:7a:83:04:ac:e3:d0:df:dc: 37:24:75:47:32:0c:f7:a2:ff:d4:1d:38:53:9d:71: b5:6a:0f:cb:85:3e:50:fc:5c:da:60:7e:29:3d:df: 9c:95:41:3e:c7:a5:12:5b:db:32:27:5c:8b:f9:c1: 5f:25:ff:35:54:af:90:46:0e:05:1c:58:41:d3:31: d5:2a:d3:ba:4e:74:ce:1c:cd:88:87:4e:49:cb:27: 2a:4c:83:ba:26:b2:97:66:93:6e:a8:1f:7a:c0:b3: 9c:7a:e2:29:aa:78:91:84:f6:f6:7d:c6:bb:af:59: 79:a0:3a:d0:47:15:23:76:d6:18:91:f7:59:c8:2c: e7:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:12:78:65:09:8E:29:95:A8:21:A6:3E:5D:4A:B8:ED:E3:CF:5B:C1 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/ERJ4ZQmOKZWoIaY-XUq47ePPW8E.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.192.0/21 Signature Algorithm: sha256WithRSAEncryption 34:65:b4:f5:c9:5c:d5:da:bf:3c:f1:d3:95:a6:cb:b2:e2:d9: f4:04:20:41:bc:f7:53:11:b0:16:c8:19:c3:af:83:a8:85:17: 1e:2b:e0:31:30:ca:a0:8d:17:cb:02:9a:d9:f2:b0:cf:b3:84: 1d:3a:d7:43:00:aa:a5:16:de:d8:81:88:ec:e1:c0:21:f0:4a: 2a:51:6f:ba:05:4a:f0:86:b7:7b:dc:73:0f:a0:ee:c9:8c:5c: 6b:bd:36:5c:b9:a1:61:31:4c:37:91:bc:e2:8c:09:1a:ee:99: fb:be:75:0d:ab:7a:f3:ac:d0:f6:fd:59:23:fb:60:a7:1b:03: c6:d4:c5:9a:b5:be:b1:30:47:c3:7c:e2:98:b1:ec:9a:02:e8: 28:b8:da:20:e9:fa:7f:29:3a:d0:2f:c6:c8:80:7e:8d:98:c6: 4b:5f:f5:4f:dc:60:14:b8:ac:a2:af:f7:50:5d:86:82:6b:47: 36:1d:1b:35:7f:37:c1:8a:59:b2:0a:96:2e:5b:41:24:80:44: e4:13:ce:ee:f9:33:60:f4:07:4f:03:4d:69:b0:35:f1:d8:9d: a9:ac:13:43:fb:40:9b:a5:87:d8:1e:55:8d:e8:3e:c9:90:31: 41:8e:52:b4:97:c2:2a:3b:21:27:3a:19:f2:8f:a0:73:d6:93: ff:f6:a9:13 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFv8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNDAzMTMw MTIxNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDExMTI3ODY1MDk4RTI5 OTVBODIxQTYzRTVENEFCOEVERTNDRjVCQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqG5cWWMGs4mA18gYMrrG+zFzvelNe5/a6OiYVfyAF1U10T6go 059ZHVwRR2SUMVpa+0Y+k4hV39+54CZBpj5KHSeMzYCMcz8ulPcy86OLndxekI1w jdW3y19fa6sL4Jv6763yTIq8euEeeeGBd3i/WPqAgefEL8YmKHxYCMV6gwSs49Df 3DckdUcyDPei/9QdOFOdcbVqD8uFPlD8XNpgfik935yVQT7HpRJb2zInXIv5wV8l /zVUr5BGDgUcWEHTMdUq07pOdM4czYiHTknLJypMg7omspdmk26oH3rAs5x64imq eJGE9vZ9xruvWXmgOtBHFSN21hiR91nILOfNAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUERJ4ZQmOKZWoIaY+XUq47ePPW8EwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0VSSjRaUW1PS1pXb0lh WS1YVXE0N2VQUFc4RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BANqS8AwDQYJKoZIhvcNAQELBQADggEBADRltPXJXNXavzzx05Wmy7Li2fQEIEG8 91MRsBbIGcOvg6iFFx4r4DEwyqCNF8sCmtnysM+zhB0610MAqqUW3tiBiOzhwCHw SipRb7oFSvCGt3vccw+g7smMXGu9Nly5oWExTDeRvOKMCRrumfu+dQ2revOs0Pb9 WSP7YKcbA8bUxZq1vrEwR8N84pix7JoC6Ci42iDp+n8pOtAvxsiAfo2Yxktf9U/c YBS4rKKv91BdhoJrRzYdGzV/N8GKWbIKli5bQSSAROQTzu75M2D0B08DTWmwNfHY namsE0P7QJulh9geVY3oPsmQMUGOUrSXwio7ISc6GfKPoHPWk//2qRM= -----END CERTIFICATE-----Generated at Fri Nov 22 06:38:16 2024 by rpki-client on console-ams.rpki-client.org