$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/x2mEssjB-Oo51gVQ2nDDtFHhdas.roa File: x2mEssjB-Oo51gVQ2nDDtFHhdas.roa (raw, json) Hash identifier: Hb0BcMx1IZV1qTglQXMG0RDF0m1dzOc5OEeVrMKxDqA= Subject key identifier: C7:69:84:B2:C8:C1:F8:EA:39:D6:05:50:DA:70:C3:B4:51:E1:75:AB Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 1869 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/x2mEssjB-Oo51gVQ2nDDtFHhdas.roa Signing time: Fri 24 May 2024 02:25:01 +0000 ROA not before: Fri 24 May 2024 02:25:01 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 59077 IP address blocks: 106.75.128.0/20 maxlen: 20 106.75.144.0/20 maxlen: 20 106.75.160.0/20 maxlen: 20 106.75.176.0/20 maxlen: 20 113.31.160.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6249 (0x1869) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: May 24 02:25:01 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=C76984B2C8C1F8EA39D60550DA70C3B451E175AB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:39:c6:2f:e1:d4:de:4f:03:12:a2:1e:c0:8a: b1:04:17:89:97:bc:ca:25:9c:3f:a2:8a:2f:d8:04: 59:9e:25:5b:a4:3f:7e:da:de:99:58:b0:2d:94:16: e7:b1:0f:cb:6d:bc:a0:d5:e7:27:91:62:7d:19:7d: 09:d5:11:56:85:cc:08:64:74:29:34:09:7c:07:45: 6d:32:5b:f9:f8:87:9b:1b:d4:54:7d:a6:14:25:ed: 4d:4b:eb:db:c6:96:94:72:eb:26:5d:1e:d8:c1:c7: 54:91:78:ae:91:0d:fa:0f:13:1d:b4:fd:3e:79:86: 51:43:3e:c0:f5:44:f4:2b:5f:fa:90:8f:37:47:64: 1f:a7:e2:d2:c5:3b:c1:f8:f2:a5:87:ad:c9:95:c2: 3f:08:a6:92:a5:c7:c4:a3:c8:e6:73:7c:20:99:91: 23:55:d9:9b:77:27:24:94:4c:ab:92:4e:3a:9d:66: d7:5a:99:79:7f:31:51:68:55:c3:a4:9b:cd:e3:5c: 16:63:d1:ae:7f:f2:45:43:4a:f6:ca:1d:48:d1:a0: 9c:c8:48:b9:a1:1d:8c:50:16:a1:74:d7:35:d1:b8: d5:42:95:11:9d:fa:33:07:7e:ad:b3:80:d7:66:c8: 05:ef:99:b5:4f:71:4b:eb:fc:16:4b:0d:e8:43:bc: 48:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:69:84:B2:C8:C1:F8:EA:39:D6:05:50:DA:70:C3:B4:51:E1:75:AB X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/x2mEssjB-Oo51gVQ2nDDtFHhdas.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.75.128.0/18 113.31.160.0/20 Signature Algorithm: sha256WithRSAEncryption 5d:fa:1f:c4:15:b1:a2:65:88:f6:27:cc:15:61:d6:b7:36:a2: e9:d1:d5:a1:3b:56:42:2a:20:6c:28:17:8b:3b:94:e8:6e:e3: c8:9b:c2:f6:30:6b:62:8c:31:0f:60:3c:c7:23:b9:9d:e8:75: cb:d2:cb:9b:c0:61:76:9f:e1:33:4b:60:44:e1:4c:4b:fe:b4: a7:7c:1c:0f:db:73:40:d0:a8:04:96:ff:31:36:b2:b2:b5:05: eb:4f:f6:c5:83:0b:62:54:e3:1b:2d:25:01:ac:db:17:7d:ba: d9:53:05:75:44:fd:73:27:ab:41:21:22:18:f4:3b:1c:5b:e7: 3b:ab:dd:a3:48:98:ba:94:c0:07:d1:00:6c:07:c3:45:a6:74: 52:29:65:7f:f1:f1:13:0f:45:44:7e:be:16:dc:bc:e3:03:c0: 3d:5c:41:80:1d:bf:2f:bd:65:ec:7f:b1:5a:57:bb:0e:7c:1a: 09:58:f7:e2:8f:d9:7b:9a:8c:ff:ba:78:57:89:6a:10:7b:f3: d2:1b:43:11:3d:89:59:a5:5b:ce:45:61:81:39:0c:1d:7c:f9: 52:f2:17:52:94:f5:c0:69:d1:ff:37:7f:91:08:b4:ce:07:4d: 0c:fc:6d:c5:cf:ef:33:3e:7d:61:de:35:c4:92:ff:fc:99:09: 13:5a:3c:47 -----BEGIN CERTIFICATE----- MIIE2zCCA8OgAwIBAgICGGkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNDA1MjQw MjI1MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM3Njk4NEIyQzhDMUY4 RUEzOUQ2MDU1MERBNzBDM0I0NTFFMTc1QUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDeOcYv4dTeTwMSoh7AirEEF4mXvMolnD+iii/YBFmeJVukP37a 3plYsC2UFuexD8ttvKDV5yeRYn0ZfQnVEVaFzAhkdCk0CXwHRW0yW/n4h5sb1FR9 phQl7U1L69vGlpRy6yZdHtjBx1SReK6RDfoPEx20/T55hlFDPsD1RPQrX/qQjzdH ZB+n4tLFO8H48qWHrcmVwj8IppKlx8SjyOZzfCCZkSNV2Zt3JySUTKuSTjqdZtda mXl/MVFoVcOkm83jXBZj0a5/8kVDSvbKHUjRoJzISLmhHYxQFqF01zXRuNVClRGd +jMHfq2zgNdmyAXvmbVPcUvr/BZLDehDvEhjAgMBAAGjggH3MIIB8zAdBgNVHQ4E FgQUx2mEssjB+Oo51gVQ2nDDtFHhdaswHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3gybUVzc2pCLU9vNTFn VlEybkREdEZIaGRhcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD BAZqS4ADBARxH6AwDQYJKoZIhvcNAQELBQADggEBAF36H8QVsaJliPYnzBVh1rc2 ounR1aE7VkIqIGwoF4s7lOhu48ibwvYwa2KMMQ9gPMcjuZ3odcvSy5vAYXaf4TNL YEThTEv+tKd8HA/bc0DQqASW/zE2srK1BetP9sWDC2JU4xstJQGs2xd9utlTBXVE /XMnq0EhIhj0Oxxb5zur3aNImLqUwAfRAGwHw0WmdFIpZX/x8RMPRUR+vhbcvOMD wD1cQYAdvy+9Zex/sVpXuw58GglY9+KP2XuajP+6eFeJahB789IbQxE9iVmlW85F YYE5DB18+VLyF1KU9cBp0f83f5EItM4HTQz8bcXP7zM+fWHeNcSS//yZCRNaPEc= -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:44 2024 by rpki-client on console-fra.rpki-client.org