$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/bldXqgx243FB8sVodBULRxzVRGA.roa File: bldXqgx243FB8sVodBULRxzVRGA.roa (raw, json) Hash identifier: lGAjxqBwpaC2uegYgVnmD4YtbKswiDHXzkWva8D1K1o= Subject key identifier: 6E:57:57:AA:0C:76:E3:71:41:F2:C5:68:74:15:0B:47:1C:D5:44:60 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 135A Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/bldXqgx243FB8sVodBULRxzVRGA.roa Signing time: Wed 09 Oct 2024 00:44:11 +0000 ROA not before: Wed 09 Oct 2024 00:44:11 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 2914 IP address blocks: 180.223.198.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 01:23:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4954 (0x135a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Oct 9 00:44:11 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=6E5757AA0C76E37141F2C56874150B471CD54460 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:2d:41:e1:a4:ff:56:2f:2d:78:a3:bc:f6:72: 3c:5f:8a:3a:c5:64:05:13:c5:bc:e2:9d:b7:6d:da: a9:f9:6b:8e:c4:99:b6:9e:46:07:59:6a:7a:a0:1d: 12:51:1a:3b:5c:1e:7c:d6:d1:e2:b1:fb:d0:f7:ff: 93:cc:c4:34:49:7d:ea:54:04:b4:31:c2:d7:1d:2c: bf:ad:2d:f5:1a:41:b4:d0:4a:b0:e8:46:bb:d4:a5: 3d:2c:33:bc:d0:69:62:78:1c:17:b0:dc:b8:24:4b: 3e:82:2c:b0:2b:6f:f5:a4:f9:90:93:6d:38:34:5a: 7c:6b:e6:6c:ea:c5:c5:90:e2:4e:bc:4c:98:91:37: 9b:b0:58:38:f2:7c:e5:2c:91:25:97:3d:81:75:c4: 90:01:ef:c3:3c:8c:6c:10:6f:12:e0:ff:eb:9a:0b: 60:02:4f:a4:48:85:b6:fb:d0:49:af:66:b1:84:19: 90:5e:d8:e7:65:a7:d4:88:4a:30:6c:9f:e8:a0:b5: 7a:f8:c0:0d:ab:ec:70:e4:3b:ed:79:08:d7:e5:26: 81:61:11:a3:0c:93:7c:ed:98:c2:06:3c:a8:3a:d5: 80:fd:b9:e5:4c:bb:cc:da:7c:74:2c:94:fd:c1:cd: 25:e3:b6:74:a3:72:67:c4:5a:d3:fd:ac:4f:da:c1: 6a:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:57:57:AA:0C:76:E3:71:41:F2:C5:68:74:15:0B:47:1C:D5:44:60 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/bldXqgx243FB8sVodBULRxzVRGA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.198.0/24 Signature Algorithm: sha256WithRSAEncryption ac:cf:bf:4f:79:67:b3:a7:ec:e6:d4:66:fe:2c:c4:a1:4c:93: c1:c6:94:c9:f5:ec:1d:0e:0e:6a:92:9b:0e:ed:da:5e:3b:67: cb:95:8d:35:b4:dd:1e:03:87:b8:d1:5f:47:bb:2d:26:35:4d: 0a:da:ef:58:eb:57:cb:c3:67:83:d7:55:99:ff:49:42:16:d4: bd:38:c1:d5:59:e3:ea:29:ac:fd:a0:76:3f:21:63:f9:57:b8: eb:dc:33:61:20:8f:95:36:37:a2:03:44:52:08:75:c8:85:84: fb:a3:49:33:28:4a:e1:e6:5f:12:58:88:ec:ab:5c:a8:cf:38: ce:34:12:7e:07:e0:06:3b:7c:dd:bf:d5:e4:46:e1:d0:78:a2: a0:1e:51:77:54:19:d2:f8:3d:52:66:05:95:6d:e9:59:55:14: d6:68:11:fe:00:8c:80:4e:32:21:36:a3:87:08:a5:3f:16:eb: 00:44:f5:0b:da:ce:2d:82:d4:a3:a9:19:a8:30:bf:ed:8e:06: 5c:95:ff:39:ec:0f:4e:42:86:6d:28:10:14:35:b7:3c:a7:9e: 05:69:ce:16:64:77:a4:e4:1e:4c:88:6e:2a:a6:0a:f6:ad:4b: 25:4c:b0:bd:b5:ac:bf:88:95:c3:f8:d4:6f:e9:fe:b1:9b:cf: 49:55:dc:5e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE1owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDEwMDkw MDQ0MTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDZFNTc1N0FBMEM3NkUz NzE0MUYyQzU2ODc0MTUwQjQ3MUNENTQ0NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCbLUHhpP9WLy14o7z2cjxfijrFZAUTxbzinbdt2qn5a47Embae RgdZanqgHRJRGjtcHnzW0eKx+9D3/5PMxDRJfepUBLQxwtcdLL+tLfUaQbTQSrDo RrvUpT0sM7zQaWJ4HBew3LgkSz6CLLArb/Wk+ZCTbTg0Wnxr5mzqxcWQ4k68TJiR N5uwWDjyfOUskSWXPYF1xJAB78M8jGwQbxLg/+uaC2ACT6RIhbb70EmvZrGEGZBe 2Odlp9SISjBsn+igtXr4wA2r7HDkO+15CNflJoFhEaMMk3ztmMIGPKg61YD9ueVM u8zafHQslP3BzSXjtnSjcmfEWtP9rE/awWqLAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUbldXqgx243FB8sVodBULRxzVRGAwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvYmxkWHFneDI0M0ZC OHNWb2RCVUxSeHpWUkdBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTfxjANBgkqhkiG9w0BAQsFAAOCAQEArM+/T3lns6fs5tRm/izEoUyTwcaU yfXsHQ4OapKbDu3aXjtny5WNNbTdHgOHuNFfR7stJjVNCtrvWOtXy8Nng9dVmf9J QhbUvTjB1Vnj6ims/aB2PyFj+Ve469wzYSCPlTY3ogNEUgh1yIWE+6NJMyhK4eZf EliI7KtcqM84zjQSfgfgBjt83b/V5Ebh0HiioB5Rd1QZ0vg9UmYFlW3pWVUU1mgR /gCMgE4yITajhwilPxbrAET1C9rOLYLUo6kZqDC/7Y4GXJX/OewPTkKGbSgQFDW3 PKeeBWnOFmR3pOQeTIhuKqYK9q1LJUywvbWsv4iVw/jUb+n+sZvPSVXcXg== -----END CERTIFICATE-----Generated at Fri Nov 22 00:25:26 2024 by rpki-client on console-fra.rpki-client.org