$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/119/BhAPA23_9841Ad-T5RPGRWrr8lU.roa File: BhAPA23_9841Ad-T5RPGRWrr8lU.roa (raw, json) Hash identifier: kYugWE0/6l95HXjqsbTP6qrpO8X0FDHGL1s3owYnbDM= Subject key identifier: 06:10:0F:03:6D:FF:F7:CE:35:01:DF:93:E5:13:C6:45:6A:EB:F2:55 Certificate issuer: /CN=F556C3AAA1001F89DC0FCED5436A21BB4FF35D7A Certificate serial: 0D01 Authority key identifier: F5:56:C3:AA:A1:00:1F:89:DC:0F:CE:D5:43:6A:21:BB:4F:F3:5D:7A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/BhAPA23_9841Ad-T5RPGRWrr8lU.roa Signing time: Tue 24 Sep 2024 00:19:02 +0000 ROA not before: Tue 24 Sep 2024 00:19:02 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 45074 IP address blocks: 219.235.152.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3329 (0xd01) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F556C3AAA1001F89DC0FCED5436A21BB4FF35D7A Validity Not Before: Sep 24 00:19:02 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=06100F036DFFF7CE3501DF93E513C6456AEBF255 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:fe:90:3c:49:71:06:18:bd:6e:49:8c:cc:1a: 69:50:a2:ac:db:da:8c:fd:06:f6:cd:90:8b:84:8d: 04:39:bf:4d:a5:3b:e8:ce:0a:9d:a9:e0:77:13:1c: 17:d7:f8:e1:76:b4:f6:50:06:29:99:4d:c2:e6:24: d8:1c:7a:e6:33:d8:4e:87:9b:ef:6f:28:7c:a9:6a: 0c:b8:0b:7e:7f:53:73:21:24:4b:28:ea:a7:db:41: 8e:d7:18:ce:27:00:36:3b:9f:08:d5:56:7c:98:b1: 1d:e1:51:4e:b1:37:ce:35:af:a0:0a:47:fa:d2:6e: e7:06:92:ab:f6:34:83:b6:9d:d9:6c:08:0f:21:52: 05:90:53:74:06:b2:d3:33:b7:a9:c8:9c:ac:36:1c: 87:14:d9:3f:81:13:f0:3b:ee:e2:2c:b7:df:45:ab: 5b:d8:fd:cf:0e:a5:76:ce:a9:50:92:38:29:db:85: c4:23:4d:f9:91:a1:2e:f5:c5:6b:24:71:5f:f7:fb: 03:f4:87:d9:00:c6:43:73:b4:a7:9f:6b:c9:06:a4: 42:21:a3:7e:c6:a8:d8:b3:52:d1:08:90:e9:ea:3d: f6:87:f9:87:d6:89:01:42:86:93:48:6c:70:cd:b7: c0:84:f0:b1:78:3e:78:d3:09:95:11:07:b5:28:f4: 32:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:10:0F:03:6D:FF:F7:CE:35:01:DF:93:E5:13:C6:45:6A:EB:F2:55 X509v3 Authority Key Identifier: keyid:F5:56:C3:AA:A1:00:1F:89:DC:0F:CE:D5:43:6A:21:BB:4F:F3:5D:7A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/BhAPA23_9841Ad-T5RPGRWrr8lU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 219.235.152.0/21 Signature Algorithm: sha256WithRSAEncryption 2c:16:91:ea:26:27:9c:54:e7:14:f1:a0:fc:b0:4d:16:11:91: db:d4:f8:7b:1f:46:ff:d9:4b:10:0b:c4:61:7e:68:86:5f:95: 13:14:6d:f6:a1:92:7f:7d:c8:90:1c:8d:7b:37:43:39:57:fe: 48:87:da:68:9a:bc:ed:6d:f6:6b:4f:42:87:8b:24:9a:88:10: 8b:51:02:07:03:98:c7:79:0f:69:5c:f6:f6:29:70:e4:a8:d8: a6:dc:4d:0e:57:4c:0d:5c:f2:62:a2:d3:63:3f:59:79:c8:6f: ed:e1:64:63:74:1c:42:74:a2:c3:d3:a0:30:52:8e:c7:e3:86: c6:fc:23:33:4e:06:b7:2c:01:32:e4:76:42:1d:8f:5d:60:c5: 11:72:2e:f4:53:c6:de:72:cc:e9:00:fe:0f:77:66:4d:68:d1: 60:ad:34:93:d9:36:0a:e8:d1:13:5b:2a:b6:2f:1f:01:40:2e: b3:67:87:6e:52:cd:1f:31:39:95:b8:74:01:a1:4d:a3:26:11: 71:b9:b3:b9:fd:4d:2f:2b:ae:e1:5c:b4:a5:72:35:13:62:15: d1:79:37:14:e1:41:78:cd:d6:e3:44:0e:b3:f5:be:96:18:4c: f3:77:bb:17:13:d4:ae:91:c2:5e:f9:a2:a8:b4:8b:05:93:4d: 3b:26:4a:4b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDQEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjU1 NkMzQUFBMTAwMUY4OURDMEZDRUQ1NDM2QTIxQkI0RkYzNUQ3QTAeFw0yNDA5MjQw MDE5MDJaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDA2MTAwRjAzNkRGRkY3 Q0UzNTAxREY5M0U1MTNDNjQ1NkFFQkYyNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDB/pA8SXEGGL1uSYzMGmlQoqzb2oz9BvbNkIuEjQQ5v02lO+jO Cp2p4HcTHBfX+OF2tPZQBimZTcLmJNgceuYz2E6Hm+9vKHypagy4C35/U3MhJEso 6qfbQY7XGM4nADY7nwjVVnyYsR3hUU6xN841r6AKR/rSbucGkqv2NIO2ndlsCA8h UgWQU3QGstMzt6nInKw2HIcU2T+BE/A77uIst99Fq1vY/c8OpXbOqVCSOCnbhcQj TfmRoS71xWskcV/3+wP0h9kAxkNztKefa8kGpEIho37GqNizUtEIkOnqPfaH+YfW iQFChpNIbHDNt8CE8LF4PnjTCZURB7Uo9DIXAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUBhAPA23/9841Ad+T5RPGRWrr8lUwHwYDVR0jBBgwFoAU9VbDqqEAH4ncD87V Q2ohu0/zXXowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTE5 LzlWYkRxcUVBSDRuY0Q4N1ZRMm9odTBfelhYby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOVZiRHFxRUFING5jRDg3VlEyb2h1MF96WFhvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTE5L0JoQVBBMjNfOTg0MUFk LVQ1UlBHUldycjhsVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAPb65gwDQYJKoZIhvcNAQELBQADggEBACwWkeomJ5xU5xTxoPywTRYRkdvU+Hsf Rv/ZSxALxGF+aIZflRMUbfahkn99yJAcjXs3QzlX/kiH2miavO1t9mtPQoeLJJqI EItRAgcDmMd5D2lc9vYpcOSo2KbcTQ5XTA1c8mKi02M/WXnIb+3hZGN0HEJ0osPT oDBSjsfjhsb8IzNOBrcsATLkdkIdj11gxRFyLvRTxt5yzOkA/g93Zk1o0WCtNJPZ Ngro0RNbKrYvHwFALrNnh25SzR8xOZW4dAGhTaMmEXG5s7n9TS8rruFctKVyNRNi FdF5NxThQXjN1uNEDrP1vpYYTPN3uxcT1K6Rwl75oqi0iwWTTTsmSks= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:42 2024 by rpki-client on console-ams.rpki-client.org