$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/BPwbl2E3hmx2EUpWuWYORyxN8yE.roa File: BPwbl2E3hmx2EUpWuWYORyxN8yE.roa (raw, json) Hash identifier: 6kfzV7CI3M37fO5MxZgdrdcrrDV+M3SBHaoJoDh6lsA= Subject key identifier: 04:FC:1B:97:61:37:86:6C:76:11:4A:56:B9:66:0E:47:2C:4D:F3:21 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 3143 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BPwbl2E3hmx2EUpWuWYORyxN8yE.roa Signing time: Sat 03 Feb 2024 02:49:41 +0000 ROA not before: Sat 03 Feb 2024 02:49:41 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24426 IP address blocks: 43.239.32.0/20 maxlen: 20 103.35.32.0/20 maxlen: 20 110.44.144.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12611 (0x3143) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Feb 3 02:49:41 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=04FC1B976137866C76114A56B9660E472C4DF321 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:da:46:e8:4f:ea:34:fa:9f:e5:b7:dd:8a:c7: 06:e9:92:21:f3:aa:9f:d6:4d:a9:08:e4:91:0f:1d: 8c:70:de:fc:b7:a5:6d:c6:23:0d:73:f8:1b:f4:a3: 8f:ad:17:8d:af:27:86:ef:58:34:4e:8e:50:ab:b7: 1a:5c:bd:4a:a6:7a:a7:9a:63:f3:61:ca:b9:4b:92: fd:eb:65:f1:bf:b8:2b:75:f0:84:48:31:21:4a:54: 88:97:2f:cc:8a:51:32:b2:ec:5f:fe:ed:fb:b0:19: a6:04:b8:73:d5:98:1c:4d:4e:fd:da:33:a0:c0:86: d4:af:9d:e3:57:56:09:0a:2b:fb:a6:c1:1f:6b:24: 52:2a:80:1f:f0:92:8b:a0:86:bb:f6:d1:2d:4b:14: 73:56:ee:94:b0:b1:ce:f1:c3:57:81:c9:5a:f9:95: 3c:6a:0d:21:e2:a6:18:11:88:e1:3a:b9:1c:d6:bf: 75:ff:96:23:89:70:7d:da:66:ca:07:24:e0:53:26: b3:22:81:ee:aa:be:36:2f:eb:84:38:bb:c5:b8:72: c3:6c:82:eb:50:88:ba:dc:2f:8b:42:fe:8d:8c:5e: 8f:8a:31:37:92:81:7e:97:cc:55:0e:39:14:1c:b1: 34:e9:cf:ef:cd:4f:45:bf:23:34:2d:a0:de:a6:c9: 7b:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:FC:1B:97:61:37:86:6C:76:11:4A:56:B9:66:0E:47:2C:4D:F3:21 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BPwbl2E3hmx2EUpWuWYORyxN8yE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.239.32.0/20 103.35.32.0/20 110.44.144.0/20 Signature Algorithm: sha256WithRSAEncryption 6d:01:b9:e6:b0:64:22:15:50:cf:d4:72:6a:31:19:08:00:f7: e5:28:cb:33:bf:3e:99:80:a1:6e:11:b3:41:07:a3:55:d1:5b: 9e:15:df:39:dc:11:6b:d2:54:a5:1c:ba:4a:78:3e:36:2f:c4: 41:19:8c:d8:eb:64:30:ee:99:7b:2b:54:f5:d1:17:31:8d:58: 58:1b:4f:f7:b7:fd:2b:28:bd:7f:ec:48:2e:78:e8:4d:f2:f7: 6b:70:fb:cf:82:4b:53:73:07:9f:33:8f:13:98:12:a8:d3:ad: 2a:c6:69:66:27:51:fe:7f:28:97:9d:f4:05:38:af:2f:75:0a: 9e:61:a8:5d:ac:8d:0d:a7:a4:4e:3a:25:1c:d6:5e:0b:1b:ed: d9:70:d3:e0:17:90:51:2c:fd:06:8f:c9:8d:14:17:3d:ce:e1: 16:65:64:5a:38:8e:7f:8e:9c:73:a8:d1:5a:d4:60:7d:cf:6e: 08:69:c6:59:c3:03:05:ef:f8:56:da:47:e8:15:1b:d6:9c:5e: 6b:7c:ba:23:87:bc:3c:ca:7a:95:eb:98:e7:f8:d8:08:53:4d: 86:e9:58:c5:77:20:8e:83:bb:cf:92:d1:07:ed:13:1b:0b:a4: 4d:59:9e:41:0e:13:8e:e6:a0:3c:33:82:ee:14:05:5c:d8:59: c9:b3:f5:47 -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgICMUMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAyMDMw MjQ5NDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA0RkMxQjk3NjEzNzg2 NkM3NjExNEE1NkI5NjYwRTQ3MkM0REYzMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDM2kboT+o0+p/lt92KxwbpkiHzqp/WTakI5JEPHYxw3vy3pW3G Iw1z+Bv0o4+tF42vJ4bvWDROjlCrtxpcvUqmeqeaY/NhyrlLkv3rZfG/uCt18IRI MSFKVIiXL8yKUTKy7F/+7fuwGaYEuHPVmBxNTv3aM6DAhtSvneNXVgkKK/umwR9r JFIqgB/wkoughrv20S1LFHNW7pSwsc7xw1eByVr5lTxqDSHiphgRiOE6uRzWv3X/ liOJcH3aZsoHJOBTJrMige6qvjYv64Q4u8W4csNsgutQiLrcL4tC/o2MXo+KMTeS gX6XzFUOORQcsTTpz+/NT0W/IzQtoN6myXudAgMBAAGjggH9MIIB+TAdBgNVHQ4E FgQUBPwbl2E3hmx2EUpWuWYORyxN8yEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0JQd2JsMkUzaG14MkVV cFd1V1lPUnl4Tjh5RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID BAQr7yADBARnIyADBARuLJAwDQYJKoZIhvcNAQELBQADggEBAG0BueawZCIVUM/U cmoxGQgA9+UoyzO/PpmAoW4Rs0EHo1XRW54V3zncEWvSVKUcukp4PjYvxEEZjNjr ZDDumXsrVPXRFzGNWFgbT/e3/SsovX/sSC546E3y92tw+8+CS1NzB58zjxOYEqjT rSrGaWYnUf5/KJed9AU4ry91Cp5hqF2sjQ2npE46JRzWXgsb7dlw0+AXkFEs/QaP yY0UFz3O4RZlZFo4jn+OnHOo0VrUYH3PbghpxlnDAwXv+FbaR+gVG9acXmt8uiOH vDzKepXrmOf42AhTTYbpWMV3II6Du8+S0QftExsLpE1ZnkEOE47moDwzgu4UBVzY Wcmz9Uc= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:42 2024 by rpki-client on console-ams.rpki-client.org