$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2154/TlMIClXWOImmRKz7dKhP6P-hd8A.roa File: TlMIClXWOImmRKz7dKhP6P-hd8A.roa (raw, json) Hash identifier: olSFdKVgUsINueki9JfGzPOe1bnDm1eGlkkPfK2zg7M= Subject key identifier: 4E:53:08:0A:55:D6:38:89:A6:44:AC:FB:74:A8:4F:E8:FF:A1:77:C0 Certificate issuer: /CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2 Certificate serial: 0190 Authority key identifier: E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/TlMIClXWOImmRKz7dKhP6P-hd8A.roa Signing time: Tue 08 Oct 2024 10:02:33 +0000 ROA not before: Tue 08 Oct 2024 10:02:33 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 63631 IP address blocks: 119.161.138.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 400 (0x190) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2 Validity Not Before: Oct 8 10:02:33 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=4E53080A55D63889A644ACFB74A84FE8FFA177C0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:2d:13:a2:18:0d:3c:be:aa:59:e6:62:69:05: 29:6e:a9:fa:6e:49:0d:1a:8f:f3:da:4a:80:1f:a5: a3:be:57:e8:d3:48:ad:68:c4:cb:18:96:4e:d3:21: a0:c8:49:2c:a3:6c:86:75:e8:da:74:8e:45:1c:de: 24:89:27:2f:58:1d:7f:d8:0f:71:42:7c:10:dd:bb: 28:c1:7d:3a:59:2f:50:4b:2f:ac:5d:c8:e3:f1:2c: df:27:4e:4a:02:de:df:51:01:03:88:1c:0b:c9:81: 1f:ff:29:0b:b0:c2:18:bf:2b:a5:8e:55:dd:92:eb: 2b:fd:c7:64:f5:b6:1c:8c:49:65:e9:54:5f:3f:14: a0:49:f4:87:3f:68:ce:76:df:9d:37:87:6e:ba:4b: f8:1b:0b:cb:1c:49:97:f9:f4:50:6e:b7:76:db:05: 72:44:f4:8d:fe:db:7c:1c:d0:2f:af:25:cf:23:34: 07:96:4a:db:6d:f1:8a:1e:83:db:a9:de:15:ee:fa: b3:50:ee:b9:0e:5f:49:71:64:24:35:26:c3:d5:5a: d2:27:33:7e:33:bb:06:2a:07:5d:a4:43:18:7e:71: cc:c1:b6:03:44:66:31:7e:c3:9b:95:7e:5e:bc:9c: 9a:cc:5a:07:06:c5:3b:e1:59:8c:60:5c:27:57:53: fc:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:53:08:0A:55:D6:38:89:A6:44:AC:FB:74:A8:4F:E8:FF:A1:77:C0 X509v3 Authority Key Identifier: keyid:E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/TlMIClXWOImmRKz7dKhP6P-hd8A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.161.138.0/24 Signature Algorithm: sha256WithRSAEncryption 92:f0:2b:6b:b5:5d:3f:b6:d8:7e:c1:01:2d:b4:96:8c:b8:57: cd:69:37:dc:c9:95:eb:e0:8c:90:59:9f:67:32:6b:63:5c:d7: b1:e9:73:46:03:2e:48:7f:f0:31:03:df:99:d6:c6:11:e6:15: 87:d8:a7:f3:88:21:9a:54:7a:35:74:1f:9d:07:87:b2:dc:22: 41:da:b7:85:fa:9d:93:1e:95:f9:e5:53:ab:b8:f9:22:f9:29: a8:f5:1e:3c:aa:e5:3b:35:e8:93:ef:c3:ce:e9:fb:ea:a9:6e: d9:8b:dc:16:f4:46:78:03:01:a6:e3:29:5a:b2:cb:86:f5:cc: 9d:7d:5b:ce:79:ec:ca:a3:61:33:2e:42:ed:87:04:b0:e3:b0: ba:cb:5f:6e:74:16:9e:4b:6f:55:53:83:f7:bb:3a:ca:14:26: eb:68:bc:0f:62:f7:d7:09:c5:4f:7c:62:5d:92:06:1b:7b:fb: f9:f9:a5:37:d4:6f:a4:16:a8:20:f3:b2:80:06:eb:8e:72:0b: 11:b5:cb:1c:19:83:56:b9:ee:44:4f:d4:2d:14:ca:ff:37:84: e6:2e:34:ba:48:10:ed:97:86:47:fb:5b:c7:ad:4a:ce:b6:5c: 3b:e2:ec:22:1f:c9:f2:02:15:fe:72:7d:c8:a4:f1:c9:41:ea: c4:72:de:07 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAZAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTUw MkRFMkM2MDg2QTY2Mjg0QjgwQ0RCN0I1QUMwQzEyQ0MzRjNDMjAeFw0yNDEwMDgx MDAyMzNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDRFNTMwODBBNTVENjM4 ODlBNjQ0QUNGQjc0QTg0RkU4RkZBMTc3QzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDzLROiGA08vqpZ5mJpBSluqfpuSQ0aj/PaSoAfpaO+V+jTSK1o xMsYlk7TIaDISSyjbIZ16Np0jkUc3iSJJy9YHX/YD3FCfBDduyjBfTpZL1BLL6xd yOPxLN8nTkoC3t9RAQOIHAvJgR//KQuwwhi/K6WOVd2S6yv9x2T1thyMSWXpVF8/ FKBJ9Ic/aM523503h266S/gbC8scSZf59FBut3bbBXJE9I3+23wc0C+vJc8jNAeW Sttt8Yoeg9up3hXu+rNQ7rkOX0lxZCQ1JsPVWtInM34zuwYqB12kQxh+cczBtgNE ZjF+w5uVfl68nJrMWgcGxTvhWYxgXCdXU/xXAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUTlMIClXWOImmRKz7dKhP6P+hd8AwHwYDVR0jBBgwFoAU5QLeLGCGpmKEuAzb e1rAwSzD88IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjE1 NC81UUxlTEdDR3BtS0V1QXpiZTFyQXdTekQ4OEkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzVRTGVMR0NHcG1LRXVBemJlMXJBd1N6RDg4SS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxNTQvVGxNSUNsWFdPSW1t Ukt6N2RLaFA2UC1oZDhBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHehijANBgkqhkiG9w0BAQsFAAOCAQEAkvAra7VdP7bYfsEBLbSWjLhXzWk3 3MmV6+CMkFmfZzJrY1zXselzRgMuSH/wMQPfmdbGEeYVh9in84ghmlR6NXQfnQeH stwiQdq3hfqdkx6V+eVTq7j5IvkpqPUePKrlOzXok+/Dzun76qlu2YvcFvRGeAMB puMpWrLLhvXMnX1bznnsyqNhMy5C7YcEsOOwustfbnQWnktvVVOD97s6yhQm62i8 D2L31wnFT3xiXZIGG3v7+fmlN9RvpBaoIPOygAbrjnILEbXLHBmDVrnuRE/ULRTK /zeE5i40ukgQ7ZeGR/tbx61KzrZcO+LsIh/J8gIV/nJ9yKTxyUHqxHLeBw== -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:42 2024 by rpki-client on console-ams.rpki-client.org