$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2154/_DbEdZrniCPwVVOGbmzd38tW6tk.roa File: _DbEdZrniCPwVVOGbmzd38tW6tk.roa (raw, json) Hash identifier: ly/8B2kL1WV/fbP+Bdiy+hZM/mhIZ8Lr1S6MG861aBc= Subject key identifier: FC:36:C4:75:9A:E7:88:23:F0:55:53:86:6E:6C:DD:DF:CB:56:EA:D9 Certificate issuer: /CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2 Certificate serial: 0191 Authority key identifier: E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/_DbEdZrniCPwVVOGbmzd38tW6tk.roa Signing time: Tue 08 Oct 2024 10:02:33 +0000 ROA not before: Tue 08 Oct 2024 10:02:33 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 63631 IP address blocks: 119.161.144.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 401 (0x191) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2 Validity Not Before: Oct 8 10:02:33 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=FC36C4759AE78823F05553866E6CDDDFCB56EAD9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:06:f4:be:97:84:d3:8a:09:e5:6f:68:12:89: 63:f0:66:bc:3e:ef:b6:a8:fc:c6:94:fd:fa:39:9b: ca:d0:4f:f2:27:f2:2f:cb:a6:14:01:0a:99:2e:f5: a9:3b:f1:cb:f0:77:32:c4:a3:6b:71:6d:d7:4b:64: 4a:bb:30:7e:c5:32:54:87:8d:d5:12:03:d1:f4:0e: 73:01:11:7f:59:1d:60:32:5d:1a:99:77:2b:71:e2: fb:09:7d:09:b8:30:ed:bb:0c:01:66:15:2d:a3:7d: 08:8a:cb:3f:29:7d:e7:0a:98:18:8e:12:e6:7d:ff: d9:4f:7c:8d:64:d0:81:9c:23:5f:a2:7a:38:cb:5f: 6f:25:8b:1d:fe:40:ee:ec:b2:f3:d7:60:8d:b9:be: 0e:36:b3:b9:68:4c:a8:0b:23:ca:47:6e:e1:54:ca: b5:4d:f1:0e:2b:3d:57:15:cd:2f:e7:17:ea:58:15: 04:79:a5:83:52:62:5f:63:cf:d4:29:84:03:49:80: 70:1a:56:3c:63:47:85:46:2b:0d:c0:e3:d6:0b:de: aa:12:f6:0c:ed:db:78:f6:4d:9c:b0:13:8d:f6:6c: a1:44:0e:94:f3:23:35:22:42:42:6c:c5:c0:fc:af: 79:43:64:87:af:95:e1:66:85:58:5e:fd:b6:64:71: 57:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:36:C4:75:9A:E7:88:23:F0:55:53:86:6E:6C:DD:DF:CB:56:EA:D9 X509v3 Authority Key Identifier: keyid:E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/_DbEdZrniCPwVVOGbmzd38tW6tk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.161.144.0/21 Signature Algorithm: sha256WithRSAEncryption 2a:6f:41:a9:8d:23:e7:cb:e8:40:38:cc:11:61:b3:68:3e:87: 4c:a3:86:49:75:3f:da:5a:37:ba:89:8f:67:64:61:66:f8:ba: 7d:fb:6f:e6:76:b6:a9:eb:06:0d:3a:f5:08:3f:be:ce:5d:f9: f4:16:8b:2f:66:11:e5:a4:b7:b5:96:6d:4f:94:2b:38:15:dc: 33:da:a1:18:6f:a9:95:bb:f7:7c:77:a5:93:d5:dc:c9:a9:d1: d3:57:0b:2d:32:ee:be:55:e6:81:df:6e:ae:77:9f:01:32:2f: 77:83:9f:9d:4c:09:e0:dd:7e:ff:aa:e4:8f:50:db:64:8e:4f: de:2f:d1:20:7c:b7:7b:f4:d3:23:be:a4:df:a3:cc:fb:cb:47: 2e:43:5b:30:93:a0:e7:3c:df:24:88:de:90:4a:06:b6:4e:5c: b1:bf:ad:6b:ff:f8:5a:11:d6:f6:8c:21:df:b0:5f:c1:e8:1e: 35:a9:45:09:2d:f1:ef:48:0d:7a:42:d9:97:e2:32:e2:9e:4a: 42:37:80:fa:27:d5:f7:66:5b:1d:ce:18:ce:e0:f7:89:28:92: de:2d:04:92:d5:96:a7:03:30:50:6d:11:7d:88:c1:a9:71:16: 56:f8:bc:9e:14:e8:fd:3b:f2:63:3c:d8:f7:6b:a0:a3:a1:9d: a7:47:a9:ea -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAZEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTUw MkRFMkM2MDg2QTY2Mjg0QjgwQ0RCN0I1QUMwQzEyQ0MzRjNDMjAeFw0yNDEwMDgx MDAyMzNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEZDMzZDNDc1OUFFNzg4 MjNGMDU1NTM4NjZFNkNERERGQ0I1NkVBRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCoBvS+l4TTignlb2gSiWPwZrw+77ao/MaU/fo5m8rQT/In8i/L phQBCpku9ak78cvwdzLEo2txbddLZEq7MH7FMlSHjdUSA9H0DnMBEX9ZHWAyXRqZ dytx4vsJfQm4MO27DAFmFS2jfQiKyz8pfecKmBiOEuZ9/9lPfI1k0IGcI1+iejjL X28lix3+QO7ssvPXYI25vg42s7loTKgLI8pHbuFUyrVN8Q4rPVcVzS/nF+pYFQR5 pYNSYl9jz9QphANJgHAaVjxjR4VGKw3A49YL3qoS9gzt23j2TZywE432bKFEDpTz IzUiQkJsxcD8r3lDZIevleFmhVhe/bZkcVctAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU/DbEdZrniCPwVVOGbmzd38tW6tkwHwYDVR0jBBgwFoAU5QLeLGCGpmKEuAzb e1rAwSzD88IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjE1 NC81UUxlTEdDR3BtS0V1QXpiZTFyQXdTekQ4OEkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzVRTGVMR0NHcG1LRXVBemJlMXJBd1N6RDg4SS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxNTQvX0RiRWRacm5pQ1B3 VlZPR2JtemQzOHRXNnRrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA3ehkDANBgkqhkiG9w0BAQsFAAOCAQEAKm9BqY0j58voQDjMEWGzaD6HTKOG SXU/2lo3uomPZ2RhZvi6fftv5na2qesGDTr1CD++zl359BaLL2YR5aS3tZZtT5Qr OBXcM9qhGG+plbv3fHelk9XcyanR01cLLTLuvlXmgd9urnefATIvd4OfnUwJ4N1+ /6rkj1DbZI5P3i/RIHy3e/TTI76k36PM+8tHLkNbMJOg5zzfJIjekEoGtk5csb+t a//4WhHW9owh37BfwegeNalFCS3x70gNekLZl+Iy4p5KQjeA+ifV92ZbHc4YzuD3 iSiS3i0EktWWpwMwUG0RfYjBqXEWVvi8nhTo/TvyYzzY92ugo6Gdp0ep6g== -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:42 2024 by rpki-client on console-ams.rpki-client.org