$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2154/bbrlTFMwX8s0uugJo4S2yUv0-BE.roa File: bbrlTFMwX8s0uugJo4S2yUv0-BE.roa (raw, json) Hash identifier: Wtc8zWUd1c1/p+G/OUdq5b34UwCT1Ib7c9O4ita+u2E= Subject key identifier: 6D:BA:E5:4C:53:30:5F:CB:34:BA:E8:09:A3:84:B6:C9:4B:F4:F8:11 Certificate issuer: /CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2 Certificate serial: 018E Authority key identifier: E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/bbrlTFMwX8s0uugJo4S2yUv0-BE.roa Signing time: Tue 08 Oct 2024 10:02:32 +0000 ROA not before: Tue 08 Oct 2024 10:02:32 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 63631 IP address blocks: 119.161.152.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 398 (0x18e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2 Validity Not Before: Oct 8 10:02:32 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=6DBAE54C53305FCB34BAE809A384B6C94BF4F811 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:20:da:78:a6:cc:cc:7b:e4:81:18:2d:c4:25: 47:af:13:84:6b:16:f9:27:0f:8b:e4:74:3f:c2:e2: e7:dc:ee:49:63:63:7a:47:bd:21:52:b6:7f:6b:46: d5:17:cf:c6:5a:b3:56:5b:df:fd:da:aa:09:1f:09: c8:bd:51:20:be:fa:42:ba:13:7d:be:69:6a:dc:b1: f4:26:61:c7:cf:fa:d6:5e:b6:02:40:51:bc:fe:61: 1f:69:07:59:be:80:79:03:f5:3f:1c:3d:e1:1d:92: 4c:a6:5b:7f:01:7a:8b:6e:a3:0b:82:7c:fa:95:9a: 51:f8:e1:9e:e0:59:55:3c:35:bd:74:6f:cd:24:65: 7c:0e:75:5f:89:6c:d6:89:27:1d:10:0b:64:f2:06: fe:78:94:c2:b6:10:b8:ae:3b:03:86:fb:16:77:ba: ff:96:66:a8:4f:d0:b2:ed:99:96:76:13:0a:7f:6b: a6:b3:9a:18:85:9a:42:c1:8c:b6:6e:a5:00:53:92: 86:fc:c9:61:de:f4:f0:d2:85:25:5b:cf:54:6e:14: b8:f0:ef:28:d7:f1:df:91:1a:8a:4f:71:44:4a:38: f6:b3:34:d9:4a:74:b5:20:17:a9:b3:a8:d7:6b:ce: 8e:9e:3a:b8:af:65:4c:f0:f9:4d:bb:ad:ad:99:94: 3a:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:BA:E5:4C:53:30:5F:CB:34:BA:E8:09:A3:84:B6:C9:4B:F4:F8:11 X509v3 Authority Key Identifier: keyid:E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/bbrlTFMwX8s0uugJo4S2yUv0-BE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.161.152.0/21 Signature Algorithm: sha256WithRSAEncryption 05:25:67:f3:5b:71:96:47:10:36:28:3a:34:01:a6:88:3f:10: aa:a4:df:38:71:fc:9c:a3:bd:cf:9b:99:f1:8a:23:2b:01:26: 5d:49:2d:5b:3c:e0:26:39:22:bd:15:43:87:69:6b:53:60:7c: 48:db:c6:8e:92:f6:4f:e3:a9:a9:69:40:18:11:1a:0f:01:33: 66:e2:56:9e:9f:b6:d0:b7:b7:4f:70:44:87:2a:c0:1c:89:1e: 21:63:cd:4d:f6:4c:6a:12:52:53:da:e9:7d:1c:33:1b:ec:2d: 39:34:2d:9e:1b:64:02:c8:95:a9:0c:94:b3:6f:56:a6:64:92: 69:8e:3b:12:6c:6a:8e:2b:8f:df:e2:d8:9f:11:f2:5f:7f:37: 1d:a1:89:86:1c:a0:25:7d:0c:02:6e:c3:15:c1:04:77:40:3d: 55:58:f0:1c:02:52:47:f5:7a:9d:d0:ff:49:f6:4a:b1:9d:c5: 01:0f:47:03:cb:cf:40:c2:f2:2f:04:d8:23:c8:6a:55:bd:aa: 21:4b:b2:42:48:01:9d:06:53:32:4c:5a:ad:14:57:4d:ec:e0: c7:0b:90:07:ee:88:25:44:74:c5:d1:6c:c1:20:70:43:75:c8: 1f:2e:a1:23:bc:52:f9:83:fd:83:b5:0e:91:62:a2:e3:56:20: 75:c0:4b:75 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAY4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTUw MkRFMkM2MDg2QTY2Mjg0QjgwQ0RCN0I1QUMwQzEyQ0MzRjNDMjAeFw0yNDEwMDgx MDAyMzJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDZEQkFFNTRDNTMzMDVG Q0IzNEJBRTgwOUEzODRCNkM5NEJGNEY4MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDlINp4pszMe+SBGC3EJUevE4RrFvknD4vkdD/C4ufc7kljY3pH vSFStn9rRtUXz8Zas1Zb3/3aqgkfCci9USC++kK6E32+aWrcsfQmYcfP+tZetgJA Ubz+YR9pB1m+gHkD9T8cPeEdkkymW38BeotuowuCfPqVmlH44Z7gWVU8Nb10b80k ZXwOdV+JbNaJJx0QC2TyBv54lMK2ELiuOwOG+xZ3uv+WZqhP0LLtmZZ2Ewp/a6az mhiFmkLBjLZupQBTkob8yWHe9PDShSVbz1RuFLjw7yjX8d+RGopPcURKOPazNNlK dLUgF6mzqNdrzo6eOrivZUzw+U27ra2ZlDqtAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUbbrlTFMwX8s0uugJo4S2yUv0+BEwHwYDVR0jBBgwFoAU5QLeLGCGpmKEuAzb e1rAwSzD88IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjE1 NC81UUxlTEdDR3BtS0V1QXpiZTFyQXdTekQ4OEkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzVRTGVMR0NHcG1LRXVBemJlMXJBd1N6RDg4SS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxNTQvYmJybFRGTXdYOHMw dXVnSm80UzJ5VXYwLUJFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA3ehmDANBgkqhkiG9w0BAQsFAAOCAQEABSVn81txlkcQNig6NAGmiD8QqqTf OHH8nKO9z5uZ8YojKwEmXUktWzzgJjkivRVDh2lrU2B8SNvGjpL2T+OpqWlAGBEa DwEzZuJWnp+20Le3T3BEhyrAHIkeIWPNTfZMahJSU9rpfRwzG+wtOTQtnhtkAsiV qQyUs29WpmSSaY47EmxqjiuP3+LYnxHyX383HaGJhhygJX0MAm7DFcEEd0A9VVjw HAJSR/V6ndD/SfZKsZ3FAQ9HA8vPQMLyLwTYI8hqVb2qIUuyQkgBnQZTMkxarRRX TezgxwuQB+6IJUR0xdFswSBwQ3XIHy6hI7xS+YP9g7UOkWKi41YgdcBLdQ== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:09 2024 by rpki-client on console-fra.rpki-client.org