$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2154/mjlxUf-q70ucdmzB-FFUuOB-n2Y.roa File: mjlxUf-q70ucdmzB-FFUuOB-n2Y.roa (raw, json) Hash identifier: +xVlj7saJfes6vN+AXwbfHbekxwvr9doQiKILLCEgY4= Subject key identifier: 9A:39:71:51:FF:AA:EF:4B:9C:76:6C:C1:F8:51:54:B8:E0:7E:9F:66 Certificate issuer: /CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2 Certificate serial: 0192 Authority key identifier: E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/mjlxUf-q70ucdmzB-FFUuOB-n2Y.roa Signing time: Tue 08 Oct 2024 10:02:33 +0000 ROA not before: Tue 08 Oct 2024 10:02:33 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 63631 IP address blocks: 119.161.136.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 402 (0x192) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2 Validity Not Before: Oct 8 10:02:33 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=9A397151FFAAEF4B9C766CC1F85154B8E07E9F66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:9f:ca:f0:ee:f4:fd:5e:8a:03:a0:f9:07:54: 59:82:40:5b:ab:03:b8:6b:28:41:05:ee:a7:dc:6a: 8f:70:51:fc:07:54:dd:c5:1e:71:36:e5:3b:50:2e: b1:d4:39:98:21:5a:a4:bc:94:6c:12:5b:1b:66:d8: df:e6:02:07:81:31:cc:eb:b3:29:99:1b:b9:e3:ec: 8c:13:33:c5:94:f1:9e:69:21:73:cf:5a:7e:ee:4a: bc:0e:a8:ed:5c:57:72:cd:60:a9:ca:ed:c1:c6:90: 30:33:2f:7f:45:03:3e:bf:c7:4f:94:f3:0f:2c:fc: 24:0e:49:f1:3a:ab:41:bf:1a:e7:a1:cf:81:06:80: c2:a9:96:41:2b:2f:51:f3:a4:6a:8b:64:e5:dd:20: 76:99:61:22:91:f0:78:fa:d4:f5:ac:9d:e6:ac:84: c0:7b:c0:f7:f1:9e:77:fc:28:6c:06:01:57:7c:2c: 37:23:12:92:9a:cc:75:70:b5:7e:f7:55:cd:46:55: e4:29:50:06:b7:81:8c:2f:74:14:48:aa:7d:31:78: 21:d8:83:ee:88:8d:b9:ed:74:88:86:16:8f:89:af: 87:4e:6a:6d:90:f0:23:ca:45:0d:50:94:cd:c5:94: b4:d7:36:1d:99:62:6d:d6:98:a0:99:8e:41:97:d1: 3c:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:39:71:51:FF:AA:EF:4B:9C:76:6C:C1:F8:51:54:B8:E0:7E:9F:66 X509v3 Authority Key Identifier: keyid:E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/mjlxUf-q70ucdmzB-FFUuOB-n2Y.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.161.136.0/21 Signature Algorithm: sha256WithRSAEncryption a6:52:b3:f8:4a:97:8d:65:f8:75:e6:cf:c4:b7:fe:04:62:f0: a4:21:f3:ce:d5:20:68:29:70:b1:ba:18:32:b0:bf:26:87:a8: 77:ca:2b:57:c7:81:42:d3:e7:f0:0b:42:35:2b:01:13:3c:30: c2:04:ab:b6:f4:d7:52:cf:af:7f:9e:ac:a7:2e:da:4f:3b:44: 10:b3:ba:8e:e6:af:41:16:cb:0f:a4:fb:98:9c:f0:cf:45:f4: bb:7e:93:a9:c6:e4:b7:6f:2e:50:c3:97:c1:ca:7f:3b:ca:90: 24:9e:94:0e:9f:31:f6:c2:c8:af:70:09:8e:77:9e:96:64:c0: e4:b6:1a:8b:30:b9:f5:9f:82:e1:fe:55:26:5e:7e:75:b0:fd: 0c:0f:17:39:1d:cc:0e:e9:ea:51:8a:96:dd:cd:d1:e1:43:a8: 02:62:9e:fb:35:2a:36:6f:7e:bf:fd:6d:72:1e:8b:10:f6:34: ee:4e:5b:41:40:38:d0:8d:e1:a0:c7:4b:00:d4:21:0b:b6:f2: a2:d2:5d:75:1f:bd:b4:91:df:e3:e5:07:b3:62:30:ea:38:a9: bc:66:f0:8b:1e:ad:4b:23:00:c3:55:bb:50:6b:eb:93:11:af: ac:88:77:d3:e0:a9:9b:38:5f:2e:af:48:3d:e1:4b:d5:6e:3c: 9f:ac:27:00 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAZIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTUw MkRFMkM2MDg2QTY2Mjg0QjgwQ0RCN0I1QUMwQzEyQ0MzRjNDMjAeFw0yNDEwMDgx MDAyMzNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDlBMzk3MTUxRkZBQUVG NEI5Qzc2NkNDMUY4NTE1NEI4RTA3RTlGNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2n8rw7vT9XooDoPkHVFmCQFurA7hrKEEF7qfcao9wUfwHVN3F HnE25TtQLrHUOZghWqS8lGwSWxtm2N/mAgeBMczrsymZG7nj7IwTM8WU8Z5pIXPP Wn7uSrwOqO1cV3LNYKnK7cHGkDAzL39FAz6/x0+U8w8s/CQOSfE6q0G/Guehz4EG gMKplkErL1HzpGqLZOXdIHaZYSKR8Hj61PWsneashMB7wPfxnnf8KGwGAVd8LDcj EpKazHVwtX73Vc1GVeQpUAa3gYwvdBRIqn0xeCHYg+6IjbntdIiGFo+Jr4dOam2Q 8CPKRQ1QlM3FlLTXNh2ZYm3WmKCZjkGX0TyfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUmjlxUf+q70ucdmzB+FFUuOB+n2YwHwYDVR0jBBgwFoAU5QLeLGCGpmKEuAzb e1rAwSzD88IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjE1 NC81UUxlTEdDR3BtS0V1QXpiZTFyQXdTekQ4OEkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzVRTGVMR0NHcG1LRXVBemJlMXJBd1N6RDg4SS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxNTQvbWpseFVmLXE3MHVj ZG16Qi1GRlV1T0ItbjJZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA3ehiDANBgkqhkiG9w0BAQsFAAOCAQEAplKz+EqXjWX4debPxLf+BGLwpCHz ztUgaClwsboYMrC/Joeod8orV8eBQtPn8AtCNSsBEzwwwgSrtvTXUs+vf56spy7a TztEELO6juavQRbLD6T7mJzwz0X0u36Tqcbkt28uUMOXwcp/O8qQJJ6UDp8x9sLI r3AJjneelmTA5LYaizC59Z+C4f5VJl5+dbD9DA8XOR3MDunqUYqW3c3R4UOoAmKe +zUqNm9+v/1tch6LEPY07k5bQUA40I3hoMdLANQhC7byotJddR+9tJHf4+UHs2Iw 6jipvGbwix6tSyMAw1W7UGvrkxGvrIh30+CpmzhfLq9IPeFL1W48n6wnAA== -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:42 2024 by rpki-client on console-ams.rpki-client.org