$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/242/nmxSYPawNMWIXM-zbMaBhDP0tps.roa File: nmxSYPawNMWIXM-zbMaBhDP0tps.roa (raw, json) Hash identifier: mOJBxnJCnrJ/1VdhH4HV+KA3jfpIhL9cRnI4Q7MhOuU= Subject key identifier: 9E:6C:52:60:F6:B0:34:C5:88:5C:CF:B3:6C:C6:81:84:33:F4:B6:9B Certificate issuer: /CN=0A6F972D24078F89088ED110A26DCDF90A9EBCEA Certificate serial: 0CCB Authority key identifier: 0A:6F:97:2D:24:07:8F:89:08:8E:D1:10:A2:6D:CD:F9:0A:9E:BC:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Cm-XLSQHj4kIjtEQom3N-QqevOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/nmxSYPawNMWIXM-zbMaBhDP0tps.roa Signing time: Fri 22 Mar 2024 03:04:01 +0000 ROA not before: Fri 22 Mar 2024 03:04:01 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 45102 IP address blocks: 59.82.136.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/Cm-XLSQHj4kIjtEQom3N-QqevOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/Cm-XLSQHj4kIjtEQom3N-QqevOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Cm-XLSQHj4kIjtEQom3N-QqevOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 01:25:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3275 (0xccb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0A6F972D24078F89088ED110A26DCDF90A9EBCEA Validity Not Before: Mar 22 03:04:01 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=9E6C5260F6B034C5885CCFB36CC6818433F4B69B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:f1:21:13:e1:8e:b3:c4:05:82:a8:fd:95:59: 9b:87:d3:26:5a:e0:47:5e:d5:96:11:36:7e:fb:5b: ed:df:20:bd:fd:37:71:98:b7:be:6a:70:11:0d:35: 6c:01:cc:b8:2c:ec:fe:4d:7a:53:2a:96:69:a7:17: 26:77:1b:aa:da:c8:d7:34:f0:9d:89:b6:f4:3b:9b: 19:44:ba:68:5b:13:66:97:0c:d4:67:4f:b0:af:23: c7:43:54:42:38:51:9f:0b:5e:b8:f1:c2:78:e4:8c: 0f:a9:79:6b:54:89:4d:27:36:2d:24:55:4d:a2:3e: 0d:83:20:d4:7d:4f:94:55:1d:40:b7:93:b9:43:35: ce:8e:f4:13:7f:84:62:97:04:0f:b2:d9:49:a0:41: 8b:1a:0c:6b:85:a5:b8:2d:f3:73:dc:29:94:61:9f: bd:85:8b:bb:85:2b:f0:21:eb:db:c8:49:3a:d1:3f: 18:4a:c0:99:37:68:63:6e:4f:53:aa:70:05:29:79: e8:22:13:0e:1d:12:dd:92:57:62:9a:6c:6e:8d:41: 7f:83:eb:a1:7e:88:31:f2:6d:0e:09:2e:37:99:31: 26:62:69:ba:46:13:18:fe:66:6d:14:ea:63:8d:18: 9a:48:dc:87:46:03:05:f6:17:a4:cc:ad:16:52:bf: a7:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:6C:52:60:F6:B0:34:C5:88:5C:CF:B3:6C:C6:81:84:33:F4:B6:9B X509v3 Authority Key Identifier: keyid:0A:6F:97:2D:24:07:8F:89:08:8E:D1:10:A2:6D:CD:F9:0A:9E:BC:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/Cm-XLSQHj4kIjtEQom3N-QqevOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Cm-XLSQHj4kIjtEQom3N-QqevOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/nmxSYPawNMWIXM-zbMaBhDP0tps.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 59.82.136.0/21 Signature Algorithm: sha256WithRSAEncryption 6f:a9:58:bc:c7:8a:64:6c:4d:53:b4:6c:d3:45:e8:8b:e0:64: a8:43:6a:b2:63:58:1c:9f:4c:d7:b1:6d:70:a5:e8:99:f6:72: 66:9d:41:b8:0f:99:ff:e5:b0:c1:ae:1a:1b:08:35:b2:ba:23: b1:a2:14:3f:c8:de:46:62:79:a7:6a:7a:64:5a:bb:45:f7:aa: b6:6c:a9:72:6a:6a:4d:31:6f:c2:a8:a0:57:54:4f:38:42:81: 91:2c:c9:4f:17:85:0b:35:f8:b8:ac:23:13:24:72:0e:a4:3e: 7a:05:7b:3a:8e:a0:58:2f:66:79:23:cf:7d:c0:e6:47:40:60: 52:4d:71:4e:77:aa:a8:e9:ac:93:b5:32:ae:f6:60:45:d6:2e: dd:0a:eb:7e:d0:6f:88:49:45:9d:6d:02:d2:c1:d1:dd:55:be: 25:22:60:7b:e0:e0:2b:fb:4b:9c:86:96:28:c9:3c:fc:13:d0: 74:85:0e:fc:f6:db:b6:df:ef:ef:c9:44:f0:e2:a4:3a:24:f6: f0:e8:1a:08:a0:9c:bc:72:04:a0:89:77:08:88:8d:89:35:61: 1d:5e:e9:67:81:6d:34:8c:ac:6f:ba:f8:ee:36:da:ee:ec:b4: 69:0b:47:a0:4a:7e:8c:9f:21:a9:94:f8:8e:53:87:69:f1:46: 2e:6f:0e:7d -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDMswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEE2 Rjk3MkQyNDA3OEY4OTA4OEVEMTEwQTI2RENERjkwQTlFQkNFQTAeFw0yNDAzMjIw MzA0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlFNkM1MjYwRjZCMDM0 QzU4ODVDQ0ZCMzZDQzY4MTg0MzNGNEI2OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDy8SET4Y6zxAWCqP2VWZuH0yZa4Ede1ZYRNn77W+3fIL39N3GY t75qcBENNWwBzLgs7P5NelMqlmmnFyZ3G6rayNc08J2JtvQ7mxlEumhbE2aXDNRn T7CvI8dDVEI4UZ8LXrjxwnjkjA+peWtUiU0nNi0kVU2iPg2DINR9T5RVHUC3k7lD Nc6O9BN/hGKXBA+y2UmgQYsaDGuFpbgt83PcKZRhn72Fi7uFK/Ah69vISTrRPxhK wJk3aGNuT1OqcAUpeegiEw4dEt2SV2KabG6NQX+D66F+iDHybQ4JLjeZMSZiabpG Exj+Zm0U6mONGJpI3IdGAwX2F6TMrRZSv6epAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUnmxSYPawNMWIXM+zbMaBhDP0tpswHwYDVR0jBBgwFoAUCm+XLSQHj4kIjtEQ om3N+QqevOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQy L0NtLVhMU1FIajRrSWp0RVFvbTNOLVFxZXZPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvQ20tWExTUUhqNGtJanRFUW9tM04tUXFldk9vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQyL25teFNZUGF3Tk1XSVhN LXpiTWFCaERQMHRwcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAM7UogwDQYJKoZIhvcNAQELBQADggEBAG+pWLzHimRsTVO0bNNF6IvgZKhDarJj WByfTNexbXCl6Jn2cmadQbgPmf/lsMGuGhsINbK6I7GiFD/I3kZieadqemRau0X3 qrZsqXJqak0xb8KooFdUTzhCgZEsyU8XhQs1+LisIxMkcg6kPnoFezqOoFgvZnkj z33A5kdAYFJNcU53qqjprJO1Mq72YEXWLt0K637Qb4hJRZ1tAtLB0d1VviUiYHvg 4Cv7S5yGlijJPPwT0HSFDvz227bf7+/JRPDipDok9vDoGgignLxyBKCJdwiIjYk1 YR1e6WeBbTSMrG+6+O422u7stGkLR6BKfoyfIamU+I5Th2nxRi5vDn0= -----END CERTIFICATE-----Generated at Sat May 11 21:55:44 2024 by rpki-client on console-fra.rpki-client.org