$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2834/lzoTxw0z_rmsMDvnAjNqZ187BJA.roa File: lzoTxw0z_rmsMDvnAjNqZ187BJA.roa (raw, json) Hash identifier: JzHzWnjIJUFHcwGpxHFRQ1hkHDUq5M6fkQs4v/4tBZA= Subject key identifier: 97:3A:13:C7:0D:33:FE:B9:AC:30:3B:E7:02:33:6A:67:5F:3B:04:90 Certificate issuer: /CN=81B493ACCB42998BFF000B3DE106FB5771A48D5A Certificate serial: 145A Authority key identifier: 81:B4:93:AC:CB:42:99:8B:FF:00:0B:3D:E1:06:FB:57:71:A4:8D:5A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/gbSTrMtCmYv_AAs94Qb7V3GkjVo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2834/lzoTxw0z_rmsMDvnAjNqZ187BJA.roa Signing time: Sat 03 Feb 2024 02:48:59 +0000 ROA not before: Sat 03 Feb 2024 02:48:59 +0000 ROA not after: Fri 07 Jun 2024 02:16:11 +0000 asID: 21859 IP address blocks: 103.125.250.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2834/gbSTrMtCmYv_AAs94Qb7V3GkjVo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2834/gbSTrMtCmYv_AAs94Qb7V3GkjVo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/gbSTrMtCmYv_AAs94Qb7V3GkjVo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 May 2024 18:53:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5210 (0x145a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=81B493ACCB42998BFF000B3DE106FB5771A48D5A Validity Not Before: Feb 3 02:48:59 2024 GMT Not After : Jun 7 02:16:11 2024 GMT Subject: CN=973A13C70D33FEB9AC303BE702336A675F3B0490 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:80:af:b7:74:06:fe:3c:36:69:87:6e:1e:a8: d5:7e:0a:af:53:c9:91:2b:f6:2e:14:b5:6c:0b:e6: bd:ef:73:99:df:31:c1:6e:57:04:ac:dd:ee:bf:37: f7:e7:5b:07:a5:74:ce:45:07:b4:a7:ca:aa:50:f2: c1:9b:e4:f5:93:46:fc:b0:a2:04:19:a0:75:a6:2e: 9d:96:fd:e6:fe:0b:cb:12:fe:d7:b3:02:51:ec:7c: 87:c3:83:cc:52:bd:16:77:cd:39:6c:ae:8d:65:4e: 52:34:7a:f4:e6:84:11:0a:2b:78:88:1c:ed:75:8d: 99:e6:50:20:ec:a6:6e:b3:29:04:e9:3c:48:8c:b7: 92:c7:f8:8d:59:4a:53:81:c7:fc:1f:f1:b1:bd:70: 3e:4c:28:73:e7:53:1f:d4:69:71:aa:34:4a:f2:86: 73:af:17:f5:ab:11:b0:94:80:e6:fd:70:cd:13:d1: 59:61:a2:23:54:0f:1a:fd:fd:20:f7:ac:26:48:69: 9c:93:3c:38:8a:31:bc:c9:1a:3a:b9:70:96:b2:b3: da:ec:0c:c2:bb:a7:b7:de:e9:73:45:29:e9:5f:82: 99:1f:76:0d:3e:af:f8:76:83:bc:c7:f2:d6:ce:3b: 08:a9:ed:82:ee:90:d3:c7:b3:9a:7d:79:fa:5a:f7: c7:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:3A:13:C7:0D:33:FE:B9:AC:30:3B:E7:02:33:6A:67:5F:3B:04:90 X509v3 Authority Key Identifier: keyid:81:B4:93:AC:CB:42:99:8B:FF:00:0B:3D:E1:06:FB:57:71:A4:8D:5A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2834/gbSTrMtCmYv_AAs94Qb7V3GkjVo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/gbSTrMtCmYv_AAs94Qb7V3GkjVo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2834/lzoTxw0z_rmsMDvnAjNqZ187BJA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.125.250.0/24 Signature Algorithm: sha256WithRSAEncryption c7:48:5e:c4:60:ec:3a:9f:7a:df:c5:a6:51:8e:21:28:ce:c1: f5:84:5e:bb:22:05:4a:04:ba:5a:ad:43:80:7b:ee:08:37:51: 90:bf:d8:4e:17:04:03:07:97:26:da:00:35:59:54:24:bc:01: 99:b5:cc:5d:4b:47:65:82:97:1c:6d:53:bd:6c:ac:ef:88:c1: 23:d5:57:d7:07:41:d7:05:c8:da:96:c4:0b:5b:88:03:80:8b: ee:73:65:ed:b8:32:13:70:d8:6d:6c:0f:3e:7c:5e:f9:42:2f: bd:da:69:51:a7:1d:d2:30:65:dc:75:0c:f2:97:5d:28:ab:4c: b0:74:b5:e4:d7:6f:7b:7c:31:e2:0f:77:6d:ae:7e:db:66:e0: c1:98:b7:da:e4:e6:d4:04:68:b8:78:46:98:f7:46:d3:6e:49: ee:39:4b:fd:db:58:14:9c:4c:d9:02:8a:de:9a:e2:e4:e6:20: 6d:4f:9f:a1:5e:2e:20:d0:70:17:f1:72:19:4b:3f:db:4b:f3: 44:13:79:d1:56:5c:bb:fa:3c:f4:92:7a:6d:bc:d3:90:ca:78: b6:10:1e:af:a1:a9:18:91:20:4a:55:79:c0:b7:fd:f2:e1:9a: ce:0d:d6:8d:89:60:65:06:61:7c:61:54:75:a2:78:88:84:b4: f7:8f:8c:9f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFFowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODFC NDkzQUNDQjQyOTk4QkZGMDAwQjNERTEwNkZCNTc3MUE0OEQ1QTAeFw0yNDAyMDMw MjQ4NTlaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDk3M0ExM0M3MEQzM0ZF QjlBQzMwM0JFNzAyMzM2QTY3NUYzQjA0OTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOgK+3dAb+PDZph24eqNV+Cq9TyZEr9i4UtWwL5r3vc5nfMcFu VwSs3e6/N/fnWweldM5FB7SnyqpQ8sGb5PWTRvywogQZoHWmLp2W/eb+C8sS/tez AlHsfIfDg8xSvRZ3zTlsro1lTlI0evTmhBEKK3iIHO11jZnmUCDspm6zKQTpPEiM t5LH+I1ZSlOBx/wf8bG9cD5MKHPnUx/UaXGqNEryhnOvF/WrEbCUgOb9cM0T0Vlh oiNUDxr9/SD3rCZIaZyTPDiKMbzJGjq5cJays9rsDMK7p7fe6XNFKelfgpkfdg0+ r/h2g7zH8tbOOwip7YLukNPHs5p9efpa98f9AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUlzoTxw0z/rmsMDvnAjNqZ187BJAwHwYDVR0jBBgwFoAUgbSTrMtCmYv/AAs9 4Qb7V3GkjVowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgz NC9nYlNUck10Q21Zdl9BQXM5NFFiN1YzR2tqVm8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2diU1RyTXRDbVl2X0FBczk0UWI3VjNHa2pWby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MzQvbHpvVHh3MHpfcm1z TUR2bkFqTnFaMTg3QkpBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGd9+jANBgkqhkiG9w0BAQsFAAOCAQEAx0hexGDsOp9638WmUY4hKM7B9YRe uyIFSgS6Wq1DgHvuCDdRkL/YThcEAweXJtoANVlUJLwBmbXMXUtHZYKXHG1TvWys 74jBI9VX1wdB1wXI2pbEC1uIA4CL7nNl7bgyE3DYbWwPPnxe+UIvvdppUacd0jBl 3HUM8pddKKtMsHS15Ndve3wx4g93ba5+22bgwZi32uTm1ARouHhGmPdG025J7jlL /dtYFJxM2QKK3pri5OYgbU+foV4uINBwF/FyGUs/20vzRBN50VZcu/o89JJ6bbzT kMp4thAer6GpGJEgSlV5wLf98uGazg3WjYlgZQZhfGFUdaJ4iIS094+Mnw== -----END CERTIFICATE-----Generated at Thu May 2 15:00:13 2024 by rpki-client on console-fra.rpki-client.org