$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/CSaBvGQb1_hE05MX1xgcWBPmIiI.roa File: CSaBvGQb1_hE05MX1xgcWBPmIiI.roa (raw, json) Hash identifier: m38WSCj4tITebeslyaiqZI1AEvpgsNgg10zBRf31qKA= Subject key identifier: 09:26:81:BC:64:1B:D7:F8:44:D3:93:17:D7:18:1C:58:13:E6:22:22 Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB Certificate serial: 1BDF Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/CSaBvGQb1_hE05MX1xgcWBPmIiI.roa Signing time: Wed 13 Mar 2024 01:23:28 +0000 ROA not before: Wed 13 Mar 2024 01:23:28 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139139 IP address blocks: 103.152.186.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 13:24:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7135 (0x1bdf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB Validity Not Before: Mar 13 01:23:28 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=092681BC641BD7F844D39317D7181C5813E62222 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:94:38:0f:a2:ab:8a:b9:f1:8c:36:66:6f:48: 1e:1e:0c:8a:c5:ee:f5:f1:9c:fa:a8:b0:05:89:2e: 5d:9b:ee:0e:03:7e:09:59:6a:3a:96:09:fa:0b:28: 02:47:1d:81:c8:77:b8:cc:a3:0e:2d:a7:85:6b:3a: 10:cd:14:bc:7c:9c:28:7c:1b:6a:1b:38:1f:19:3a: d3:36:4c:ea:99:b1:0f:00:ac:5e:07:d2:16:d6:bf: 52:c3:4f:68:55:ea:79:44:88:f6:d5:f5:80:57:7d: f6:15:56:6d:13:b6:d2:e5:2e:63:e1:36:fc:d8:a2: fb:be:59:4e:1e:63:25:ba:7d:58:8a:c2:1b:f2:fd: f1:aa:f9:bc:80:5d:1a:1d:7c:48:f5:74:52:ab:7e: 20:61:0a:29:b9:1b:7b:f7:bb:f7:b6:0e:8f:de:68: 89:c2:7c:af:1f:1e:76:c8:b9:3c:46:bd:d9:61:cc: 2b:d3:3b:ed:9c:4f:a5:a3:13:f5:2a:73:b7:ac:fb: bd:e2:54:36:58:ef:ca:b8:ce:0f:f8:d7:49:4d:6b: de:0a:28:20:33:96:44:50:28:1e:5f:51:4a:3d:bd: c7:a8:52:a9:e7:e8:ee:b6:3a:fd:85:b4:16:ea:96: 61:c5:35:64:29:c1:61:72:17:ed:38:61:79:dc:07: 24:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:26:81:BC:64:1B:D7:F8:44:D3:93:17:D7:18:1C:58:13:E6:22:22 X509v3 Authority Key Identifier: keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/CSaBvGQb1_hE05MX1xgcWBPmIiI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.152.186.0/23 Signature Algorithm: sha256WithRSAEncryption 32:1f:e1:66:e3:02:9f:74:2d:c0:91:b1:73:79:9c:28:1f:90: 7b:d0:9b:b6:dd:4d:04:ad:85:b0:b0:e0:a4:bf:a3:93:70:3f: 2a:50:ee:06:76:94:ec:a0:fe:8d:5f:97:9b:fc:82:f3:60:d0: fd:86:23:a4:d7:2f:7f:65:78:ff:07:31:1e:87:fc:cc:94:cd: 5a:00:0b:06:07:93:50:91:da:27:a4:9b:f0:f5:04:ca:0c:e5: 5b:10:46:ad:34:84:cf:88:aa:19:06:17:d6:59:d5:a6:1b:fb: ce:17:27:5b:4c:28:54:06:c0:7b:54:cc:d4:9e:4b:00:9e:3f: 06:ba:43:61:c1:73:27:1a:af:7b:ca:73:da:d9:8a:3a:8a:69: 0d:27:c1:1d:aa:de:bc:8e:63:1c:be:47:7c:40:37:9c:32:83: 9f:07:36:1b:e4:ec:61:fe:85:1d:35:76:45:24:ca:3f:2a:46: e9:21:7c:7c:74:45:16:80:e2:d1:eb:70:81:25:01:27:33:29: 57:6a:99:14:13:c2:da:99:06:9e:19:f0:86:1d:aa:b6:28:59: e2:cb:df:8c:84:49:8f:39:6b:92:f4:fe:17:b5:6c:0d:fc:e7: e8:55:e8:80:3b:df:38:28:ea:b8:b8:52:56:f8:25:e8:12:95: 4c:0f:21:1a -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICG98wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNDAzMTMw MTIzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA5MjY4MUJDNjQxQkQ3 Rjg0NEQzOTMxN0Q3MTgxQzU4MTNFNjIyMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzlDgPoquKufGMNmZvSB4eDIrF7vXxnPqosAWJLl2b7g4DfglZ ajqWCfoLKAJHHYHId7jMow4tp4VrOhDNFLx8nCh8G2obOB8ZOtM2TOqZsQ8ArF4H 0hbWv1LDT2hV6nlEiPbV9YBXffYVVm0TttLlLmPhNvzYovu+WU4eYyW6fViKwhvy /fGq+byAXRodfEj1dFKrfiBhCim5G3v3u/e2Do/eaInCfK8fHnbIuTxGvdlhzCvT O+2cT6WjE/Uqc7es+73iVDZY78q4zg/410lNa94KKCAzlkRQKB5fUUo9vceoUqnn 6O62Ov2FtBbqlmHFNWQpwWFyF+04YXncByQ7AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUCSaBvGQb1/hE05MX1xgcWBPmIiIwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4 OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvQ1NhQnZHUWIxX2hF MDVNWDF4Z2NXQlBtSWlJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWeYujANBgkqhkiG9w0BAQsFAAOCAQEAMh/hZuMCn3QtwJGxc3mcKB+Qe9Cb tt1NBK2FsLDgpL+jk3A/KlDuBnaU7KD+jV+Xm/yC82DQ/YYjpNcvf2V4/wcxHof8 zJTNWgALBgeTUJHaJ6Sb8PUEygzlWxBGrTSEz4iqGQYX1lnVphv7zhcnW0woVAbA e1TM1J5LAJ4/BrpDYcFzJxqve8pz2tmKOoppDSfBHarevI5jHL5HfEA3nDKDnwc2 G+TsYf6FHTV2RSTKPypG6SF8fHRFFoDi0etwgSUBJzMpV2qZFBPC2pkGnhnwhh2q tihZ4svfjIRJjzlrkvT+F7VsDfzn6FXogDvfOCjquLhSVvgl6BKVTA8hGg== -----END CERTIFICATE-----Generated at Tue Nov 26 11:14:31 2024 by rpki-client on console-fra.rpki-client.org