$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/6GsQEcfPQca6o2bycCZnXCjWJPQ.roa File: 6GsQEcfPQca6o2bycCZnXCjWJPQ.roa (raw, json) Hash identifier: lft7LvfmfX1yjk7ISg3vdIULegxCHrqc4zYSF/L3YeQ= Subject key identifier: E8:6B:10:11:C7:CF:41:C6:BA:A3:66:F2:70:26:67:5C:28:D6:24:F4 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1995 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/6GsQEcfPQca6o2bycCZnXCjWJPQ.roa Signing time: Tue 30 Jul 2024 17:10:02 +0000 ROA not before: Tue 30 Jul 2024 17:10:02 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 137718 IP address blocks: 14.103.0.0/16 maxlen: 24 103.159.142.0/23 maxlen: 24 115.190.0.0/15 maxlen: 24 118.145.32.0/19 maxlen: 24 118.145.128.0/17 maxlen: 24 118.196.0.0/15 maxlen: 24 180.184.0.0/16 maxlen: 24 180.184.24.0/21 maxlen: 24 180.184.56.0/21 maxlen: 24 180.184.144.0/21 maxlen: 24 180.184.152.0/22 maxlen: 24 180.184.184.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:25:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6549 (0x1995) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jul 30 17:10:02 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=E86B1011C7CF41C6BAA366F27026675C28D624F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:94:20:1b:f6:46:5d:c8:68:49:77:61:35:1d: 3e:f8:a9:0c:bf:bf:be:b5:da:12:9b:d6:33:44:65: a0:0d:e3:70:9b:07:35:fd:f6:ed:e0:f8:04:ae:63: e8:5f:a0:85:fa:f3:56:14:98:5c:2b:37:bf:e0:26: 25:c2:26:dc:05:d3:66:51:30:59:11:72:59:17:09: 45:ca:b0:4c:4d:64:8e:b0:92:fd:c7:ad:53:47:55: 15:39:18:8e:7d:72:1d:d1:9d:03:56:e1:32:21:be: 1e:1d:ff:51:65:eb:16:3c:1f:e5:69:64:14:ec:5e: a9:cb:ce:cc:88:77:26:2d:62:08:9a:2b:5f:53:6f: 12:78:d4:fc:9b:f8:ec:c4:4a:fc:f8:96:cd:9a:7f: 7c:bc:8a:66:d7:ad:d3:04:a0:38:bb:70:af:71:3c: bb:dd:38:0d:75:f9:57:40:59:43:2f:6d:1b:92:2a: c8:e3:6d:ee:0c:05:4e:eb:fd:a0:97:80:e3:5b:49: a7:b0:f4:7b:ef:cd:e0:b0:b1:f9:89:d1:b1:a1:2d: 6a:dc:23:3b:9d:88:06:b0:32:dd:65:81:16:b0:84: 59:b3:fc:25:d0:e3:c4:d4:70:a6:21:74:8d:4d:b9: a8:c8:87:47:74:3f:c1:1e:7e:56:56:a4:80:3e:72: 16:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:6B:10:11:C7:CF:41:C6:BA:A3:66:F2:70:26:67:5C:28:D6:24:F4 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/6GsQEcfPQca6o2bycCZnXCjWJPQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 14.103.0.0/16 103.159.142.0/23 115.190.0.0/15 118.145.32.0/19 118.145.128.0/17 118.196.0.0/15 180.184.0.0/16 Signature Algorithm: sha256WithRSAEncryption 1f:eb:f1:01:96:5a:f9:1c:15:ce:ff:2b:54:06:d9:f0:e9:79: 07:7f:3f:85:9d:7b:9f:b5:96:af:c1:d6:04:ef:52:8a:c3:02: 61:49:17:1b:0d:9b:a6:de:18:10:28:28:45:54:c4:18:e3:27: f9:a7:9a:ae:6c:1e:fd:58:c9:10:1d:c4:07:d2:ea:cd:d0:dd: 8b:5e:4f:2e:b1:fa:7c:cf:88:c7:14:d0:8a:f9:9a:09:56:da: 67:db:b2:33:7c:01:99:03:c6:c8:ce:23:1c:e6:82:cf:26:50: 49:19:39:ee:26:d9:87:50:8a:a3:c3:bc:00:c8:b8:ff:71:26: 06:cd:79:86:9b:d7:77:b8:89:a1:28:13:7c:1c:1a:63:8f:5c: b8:c6:0e:3f:22:f5:eb:a5:3c:f7:a1:71:22:d9:6f:50:97:aa: 73:2b:48:73:67:d7:1c:2c:84:c5:b3:b0:38:7c:03:5e:19:49: da:bb:11:9d:da:a6:67:c3:7d:44:04:09:b8:cc:ee:0a:98:65: 58:59:3d:aa:49:92:c4:8d:fd:fc:22:da:ab:ae:68:e4:00:76: cf:8e:30:68:6b:f1:5e:36:f5:08:f3:ef:f7:66:55:e4:d6:28: 2d:5b:5c:22:2a:86:1c:11:54:a7:dd:5f:75:6e:69:8c:96:a1: 1e:7c:5f:52 -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgICGZUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNDA3MzAx NzEwMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU4NkIxMDExQzdDRjQx QzZCQUEzNjZGMjcwMjY2NzVDMjhENjI0RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDolCAb9kZdyGhJd2E1HT74qQy/v7612hKb1jNEZaAN43CbBzX9 9u3g+ASuY+hfoIX681YUmFwrN7/gJiXCJtwF02ZRMFkRclkXCUXKsExNZI6wkv3H rVNHVRU5GI59ch3RnQNW4TIhvh4d/1Fl6xY8H+VpZBTsXqnLzsyIdyYtYgiaK19T bxJ41Pyb+OzESvz4ls2af3y8imbXrdMEoDi7cK9xPLvdOA11+VdAWUMvbRuSKsjj be4MBU7r/aCXgONbSaew9HvvzeCwsfmJ0bGhLWrcIzudiAawMt1lgRawhFmz/CXQ 48TUcKYhdI1NuajIh0d0P8EeflZWpIA+chb9AgMBAAGjggITMIICDzAdBgNVHQ4E FgQU6GsQEcfPQca6o2bycCZnXCjWJPQwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvNkdzUUVjZlBRY2E2 bzJieWNDWm5YQ2pXSlBRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDA/BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEw JgMDAA5nAwQBZ5+OAwMBc74DBAV2kSADBAd2kYADAwF2xAMDALS4MA0GCSqGSIb3 DQEBCwUAA4IBAQAf6/EBllr5HBXO/ytUBtnw6XkHfz+FnXuftZavwdYE71KKwwJh SRcbDZum3hgQKChFVMQY4yf5p5qubB79WMkQHcQH0urN0N2LXk8usfp8z4jHFNCK +ZoJVtpn27IzfAGZA8bIziMc5oLPJlBJGTnuJtmHUIqjw7wAyLj/cSYGzXmGm9d3 uImhKBN8HBpjj1y4xg4/IvXrpTz3oXEi2W9Ql6pzK0hzZ9ccLITFs7A4fANeGUna uxGd2qZnw31EBAm4zO4KmGVYWT2qSZLEjf38ItqrrmjkAHbPjjBoa/FeNvUI8+/3 ZlXk1igtW1wiKoYcEVSn3V91bmmMlqEefF9S -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:40 2024 by rpki-client on console-ams.rpki-client.org