$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/prHaGZM4cEEL2AtUdtwHNapGFOY.roa File: prHaGZM4cEEL2AtUdtwHNapGFOY.roa (raw, json) Hash identifier: M5x7ITCKw2tVAvU4twoiSy0ZRwyiqfuuzydQ47IJNIs= Subject key identifier: A6:B1:DA:19:93:38:70:41:0B:D8:0B:54:76:DC:07:35:AA:46:14:E6 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1AA8 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/prHaGZM4cEEL2AtUdtwHNapGFOY.roa Signing time: Tue 24 Sep 2024 00:21:46 +0000 ROA not before: Tue 24 Sep 2024 00:21:46 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 138421 IP address blocks: 118.145.32.0/19 maxlen: 24 180.184.144.0/21 maxlen: 24 180.184.152.0/22 maxlen: 24 180.184.184.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:25:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6824 (0x1aa8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 24 00:21:46 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=A6B1DA19933870410BD80B5476DC0735AA4614E6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:fc:5d:98:65:7f:cd:5a:2b:d9:5b:e2:d5:20: 56:2a:86:a2:d2:ba:62:c5:ea:33:80:98:06:3f:44: a6:52:43:a6:4a:4c:b8:19:72:45:05:d1:9c:cd:44: 06:91:46:28:db:9b:1e:91:8c:fa:42:68:77:a2:e9: ab:17:b1:67:5e:27:8b:81:ba:9b:df:41:fa:eb:57: 4e:30:3d:59:48:f9:a3:ac:14:6c:1c:7e:9c:00:16: 3d:2d:31:6b:e3:b9:2e:cf:6e:b9:6b:b4:33:a1:bc: 37:66:39:00:58:27:19:85:ce:53:a2:9d:10:2d:35: 7f:c2:8f:90:5a:08:1c:cf:e7:04:59:80:63:c8:90: 5f:41:66:c8:62:f2:0f:10:af:05:5c:6b:0a:2b:91: 88:43:39:00:14:82:ba:82:cc:f4:8c:3b:88:79:73: 3c:ed:3e:24:6a:c1:f2:27:34:39:ec:db:17:ea:6a: 94:0a:a4:c4:6d:78:6d:c7:97:08:39:04:5d:9e:75: ce:51:f0:b2:76:90:4f:8b:07:dc:08:6c:d5:2a:2e: 1a:1d:8e:d4:5a:a8:56:ec:48:63:8c:8a:9f:bf:9d: ff:34:57:b0:47:66:61:9d:98:2b:e8:a8:ee:23:a2: 0b:fd:68:f3:08:23:36:7b:55:98:37:b3:9c:2c:77: 1c:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:B1:DA:19:93:38:70:41:0B:D8:0B:54:76:DC:07:35:AA:46:14:E6 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/prHaGZM4cEEL2AtUdtwHNapGFOY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.145.32.0/19 180.184.144.0-180.184.155.255 180.184.184.0/22 Signature Algorithm: sha256WithRSAEncryption 9a:f7:10:a3:2d:92:af:47:35:89:8e:78:5d:41:93:43:12:4f: 2f:eb:f3:d8:25:d9:da:bc:30:dd:2a:14:2f:b5:8f:7c:42:0d: f2:c2:6b:56:69:bc:c4:49:d8:e8:aa:d8:62:66:6d:1d:bc:f3: f0:96:24:73:96:e8:ea:30:0b:75:a7:0e:be:4a:4f:68:c0:da: a7:c1:8c:a4:b0:37:28:15:70:99:96:4a:bb:34:13:19:e1:e1: 59:57:50:f5:ba:46:f4:99:d6:7e:53:42:72:a7:ba:50:cb:f5: d9:9f:67:9a:37:60:d4:a8:85:92:14:01:46:df:86:4e:29:f4: 85:c4:4e:de:6d:52:85:5e:99:7c:b8:97:35:92:ec:8f:f9:6e: 73:db:04:d4:e1:96:be:96:64:8e:1e:ce:71:90:7a:39:9b:18: 41:f0:46:48:a6:b6:1d:54:fd:5f:7f:fe:58:50:a8:bb:ee:f7: 7f:58:8d:49:26:be:00:ae:79:c9:22:88:d4:7c:24:75:58:9e: d5:fb:aa:1b:e9:fc:b1:d6:d3:4e:40:25:ee:84:e6:4f:5d:6a: 9d:8a:94:de:78:2f:ba:54:bc:c9:af:3a:02:af:0c:dc:4d:37: 2b:89:07:f8:e3:20:98:6c:45:9a:8c:d8:a9:77:bc:35:73:41: 17:db:46:6e -----BEGIN CERTIFICATE----- MIIE6zCCA9OgAwIBAgICGqgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNDA5MjQw MDIxNDZaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKEE2QjFEQTE5OTMzODcw NDEwQkQ4MEI1NDc2REMwNzM1QUE0NjE0RTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDN/F2YZX/NWivZW+LVIFYqhqLSumLF6jOAmAY/RKZSQ6ZKTLgZ ckUF0ZzNRAaRRijbmx6RjPpCaHei6asXsWdeJ4uBupvfQfrrV04wPVlI+aOsFGwc fpwAFj0tMWvjuS7PbrlrtDOhvDdmOQBYJxmFzlOinRAtNX/Cj5BaCBzP5wRZgGPI kF9BZshi8g8QrwVcaworkYhDOQAUgrqCzPSMO4h5czztPiRqwfInNDns2xfqapQK pMRteG3Hlwg5BF2edc5R8LJ2kE+LB9wIbNUqLhodjtRaqFbsSGOMip+/nf80V7BH ZmGdmCvoqO4jogv9aPMIIzZ7VZg3s5wsdxw/AgMBAAGjggIHMIICAzAdBgNVHQ4E FgQUprHaGZM4cEEL2AtUdtwHNapGFOYwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvcHJIYUdaTTRjRUVM MkF0VWR0d0hOYXBHRk9ZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAEw GgMEBXaRIDAMAwQEtLiQAwQCtLiYAwQCtLi4MA0GCSqGSIb3DQEBCwUAA4IBAQCa 9xCjLZKvRzWJjnhdQZNDEk8v6/PYJdnavDDdKhQvtY98Qg3ywmtWabzESdjoqthi Zm0dvPPwliRzlujqMAt1pw6+Sk9owNqnwYyksDcoFXCZlkq7NBMZ4eFZV1D1ukb0 mdZ+U0Jyp7pQy/XZn2eaN2DUqIWSFAFG34ZOKfSFxE7ebVKFXpl8uJc1kuyP+W5z 2wTU4Za+lmSOHs5xkHo5mxhB8EZIprYdVP1ff/5YUKi77vd/WI1JJr4ArnnJIojU fCR1WJ7V+6ob6fyx1tNOQCXuhOZPXWqdipTeeC+6VLzJrzoCrwzcTTcriQf44yCY bEWajNipd7w1c0EX20Zu -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:40 2024 by rpki-client on console-ams.rpki-client.org