$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/FL0Fc8WMCnIl2VEVwLfu7klMaks.roa File: FL0Fc8WMCnIl2VEVwLfu7klMaks.roa (raw, json) Hash identifier: 5NBNlM4++EiTm6Rqo5NxfKdrnavMG1y0nYJQOJgnp6Q= Subject key identifier: 14:BD:05:73:C5:8C:0A:72:25:D9:51:15:C0:B7:EE:EE:49:4C:6A:4B Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 0F2A Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/FL0Fc8WMCnIl2VEVwLfu7klMaks.roa Signing time: Mon 25 Mar 2024 07:45:20 +0000 ROA not before: Mon 25 Mar 2024 07:45:20 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 140362 IP address blocks: 180.223.0.0/21 maxlen: 24 180.223.8.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 17 May 2024 14:55:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3882 (0xf2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Mar 25 07:45:20 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=14BD0573C58C0A7225D95115C0B7EEEE494C6A4B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:22:ef:7e:f6:99:25:2a:ce:69:b1:86:d1:84: 73:6d:18:99:51:6d:c0:31:f0:f8:6b:7e:92:f6:67: 9f:1a:2a:4d:65:66:bb:e6:bb:ff:95:cb:b0:45:de: 33:1f:fa:6e:e1:d3:35:42:68:36:c1:f8:70:fa:44: 6e:71:64:07:4a:55:e5:51:b0:84:ba:a1:8a:e5:1d: 1b:d6:93:fc:f1:11:ca:6f:6d:2f:d6:a9:f1:bc:b4: 9f:6b:05:52:f8:57:1f:b0:0d:22:7e:d3:65:3a:80: 77:1a:70:4b:dc:88:60:1e:c2:8f:4c:9b:92:d9:46: a1:56:f0:e9:ea:ae:74:9c:a5:0d:72:a1:db:58:12: 7f:b3:94:84:57:56:f6:a5:73:10:35:e9:84:62:70: c4:56:a8:56:1e:b2:80:dd:8c:87:ba:cd:55:b7:7d: e9:5d:8e:94:22:62:6b:30:e8:b9:26:bc:07:c0:ba: 00:52:1b:72:d9:eb:4e:ef:ac:df:0b:38:43:8e:21: 3d:2f:1f:ad:34:35:e5:3f:c4:87:02:65:44:57:df: 57:23:67:0a:ab:a3:51:0f:30:c4:46:d8:e2:42:74: 2d:0c:d4:db:cc:67:ab:96:61:dc:cb:c2:39:c7:b6: 06:b8:a7:77:03:a5:3a:fb:92:3a:2e:fb:18:d2:06: 95:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:BD:05:73:C5:8C:0A:72:25:D9:51:15:C0:B7:EE:EE:49:4C:6A:4B X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/FL0Fc8WMCnIl2VEVwLfu7klMaks.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.0.0/20 Signature Algorithm: sha256WithRSAEncryption 4b:50:03:3c:f4:42:57:95:25:40:1f:4f:bc:3a:fc:6f:bf:f3: 91:48:d9:72:9c:74:06:f5:04:b1:64:7f:93:e4:d5:bf:e1:01: 9d:f6:ca:82:93:a5:7d:6e:4e:0e:84:88:c2:bd:c1:e2:66:33: fe:b4:ac:23:bc:01:c6:11:14:1e:7e:88:5a:de:79:cb:16:0f: 61:80:6e:25:e1:2f:63:1a:f4:25:48:4d:f5:93:c4:fc:0e:a8: 73:92:0d:32:8c:dc:f6:54:14:d1:0b:7d:33:bc:78:95:67:72: c6:1f:5c:4b:85:0a:bc:69:01:cf:b9:d4:0f:ab:fd:87:a5:3f: e2:6c:da:79:57:18:1a:08:42:f7:b7:76:0a:1e:57:7a:f1:75: 7b:bd:da:9c:cb:99:ca:4c:f5:c8:a1:b9:e9:2e:f3:f3:35:45: 5b:8f:f9:13:65:c1:bd:49:6b:be:a7:17:6f:5a:61:90:de:1e: 94:9e:9d:7f:1b:43:fc:b3:07:5a:c0:3e:7d:bd:f4:1f:be:a1: 72:bd:83:92:d0:c9:f7:d5:66:a4:49:10:30:5e:39:07:11:4f: 75:0c:e4:5e:c9:2b:d4:a4:8b:71:52:b9:71:10:10:0a:0f:dc: f5:b2:b6:e7:76:2a:60:9f:bd:10:1f:3f:e9:8b:32:34:26:c8: 46:3d:3e:b3 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDyowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDAzMjUw NzQ1MjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE0QkQwNTczQzU4QzBB NzIyNUQ5NTExNUMwQjdFRUVFNDk0QzZBNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/Iu9+9pklKs5psYbRhHNtGJlRbcAx8PhrfpL2Z58aKk1lZrvm u/+Vy7BF3jMf+m7h0zVCaDbB+HD6RG5xZAdKVeVRsIS6oYrlHRvWk/zxEcpvbS/W qfG8tJ9rBVL4Vx+wDSJ+02U6gHcacEvciGAewo9Mm5LZRqFW8OnqrnScpQ1yodtY En+zlIRXVvalcxA16YRicMRWqFYesoDdjIe6zVW3feldjpQiYmsw6LkmvAfAugBS G3LZ607vrN8LOEOOIT0vH600NeU/xIcCZURX31cjZwqro1EPMMRG2OJCdC0M1NvM Z6uWYdzLwjnHtga4p3cDpTr7kjou+xjSBpUPAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUFL0Fc8WMCnIl2VEVwLfu7klMakswHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvRkwwRmM4V01Dbkls MlZFVndMZnU3a2xNYWtzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBLTfADANBgkqhkiG9w0BAQsFAAOCAQEAS1ADPPRCV5UlQB9PvDr8b7/zkUjZ cpx0BvUEsWR/k+TVv+EBnfbKgpOlfW5ODoSIwr3B4mYz/rSsI7wBxhEUHn6IWt55 yxYPYYBuJeEvYxr0JUhN9ZPE/A6oc5INMozc9lQU0Qt9M7x4lWdyxh9cS4UKvGkB z7nUD6v9h6U/4mzaeVcYGghC97d2Ch5XevF1e73anMuZykz1yKG56S7z8zVFW4/5 E2XBvUlrvqcXb1phkN4elJ6dfxtD/LMHWsA+fb30H76hcr2DktDJ99VmpEkQMF45 BxFPdQzkXskr1KSLcVK5cRAQCg/c9bK253YqYJ+9EB8/6YsyNCbIRj0+sw== -----END CERTIFICATE-----Generated at Fri May 17 11:08:23 2024 by rpki-client on console-ams.rpki-client.org