$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/5iA-h01FgjAaC-DPAOpdAAX_FUQ.roa File: 5iA-h01FgjAaC-DPAOpdAAX_FUQ.roa (raw, json) Hash identifier: 6Xo71nk33XT6X/k3IVsNNARD6WK9MRPdCpAx2+YpPBY= Subject key identifier: E6:20:3E:87:4D:45:82:30:1A:0B:E0:CF:00:EA:5D:00:05:FF:15:44 Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Certificate serial: 04 Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/5iA-h01FgjAaC-DPAOpdAAX_FUQ.roa Signing time: Mon 24 Jun 2024 01:33:10 +0000 ROA not before: Mon 24 Jun 2024 01:33:10 +0000 ROA not after: Tue 24 Jun 2025 01:23:54 +0000 asID: 146762 IP address blocks: 103.2.156.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Validity Not Before: Jun 24 01:33:10 2024 GMT Not After : Jun 24 01:23:54 2025 GMT Subject: CN=E6203E874D4582301A0BE0CF00EA5D0005FF1544 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:54:4b:26:fc:66:41:a5:df:79:a3:97:d2:da: 9e:1d:2b:a8:5e:f9:18:70:cc:1f:a2:0e:6a:ea:31: 75:31:a6:a0:5b:0c:98:06:e7:0a:f8:fe:71:bb:12: 94:cf:48:c2:e9:5b:9a:40:b4:45:c3:20:c4:56:f4: 93:11:78:fb:33:f6:1b:09:1e:86:b8:37:93:11:1a: 4e:d0:c3:8a:93:a9:3c:53:2c:d4:64:2b:15:f0:2c: 28:ba:88:ee:d5:80:0a:0a:97:81:7b:33:79:b7:4e: 3d:d8:ef:54:76:ed:de:44:7c:ab:dc:6c:9c:0b:84: 21:86:4b:3b:b5:46:ba:98:1d:c5:b1:02:cb:eb:e0: c7:f4:4c:24:88:40:88:1f:57:ee:85:03:a6:03:17: 0d:8a:d5:bf:e3:79:ef:ac:ed:5a:75:3e:13:ff:bc: 39:1b:bf:98:fc:89:0a:52:26:f9:9e:a8:34:34:65: 76:78:31:f9:67:7a:c2:5b:35:67:36:25:f2:90:f7: bd:a3:7b:1c:c1:bb:6b:ba:9f:be:7e:f4:43:15:95: 88:78:5c:3f:5c:6c:86:6b:60:83:5d:37:a5:a5:b4: ae:37:b2:3d:2f:4d:57:6f:c3:80:d6:b3:1d:52:b0: 7d:51:1c:f4:57:96:d4:46:87:9b:36:5a:ca:ab:b0: bd:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:20:3E:87:4D:45:82:30:1A:0B:E0:CF:00:EA:5D:00:05:FF:15:44 X509v3 Authority Key Identifier: keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/5iA-h01FgjAaC-DPAOpdAAX_FUQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.2.156.0/22 Signature Algorithm: sha256WithRSAEncryption 95:d9:7b:26:37:f7:8f:bb:d1:31:24:c3:b0:d8:3a:51:5e:de: 00:98:a8:02:0f:95:ba:5f:6c:f7:27:11:4b:88:db:04:45:cd: 28:da:24:57:62:be:34:23:81:80:b8:a2:09:2a:ff:9c:ef:02: da:fe:23:eb:16:1f:3f:de:19:63:2c:91:b1:16:d4:55:c5:67: c8:3d:44:2a:33:27:00:78:45:0a:a3:47:4e:72:64:e7:64:7a: a3:85:43:61:cc:9f:a1:6c:f7:3c:0e:46:6e:62:4c:85:a3:a4: a4:e6:86:3f:19:81:25:bf:e9:0b:c5:f0:6d:d9:0e:be:c6:18: cc:f0:6e:e7:32:11:ac:8b:b6:93:39:e4:f1:d8:00:86:8b:85: 5a:b2:ae:40:09:63:4f:f8:1a:ef:74:b0:34:c7:37:f6:3f:5d: cf:cb:23:44:32:b4:00:d6:01:e0:db:07:15:2b:44:c4:aa:e6: 72:bc:c0:f9:2c:5a:07:e0:94:cd:cf:7d:31:1d:1c:6a:0d:1e: 80:34:48:5a:06:f6:10:23:a7:07:96:c3:0b:39:21:45:c1:01: 1d:91:c6:88:5f:72:28:fc:39:36:4c:e4:a6:75:a6:b0:ca:98: 8a:80:bb:c2:66:f8:65:b4:cf:2e:22:b9:45:82:67:d3:5f:30: ce:12:94:e9 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxQkM2 RDlBOUY0QTIyNkE2MUY1RkExQTkxNjM5NDFENEIzNUJBMzVCMB4XDTI0MDYyNDAx MzMxMFoXDTI1MDYyNDAxMjM1NFowMzExMC8GA1UEAxMoRTYyMDNFODc0RDQ1ODIz MDFBMEJFMENGMDBFQTVEMDAwNUZGMTU0NDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANpUSyb8ZkGl33mjl9Lanh0rqF75GHDMH6IOauoxdTGmoFsMmAbn Cvj+cbsSlM9IwulbmkC0RcMgxFb0kxF4+zP2Gwkehrg3kxEaTtDDipOpPFMs1GQr FfAsKLqI7tWACgqXgXszebdOPdjvVHbt3kR8q9xsnAuEIYZLO7VGupgdxbECy+vg x/RMJIhAiB9X7oUDpgMXDYrVv+N576ztWnU+E/+8ORu/mPyJClIm+Z6oNDRldngx +Wd6wls1ZzYl8pD3vaN7HMG7a7qfvn70QxWViHhcP1xshmtgg103paW0rjeyPS9N V2/DgNazHVKwfVEc9FeW1EaHmzZayquwvZ8CAwEAAaOCAfMwggHvMB0GA1UdDgQW BBTmID6HTUWCMBoL4M8A6l0ABf8VRDAfBgNVHSMEGDAWgBQbxtmp9KImph9foakW OUHUs1ujWzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMTM0 L0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvRzhiWnFmU2lKcVlmWDZHcEZqbEIxTE5ibzFzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEzNC81aUEtaDAxRmdqQWFD LURQQU9wZEFBWF9GVVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZwKcMA0GCSqGSIb3DQEBCwUAA4IBAQCV2XsmN/ePu9ExJMOw2DpRXt4AmKgC D5W6X2z3JxFLiNsERc0o2iRXYr40I4GAuKIJKv+c7wLa/iPrFh8/3hljLJGxFtRV xWfIPUQqMycAeEUKo0dOcmTnZHqjhUNhzJ+hbPc8DkZuYkyFo6Sk5oY/GYElv+kL xfBt2Q6+xhjM8G7nMhGsi7aTOeTx2ACGi4Vasq5ACWNP+BrvdLA0xzf2P13PyyNE MrQA1gHg2wcVK0TEquZyvMD5LFoH4JTNz30xHRxqDR6ANEhaBvYQI6cHlsMLOSFF wQEdkcaIX3Io/Dk2TOSmdaawypiKgLvCZvhltM8uIrlFgmfTXzDOEpTp -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:44 2024 by rpki-client on console-ams.rpki-client.org