$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/Bc4IM-pLTR6eKLcFJr4EMur3Bic.roa File: Bc4IM-pLTR6eKLcFJr4EMur3Bic.roa (raw, json) Hash identifier: 69irfAknyCPL3QBipEhDXm7cpvckHUXTzkU92yuLMf8= Subject key identifier: 05:CE:08:33:EA:4B:4D:1E:9E:28:B7:05:26:BE:04:32:EA:F7:06:27 Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 06DA Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/Bc4IM-pLTR6eKLcFJr4EMur3Bic.roa Signing time: Wed 19 Jul 2023 09:34:56 +0000 ROA not before: Wed 19 Jul 2023 09:34:56 +0000 ROA not after: Fri 07 Jun 2024 02:16:11 +0000 asID: 209242 IP address blocks: 103.79.228.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 12:24:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1754 (0x6da) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: Jul 19 09:34:56 2023 GMT Not After : Jun 7 02:16:11 2024 GMT Subject: CN=05CE0833EA4B4D1E9E28B70526BE0432EAF70627 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:23:69:c2:e4:e7:53:bf:54:61:73:42:6b:2b: 4f:03:e5:14:46:d7:b3:a7:04:48:8f:68:af:52:e8: 8a:54:0a:41:50:3f:e2:14:05:a1:39:a4:ac:83:d1: 28:77:57:58:db:ea:3a:62:42:4f:10:c4:b4:b5:1a: d3:0b:10:a2:ae:1d:54:f0:1b:7b:62:2c:6a:6c:be: 55:36:18:22:6c:4d:67:1f:c7:ff:b9:54:65:67:1b: f9:5f:78:da:8e:e6:01:12:b6:37:c8:4e:49:a4:53: 9c:5a:f8:a5:53:31:91:76:ed:ba:9e:3d:2d:30:a1: 38:8c:7d:2f:82:ab:ec:e2:6d:4c:f4:66:1d:c4:8b: 57:42:e3:22:a0:32:a8:5d:3a:ed:ad:8a:1c:cc:7b: 1f:11:9c:ac:c8:aa:bb:05:47:ae:26:95:5f:32:0f: 1d:90:f5:a7:8a:64:09:66:ee:ab:44:0b:ca:e8:e8: b6:47:60:48:aa:18:34:c2:2d:da:6d:38:ae:f8:08: 92:e2:25:cf:05:88:c5:0c:67:6d:a8:cf:10:54:39: 82:e5:29:10:92:bd:cf:a1:80:ee:da:44:21:36:d5: 51:e0:46:82:4e:e9:eb:26:64:10:cd:e7:07:80:1c: 7b:25:25:20:7f:83:c6:8b:1b:28:17:1a:b9:57:e7: ff:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:CE:08:33:EA:4B:4D:1E:9E:28:B7:05:26:BE:04:32:EA:F7:06:27 X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/Bc4IM-pLTR6eKLcFJr4EMur3Bic.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.79.228.0/23 Signature Algorithm: sha256WithRSAEncryption 14:28:3d:d5:aa:39:bc:fe:21:31:c8:68:fb:91:a0:c8:fb:53: e0:d3:2b:45:39:1b:45:9d:7d:5d:ef:14:3d:c6:ae:76:57:a8: 81:df:21:3a:a9:d6:32:fd:1f:5c:3d:4e:14:b0:07:4b:fa:be: 8c:49:ef:65:bb:d8:aa:b9:33:b3:bb:cd:b0:8a:f3:78:1c:e5: ae:ce:f6:b1:ce:c5:72:9a:c3:e3:e1:43:50:16:74:85:43:03: 25:13:8e:ae:fb:dd:dd:98:42:03:57:91:94:30:ab:ad:e1:f2: a4:c5:fd:55:17:01:46:0b:1e:a5:c2:3f:da:cb:d4:fb:65:14: 1f:c1:7f:6d:f0:ae:82:d7:22:68:b4:da:fa:2a:75:88:e3:04: e7:05:4d:58:db:1c:bb:68:61:af:2e:b1:82:78:6c:41:b3:88: 32:f9:d4:d0:f4:1d:0f:0f:24:0a:3d:81:34:db:b9:45:30:a7: 85:f6:f2:80:6c:22:6a:c2:6d:5b:ae:b0:b4:c5:63:70:89:3c: ff:e6:7a:c6:32:e2:48:bb:fc:a2:20:be:57:48:5b:6e:35:c9: c1:b7:07:46:4c:6f:a0:25:f5:b6:ea:93:57:a1:02:b2:d4:93: 18:51:d5:1f:65:a2:04:eb:fb:75:03:c9:85:c3:6a:b0:23:de: 01:ae:5a:47 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBtowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yMzA3MTkw OTM0NTZaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDA1Q0UwODMzRUE0QjRE MUU5RTI4QjcwNTI2QkUwNDMyRUFGNzA2MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDdI2nC5OdTv1Rhc0JrK08D5RRG17OnBEiPaK9S6IpUCkFQP+IU BaE5pKyD0Sh3V1jb6jpiQk8QxLS1GtMLEKKuHVTwG3tiLGpsvlU2GCJsTWcfx/+5 VGVnG/lfeNqO5gEStjfITkmkU5xa+KVTMZF27bqePS0woTiMfS+Cq+zibUz0Zh3E i1dC4yKgMqhdOu2tihzMex8RnKzIqrsFR64mlV8yDx2Q9aeKZAlm7qtEC8ro6LZH YEiqGDTCLdptOK74CJLiJc8FiMUMZ22ozxBUOYLlKRCSvc+hgO7aRCE21VHgRoJO 6esmZBDN5weAHHslJSB/g8aLGygXGrlX5/8JAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUBc4IM+pLTR6eKLcFJr4EMur3BicwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvQmM0SU0tcExUUjZl S0xjRkpyNEVNdXIzQmljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWdP5DANBgkqhkiG9w0BAQsFAAOCAQEAFCg91ao5vP4hMcho+5GgyPtT4NMr RTkbRZ19Xe8UPcaudleogd8hOqnWMv0fXD1OFLAHS/q+jEnvZbvYqrkzs7vNsIrz eBzlrs72sc7FcprD4+FDUBZ0hUMDJROOrvvd3ZhCA1eRlDCrreHypMX9VRcBRgse pcI/2svU+2UUH8F/bfCugtciaLTa+ip1iOME5wVNWNscu2hhry6xgnhsQbOIMvnU 0PQdDw8kCj2BNNu5RTCnhfbygGwiasJtW66wtMVjcIk8/+Z6xjLiSLv8oiC+V0hb bjXJwbcHRkxvoCX1tuqTV6ECstSTGFHVH2WiBOv7dQPJhcNqsCPeAa5aRw== -----END CERTIFICATE-----Generated at Tue May 7 07:05:05 2024 by rpki-client on console-fra.rpki-client.org