$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/6OOgbcc6tw2AkFZlOv9og89RGzM.roa File: 6OOgbcc6tw2AkFZlOv9og89RGzM.roa (raw, json) Hash identifier: PqGCVipLIB4LfMJFXO580kMf7UBPAoR85GnhUUFQplo= Subject key identifier: E8:E3:A0:6D:C7:3A:B7:0D:80:90:56:65:3A:FF:68:83:CF:51:1B:33 Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: A6 Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/6OOgbcc6tw2AkFZlOv9og89RGzM.roa Signing time: Thu 16 May 2024 08:12:56 +0000 ROA not before: Thu 16 May 2024 08:12:56 +0000 ROA not after: Tue 15 Apr 2025 07:02:50 +0000 asID: 7641 IP address blocks: 42.204.0.0/14 maxlen: 24 103.8.204.0/22 maxlen: 24 112.128.0.0/14 maxlen: 24 150.242.52.0/22 maxlen: 24 211.89.0.0/16 maxlen: 24 211.146.3.0/24 maxlen: 24 211.156.128.0/19 maxlen: 24 223.162.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 166 (0xa6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 16 08:12:56 2024 GMT Not After : Apr 15 07:02:50 2025 GMT Subject: CN=E8E3A06DC73AB70D809056653AFF6883CF511B33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:39:c2:92:99:89:9e:0f:86:aa:59:cd:7c:d0: be:f3:7f:06:5a:70:e5:68:9f:b7:8a:85:eb:c7:82: a0:38:2b:56:2a:91:24:a0:8a:ec:a5:33:b3:83:f1: 12:69:4b:40:72:40:07:a7:e5:33:99:65:4f:b1:4f: b4:8d:84:69:8a:86:db:2a:76:25:9c:60:a7:ff:dd: 84:80:55:ef:a2:4d:af:8a:a6:3a:94:9e:4b:92:6f: da:a4:ee:bb:b3:cf:50:dd:3b:d4:d6:f8:34:91:e5: 17:77:48:e4:9e:47:da:6c:f8:bd:42:f5:8d:d1:6a: 6c:79:d5:e6:bf:3c:52:ef:53:0e:36:da:50:4d:18: 67:88:ba:d2:bb:04:c6:a4:a9:df:a8:38:80:83:09: 1f:0a:5d:b2:a4:2e:85:fa:26:7d:9e:d1:a2:bd:85: 68:c8:ae:7a:3b:2a:48:27:1d:c9:86:e5:3d:a2:39: 99:18:60:a5:9b:7e:27:26:2d:78:5e:91:b4:5a:d6: f0:fa:14:d3:30:c2:ca:65:70:03:ea:4a:87:e3:9c: bc:f8:33:e3:4c:86:26:d6:00:3f:87:cc:c3:0c:ae: b1:6f:53:88:a6:a4:32:8e:3c:17:94:5c:10:49:ef: 78:16:75:2c:ec:bf:40:ee:24:15:01:17:ef:c8:71: 87:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:E3:A0:6D:C7:3A:B7:0D:80:90:56:65:3A:FF:68:83:CF:51:1B:33 X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/6OOgbcc6tw2AkFZlOv9og89RGzM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 42.204.0.0/14 103.8.204.0/22 112.128.0.0/14 150.242.52.0/22 211.89.0.0/16 211.146.3.0/24 211.156.128.0/19 223.162.0.0/15 Signature Algorithm: sha256WithRSAEncryption 0a:7f:37:c8:88:54:da:25:37:89:4b:72:5e:cf:52:7d:20:dc: 23:37:e4:5a:46:0b:56:83:9d:fc:4a:a6:da:b2:4a:4f:61:66: d9:95:9c:8c:73:95:3a:cd:70:24:92:e8:3d:70:51:b7:a1:c5: 9e:69:34:eb:cb:44:f7:fd:7d:8c:13:e0:78:20:72:f4:df:2c: fc:d6:f3:98:61:54:d6:37:3f:13:92:21:15:dc:4e:15:f3:9b: 88:1f:7a:81:4e:69:d3:01:00:c2:bc:9c:cd:da:b9:6c:30:b3: b7:12:c5:71:4d:cd:0e:82:c0:a3:28:b9:8b:87:22:bb:2f:da: af:bb:f0:d8:5b:93:a7:16:3d:c5:81:d5:72:7d:fc:07:7a:60: eb:cb:de:a1:55:c9:6b:2c:3a:57:a9:fc:fa:7b:90:3c:92:29: 71:5b:61:df:1a:fe:40:31:5a:ff:36:d8:a6:29:e3:8f:0c:0c: 69:c5:cf:ca:b2:99:28:7c:d9:29:3d:47:9b:b0:88:7f:85:e4: f0:de:03:39:5d:8f:83:34:90:a9:42:6a:94:f3:47:15:b4:56: 36:7b:d5:9f:ea:fc:d8:80:49:04:2b:9e:e2:d3:0b:04:1d:ff: 25:7b:aa:0f:5b:b3:f1:66:5b:30:7b:0b:25:58:a2:eb:00:7c: 39:6d:81:37 -----BEGIN CERTIFICATE----- MIIE+TCCA+GgAwIBAgICAKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNDA1MTYw ODEyNTZaFw0yNTA0MTUwNzAyNTBaMDMxMTAvBgNVBAMTKEU4RTNBMDZEQzczQUI3 MEQ4MDkwNTY2NTNBRkY2ODgzQ0Y1MTFCMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCfOcKSmYmeD4aqWc180L7zfwZacOVon7eKhevHgqA4K1YqkSSg iuylM7OD8RJpS0ByQAen5TOZZU+xT7SNhGmKhtsqdiWcYKf/3YSAVe+iTa+KpjqU nkuSb9qk7ruzz1DdO9TW+DSR5Rd3SOSeR9ps+L1C9Y3Ramx51ea/PFLvUw422lBN GGeIutK7BMakqd+oOICDCR8KXbKkLoX6Jn2e0aK9hWjIrno7KkgnHcmG5T2iOZkY YKWbficmLXhekbRa1vD6FNMwwsplcAPqSofjnLz4M+NMhibWAD+HzMMMrrFvU4im pDKOPBeUXBBJ73gWdSzsv0DuJBUBF+/IcYfrAgMBAAGjggIVMIICETAdBgNVHQ4E FgQU6OOgbcc6tw2AkFZlOv9og89RGzMwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy82T09nYmNjNnR3MkFrRlps T3Y5b2c4OVJHek0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwMC KswDBAJnCMwDAwJwgAMEApbyNAMDANNZAwQA05IDAwQF05yAAwMB36IwDQYJKoZI hvcNAQELBQADggEBAAp/N8iIVNolN4lLcl7PUn0g3CM35FpGC1aDnfxKptqySk9h ZtmVnIxzlTrNcCSS6D1wUbehxZ5pNOvLRPf9fYwT4HggcvTfLPzW85hhVNY3PxOS IRXcThXzm4gfeoFOadMBAMK8nM3auWwws7cSxXFNzQ6CwKMouYuHIrsv2q+78Nhb k6cWPcWB1XJ9/Ad6YOvL3qFVyWssOlep/Pp7kDySKXFbYd8a/kAxWv822KYp448M DGnFz8qymSh82Sk9R5uwiH+F5PDeAzldj4M0kKlCapTzRxW0VjZ71Z/q/NiASQQr nuLTCwQd/yV7qg9bs/FmWzB7CyVYousAfDltgTc= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:12 2024 by rpki-client on console-fra.rpki-client.org