$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/399/bAG6AC_0PSNypyED9pnxQNQCVtI.roa File: bAG6AC_0PSNypyED9pnxQNQCVtI.roa (raw, json) Hash identifier: jhr//Z463D+Ajq8/4ypJEc6xjeG98EpU4T3CiJmconk= Subject key identifier: 6C:01:BA:00:2F:F4:3D:23:72:A7:21:03:F6:99:F1:40:D4:02:56:D2 Certificate issuer: /CN=51C4C1D52D2E3FE6BF3D9BF1B3D6924B49C5D4E5 Certificate serial: 43A6 Authority key identifier: 51:C4:C1:D5:2D:2E:3F:E6:BF:3D:9B:F1:B3:D6:92:4B:49:C5:D4:E5 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UcTB1S0uP-a_PZvxs9aSS0nF1OU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/399/bAG6AC_0PSNypyED9pnxQNQCVtI.roa Signing time: Fri 24 May 2024 02:26:46 +0000 ROA not before: Fri 24 May 2024 02:26:46 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 132203 IP address blocks: 203.205.136.0/24 maxlen: 24 203.205.137.0/24 maxlen: 24 203.205.155.0/24 maxlen: 24 203.205.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/399/UcTB1S0uP-a_PZvxs9aSS0nF1OU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/399/UcTB1S0uP-a_PZvxs9aSS0nF1OU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UcTB1S0uP-a_PZvxs9aSS0nF1OU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17318 (0x43a6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=51C4C1D52D2E3FE6BF3D9BF1B3D6924B49C5D4E5 Validity Not Before: May 24 02:26:46 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=6C01BA002FF43D2372A72103F699F140D40256D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:af:de:f9:f1:b6:45:f2:fb:18:6f:d9:b5:bb: 40:29:83:57:9d:75:c0:fe:a4:a3:32:54:ac:97:d9: b1:06:db:bd:ce:49:2f:6a:c5:8e:95:71:75:de:15: b2:9c:e0:4d:1a:ed:73:c7:c5:25:c6:05:2f:30:cc: c4:2b:10:81:39:1d:6a:33:04:00:4e:1a:12:ac:4c: bb:03:88:06:af:00:18:9d:0e:21:07:84:1d:6e:bc: 4c:43:60:e5:07:aa:25:bd:f7:73:34:b7:1c:01:13: b8:31:2c:50:99:82:3f:24:a8:c4:2d:07:db:a2:bf: 19:3e:8a:9c:cd:b0:24:7f:df:43:db:9b:9a:6a:e7: ee:9d:83:df:a8:89:9d:0e:82:df:1f:8b:84:27:4b: bd:ca:8a:7e:d1:4f:3e:4c:24:23:83:21:ec:0d:aa: 2b:6b:68:70:94:3a:91:47:ff:1b:74:47:bb:4e:6f: 5c:5c:28:68:6c:1d:66:90:28:c9:8d:93:5e:54:e0: e4:63:d0:de:c4:5d:5b:b0:02:0f:9f:68:21:21:1a: c6:00:c2:20:a6:86:ed:5b:0a:13:7b:d0:1b:48:6d: 9e:bf:8d:77:89:ed:cd:5f:44:12:74:52:4a:c3:02: 03:94:56:5e:5a:e1:f1:de:70:4f:5c:1c:75:90:bf: ab:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:01:BA:00:2F:F4:3D:23:72:A7:21:03:F6:99:F1:40:D4:02:56:D2 X509v3 Authority Key Identifier: keyid:51:C4:C1:D5:2D:2E:3F:E6:BF:3D:9B:F1:B3:D6:92:4B:49:C5:D4:E5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/399/UcTB1S0uP-a_PZvxs9aSS0nF1OU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UcTB1S0uP-a_PZvxs9aSS0nF1OU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/399/bAG6AC_0PSNypyED9pnxQNQCVtI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.205.136.0/23 203.205.155.0/24 203.205.159.0/24 Signature Algorithm: sha256WithRSAEncryption a4:36:20:58:b3:eb:39:91:fc:51:a2:6d:b7:cb:03:c6:42:19: 6f:ec:eb:02:e6:39:36:48:fc:49:fb:ef:70:46:56:a6:e6:98: 78:8e:8f:8a:30:b3:a7:d2:6b:64:78:9f:3d:88:49:94:1c:fc: c2:04:95:98:74:24:3f:2d:24:c3:61:9a:e3:3a:14:e1:41:ad: 4e:fc:1e:cc:8d:60:c2:82:7a:1f:8c:18:fa:5b:e6:9a:0d:90: 99:a4:0a:c7:02:80:c8:38:f4:c5:4d:52:31:f8:91:e8:7f:20: 56:0c:28:00:66:5c:87:19:68:f3:1f:ec:8f:ff:21:06:96:8a: 22:65:0c:82:19:f7:52:84:0b:89:98:d2:a2:b9:9e:34:04:1c: b0:b3:b5:75:d4:98:f6:fb:22:66:48:bf:a5:44:db:17:7c:3d: 25:12:e5:29:49:f8:52:d6:d9:e7:b5:63:35:da:68:83:cc:34: ff:f9:11:f6:3b:1f:0f:78:3a:8f:7a:91:d1:5c:15:8a:59:b3: df:58:e1:18:d7:c6:cd:68:bd:5b:85:b3:ff:58:20:0b:ef:76: 44:f1:78:a6:b5:9b:8e:3d:46:ec:c6:03:a5:0c:41:7a:8b:de: e0:02:ec:e5:6a:a0:20:1d:59:65:43:2a:2e:d2:79:fe:4d:5a: 2b:68:cb:4c -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgICQ6YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTFD NEMxRDUyRDJFM0ZFNkJGM0Q5QkYxQjNENjkyNEI0OUM1RDRFNTAeFw0yNDA1MjQw MjI2NDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZDMDFCQTAwMkZGNDNE MjM3MkE3MjEwM0Y2OTlGMTQwRDQwMjU2RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD2r9758bZF8vsYb9m1u0Apg1eddcD+pKMyVKyX2bEG273OSS9q xY6VcXXeFbKc4E0a7XPHxSXGBS8wzMQrEIE5HWozBABOGhKsTLsDiAavABidDiEH hB1uvExDYOUHqiW993M0txwBE7gxLFCZgj8kqMQtB9uivxk+ipzNsCR/30Pbm5pq 5+6dg9+oiZ0Ogt8fi4QnS73Kin7RTz5MJCODIewNqitraHCUOpFH/xt0R7tOb1xc KGhsHWaQKMmNk15U4ORj0N7EXVuwAg+faCEhGsYAwiCmhu1bChN70BtIbZ6/jXeJ 7c1fRBJ0UkrDAgOUVl5a4fHecE9cHHWQv6ttAgMBAAGjggH9MIIB+TAdBgNVHQ4E FgQUbAG6AC/0PSNypyED9pnxQNQCVtIwHwYDVR0jBBgwFoAUUcTB1S0uP+a/PZvx s9aSS0nF1OUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzk5 L1VjVEIxUzB1UC1hX1BadnhzOWFTUzBuRjFPVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvVWNUQjFTMHVQLWFfUFp2eHM5YVNTMG5GMU9VLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzk5L2JBRzZBQ18wUFNOeXB5 RUQ5cG54UU5RQ1Z0SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID BAHLzYgDBADLzZsDBADLzZ8wDQYJKoZIhvcNAQELBQADggEBAKQ2IFiz6zmR/FGi bbfLA8ZCGW/s6wLmOTZI/En773BGVqbmmHiOj4ows6fSa2R4nz2ISZQc/MIElZh0 JD8tJMNhmuM6FOFBrU78HsyNYMKCeh+MGPpb5poNkJmkCscCgMg49MVNUjH4keh/ IFYMKABmXIcZaPMf7I//IQaWiiJlDIIZ91KEC4mY0qK5njQEHLCztXXUmPb7ImZI v6VE2xd8PSUS5SlJ+FLW2ee1YzXaaIPMNP/5EfY7Hw94Oo96kdFcFYpZs99Y4RjX xs1ovVuFs/9YIAvvdkTxeKa1m449RuzGA6UMQXqL3uAC7OVqoCAdWWVDKi7Sef5N Witoy0w= -----END CERTIFICATE-----Generated at Fri Nov 22 17:36:47 2024 by rpki-client on console-ams.rpki-client.org