$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/B0mqYqM-xpyBMrk6raJGPP01K7k.roa File: B0mqYqM-xpyBMrk6raJGPP01K7k.roa (raw, json) Hash identifier: 6rGpUzI0DJMLulGNS2ibwqjSqpErTg8QYL7b0rg2GsI= Subject key identifier: 07:49:AA:62:A3:3E:C6:9C:81:32:B9:3A:AD:A2:46:3C:FD:35:2B:B9 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 146F Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/B0mqYqM-xpyBMrk6raJGPP01K7k.roa Signing time: Wed 11 Sep 2024 02:23:18 +0000 ROA not before: Wed 11 Sep 2024 02:23:18 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 59083 IP address blocks: 43.254.154.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5231 (0x146f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:18 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=0749AA62A33EC69C8132B93AADA2463CFD352BB9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:04:fa:bf:fc:cf:27:6a:23:b4:e1:34:ba:db: 1b:6b:46:76:1a:cf:25:a9:1e:5c:1c:27:cf:0b:4c: 6d:18:8f:33:77:fe:84:22:41:03:50:4e:90:7e:50: 8f:16:7d:f2:e1:33:27:d6:c7:94:c1:bc:16:6b:09: 6d:de:fe:e7:43:65:86:f2:85:80:ca:d1:0b:91:e0: dd:f9:2c:e6:7b:3a:63:8e:d4:19:8c:59:73:5b:3c: a4:f0:e8:b4:3c:c4:9d:d1:94:d4:d6:b3:26:23:15: 24:7f:1e:34:1b:0f:a5:61:aa:a0:7d:3d:a6:b5:30: 3e:1b:5a:11:51:76:98:b2:c0:db:96:d8:9e:17:44: 71:2c:18:c6:30:43:53:30:74:74:1f:e6:52:73:2c: 2d:e2:fb:ea:14:c0:1b:b1:ed:2d:85:d1:86:bb:fb: 76:1b:ac:f7:3f:22:3c:ef:a9:d2:cd:a1:c3:f5:7c: 1c:ac:18:ab:22:eb:72:69:c0:b4:b6:83:68:b6:22: cc:4a:b4:53:d2:31:24:1f:97:6c:8c:5a:1b:b6:a1: eb:f7:ce:c6:38:d2:09:70:e2:17:d3:63:fd:46:87: 7f:15:ad:fc:c6:81:46:80:0e:b4:6f:bd:1a:80:0c: 95:5b:7b:58:54:3b:ab:d9:b1:db:c7:34:f5:65:2f: ba:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:49:AA:62:A3:3E:C6:9C:81:32:B9:3A:AD:A2:46:3C:FD:35:2B:B9 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/B0mqYqM-xpyBMrk6raJGPP01K7k.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.154.0/24 Signature Algorithm: sha256WithRSAEncryption b4:0f:63:45:ad:24:b8:3f:63:e0:12:a9:56:3a:60:99:e7:75: 2c:ab:01:15:48:7c:b1:15:86:12:da:cc:9a:20:5b:2a:a9:18: c7:d4:f1:c3:d0:07:76:83:db:a1:4f:f9:1c:9c:bc:e3:39:2e: 62:bd:a8:01:4d:02:15:ad:a9:9a:3d:67:43:f1:7c:36:a0:c0: c3:59:42:b3:c5:e1:0d:83:66:fc:49:7d:b0:24:46:65:c0:0f: a2:9c:df:d8:64:1d:c0:79:80:72:9a:f8:c2:db:5d:f2:46:95: 88:1a:c0:60:14:a0:de:79:fd:a5:e3:d4:38:20:d9:ad:65:a9: b4:d7:2b:c6:ec:cd:0a:de:a5:4f:b2:96:90:29:f5:4b:44:bb: f7:52:17:01:1f:17:99:70:fc:f4:98:41:1c:7f:b6:76:71:9e: 92:32:3e:6c:c2:0e:b9:c1:4d:68:99:af:8d:23:c4:48:31:33: bf:cb:5e:9c:91:67:d0:74:3a:6e:74:b3:a8:44:94:be:40:8f: 30:1b:ea:7a:7e:fd:d2:84:70:c2:63:15:75:aa:56:f3:9d:d3: af:3d:d9:d4:15:50:59:db:15:11:ba:77:a5:c5:d1:d5:13:22: f2:42:d3:71:cc:f9:ae:9c:7a:68:aa:53:92:89:64:45:7e:a3: 3b:c8:60:92 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFG8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA3NDlBQTYyQTMzRUM2 OUM4MTMyQjkzQUFEQTI0NjNDRkQzNTJCQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIBPq//M8naiO04TS62xtrRnYazyWpHlwcJ88LTG0YjzN3/oQi QQNQTpB+UI8WffLhMyfWx5TBvBZrCW3e/udDZYbyhYDK0QuR4N35LOZ7OmOO1BmM WXNbPKTw6LQ8xJ3RlNTWsyYjFSR/HjQbD6VhqqB9Paa1MD4bWhFRdpiywNuW2J4X RHEsGMYwQ1MwdHQf5lJzLC3i++oUwBux7S2F0Ya7+3YbrPc/IjzvqdLNocP1fBys GKsi63JpwLS2g2i2IsxKtFPSMSQfl2yMWhu2oev3zsY40glw4hfTY/1Gh38VrfzG gUaADrRvvRqADJVbe1hUO6vZsdvHNPVlL7rhAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUB0mqYqM+xpyBMrk6raJGPP01K7kwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0IwbXFZcU0teHB5Qk1y azZyYUpHUFAwMUs3ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAr/powDQYJKoZIhvcNAQELBQADggEBALQPY0WtJLg/Y+ASqVY6YJnndSyrARVI fLEVhhLazJogWyqpGMfU8cPQB3aD26FP+RycvOM5LmK9qAFNAhWtqZo9Z0PxfDag wMNZQrPF4Q2DZvxJfbAkRmXAD6Kc39hkHcB5gHKa+MLbXfJGlYgawGAUoN55/aXj 1Dgg2a1lqbTXK8bszQrepU+ylpAp9UtEu/dSFwEfF5lw/PSYQRx/tnZxnpIyPmzC DrnBTWiZr40jxEgxM7/LXpyRZ9B0Om50s6hElL5AjzAb6np+/dKEcMJjFXWqVvOd 06892dQVUFnbFRG6d6XF0dUTIvJC03HM+a6cemiqU5KJZEV+ozvIYJI= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:13 2024 by rpki-client on console-fra.rpki-client.org