$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/oh8mEJhSGhXZJtrCu4uAaungz-M.roa File: oh8mEJhSGhXZJtrCu4uAaungz-M.roa (raw, json) Hash identifier: 5RwJ5gm0Xz2235CXnUw/gg7WlUVMqbzDpiAKN6xIIps= Subject key identifier: A2:1F:26:10:98:52:1A:15:D9:26:DA:C2:BB:8B:80:6A:E9:E0:CF:E3 Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 0FF0 Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/oh8mEJhSGhXZJtrCu4uAaungz-M.roa Signing time: Mon 28 Oct 2024 07:22:54 +0000 ROA not before: Mon 28 Oct 2024 07:22:54 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 135074 IP address blocks: 45.250.152.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 16 Feb 2025 22:57:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4080 (0xff0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: Oct 28 07:22:54 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=A21F261098521A15D926DAC2BB8B806AE9E0CFE3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:a4:4c:72:cd:be:65:a4:16:32:82:01:be:30: 64:8c:3f:49:f9:0c:ea:9c:83:b1:5e:a5:4e:0f:f3: 02:b5:64:89:56:28:53:99:fc:ba:89:37:a4:04:e9: a1:1f:4a:c9:25:d5:f7:1e:dd:3a:3d:ab:9c:d5:d1: 3a:95:7b:9f:85:9e:ff:de:f3:10:04:8d:93:eb:72: bd:32:16:15:b7:71:1d:93:07:91:18:73:aa:ea:fa: 5c:47:52:ca:d0:8c:58:a2:f1:8a:e2:11:ef:3c:31: 5b:1d:0d:8c:a0:f7:f9:c8:fe:c4:30:0a:db:81:35: 08:80:b7:f0:02:78:50:90:6d:dd:1c:ba:c0:fc:48: 8d:ae:40:0d:b7:47:f0:bf:bc:19:5d:8a:e9:be:4a: f0:13:3a:e0:32:a2:fa:0f:41:cc:49:b7:ec:97:7a: 4b:51:8f:a6:c0:ca:8e:67:3a:5d:6f:06:cf:8e:76: 97:86:46:f5:61:12:b9:16:2c:ec:91:76:77:41:d5: 15:9e:cf:73:48:ae:a2:94:1d:e4:9c:43:3a:ae:57: c9:17:11:77:9e:f3:a4:9b:03:c0:81:87:79:5d:76: d7:55:b3:6b:9f:64:04:cb:8f:b9:12:72:26:ed:e5: 48:8a:f8:67:c4:dd:70:49:7c:13:d2:45:14:39:78: 37:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:1F:26:10:98:52:1A:15:D9:26:DA:C2:BB:8B:80:6A:E9:E0:CF:E3 X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/oh8mEJhSGhXZJtrCu4uAaungz-M.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.250.152.0/22 Signature Algorithm: sha256WithRSAEncryption b7:be:7c:16:f8:0d:fe:a5:27:52:63:67:e3:20:23:bc:12:30: 8b:c3:e9:21:e0:03:d8:82:c6:05:a7:b7:7c:02:bc:90:09:84: bc:10:fe:b9:ff:21:9a:7f:67:ba:5d:23:e1:61:51:a1:fa:fa: b0:ff:d0:e3:a2:ab:bc:d1:8a:b7:f0:a1:a8:ac:e6:27:9a:2d: 2b:23:94:09:56:ad:6c:ca:43:00:b7:1f:ec:3e:6e:c3:8c:d7: fe:fd:f9:c6:8d:d9:37:a8:51:8c:5b:2d:63:ee:c4:5b:1c:e9: 3d:e0:d9:27:1b:9e:6b:05:cd:1c:a9:ac:21:ae:3b:47:67:14: d5:ad:7a:49:7c:ed:9a:b2:a5:67:25:93:b7:a1:ff:9e:c3:0d: ae:c6:80:0e:03:37:31:b7:de:21:8e:ac:6e:52:6e:13:a8:19: c5:f5:47:7d:b0:94:64:2e:d3:1c:54:91:2e:98:44:82:b1:91: 75:28:7c:05:98:bd:d5:98:30:0c:1d:e0:ac:d8:89:8f:eb:8c: f6:85:8a:96:ca:30:f8:a5:ab:8f:93:09:63:93:4a:d1:32:84: 75:42:c6:99:01:04:02:85:05:d0:30:1f:d0:f3:a9:c4:3c:00: 27:c9:2d:59:fc:a2:28:82:e8:9d:17:8f:6d:9e:34:05:62:f8: fc:11:37:2b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD/AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNDEwMjgw NzIyNTRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEEyMUYyNjEwOTg1MjFB MTVEOTI2REFDMkJCOEI4MDZBRTlFMENGRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUpExyzb5lpBYyggG+MGSMP0n5DOqcg7FepU4P8wK1ZIlWKFOZ /LqJN6QE6aEfSskl1fce3To9q5zV0TqVe5+Fnv/e8xAEjZPrcr0yFhW3cR2TB5EY c6rq+lxHUsrQjFii8YriEe88MVsdDYyg9/nI/sQwCtuBNQiAt/ACeFCQbd0cusD8 SI2uQA23R/C/vBldium+SvATOuAyovoPQcxJt+yXektRj6bAyo5nOl1vBs+OdpeG RvVhErkWLOyRdndB1RWez3NIrqKUHeScQzquV8kXEXee86SbA8CBh3lddtdVs2uf ZATLj7kScibt5UiK+GfE3XBJfBPSRRQ5eDdnAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUoh8mEJhSGhXZJtrCu4uAaungz+MwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvb2g4bUVKaFNHaFha SnRyQ3U0dUFhdW5nei1NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAi36mDANBgkqhkiG9w0BAQsFAAOCAQEAt758FvgN/qUnUmNn4yAjvBIwi8Pp IeAD2ILGBae3fAK8kAmEvBD+uf8hmn9nul0j4WFRofr6sP/Q46KrvNGKt/ChqKzm J5otKyOUCVatbMpDALcf7D5uw4zX/v35xo3ZN6hRjFstY+7EWxzpPeDZJxueawXN HKmsIa47R2cU1a16SXztmrKlZyWTt6H/nsMNrsaADgM3MbfeIY6sblJuE6gZxfVH fbCUZC7THFSRLphEgrGRdSh8BZi91ZgwDB3grNiJj+uM9oWKlsow+KWrj5MJY5NK 0TKEdULGmQEEAoUF0DAf0POpxDwAJ8ktWfyiKILonRePbZ40BWL4/BE3Kw== -----END CERTIFICATE-----Generated at Sun Feb 16 22:33:57 2025 by rpki-client