$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/-qomYDhD0uARzNl7IMtCbkv_z-8.roa File: -qomYDhD0uARzNl7IMtCbkv_z-8.roa (raw, json) Hash identifier: HVTI3o0ST412GzAFuCu2A6keOwjJwEgdzQhcScuTkxg= Subject key identifier: FA:AA:26:60:38:43:D2:E0:11:CC:D9:7B:20:CB:42:6E:4B:FF:CF:EF Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 14B2 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/-qomYDhD0uARzNl7IMtCbkv_z-8.roa Signing time: Wed 11 Sep 2024 02:23:40 +0000 ROA not before: Wed 11 Sep 2024 02:23:40 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24373 IP address blocks: 45.252.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5298 (0x14b2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:40 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=FAAA26603843D2E011CCD97B20CB426E4BFFCFEF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:e2:23:ac:e4:19:b2:0c:c2:c9:1b:82:0c:d9: 26:94:98:63:89:41:9e:62:49:31:16:b9:bb:63:84: 13:0d:5e:ed:4b:49:46:51:80:93:d7:f5:30:8e:10: 24:08:b1:37:77:6b:01:ed:9e:62:50:7b:a3:ce:ac: fb:79:73:2d:72:5f:60:1e:9b:cc:5c:84:67:20:e7: a3:ea:39:1a:8c:6f:64:5d:d6:57:a4:95:11:88:f0: e9:0e:02:22:21:60:eb:b8:cf:60:4a:cf:ae:f4:08: be:b7:89:88:8c:eb:79:e4:c5:95:78:50:32:a5:2c: 7c:5b:15:c4:ba:06:b7:95:1c:df:29:34:58:97:68: f6:2b:cc:04:96:b2:54:c4:ac:61:bb:85:2b:8a:28: d1:2e:3f:e2:49:97:71:4d:17:6a:3c:ba:33:a8:46: 58:99:8e:72:90:32:f8:3f:90:44:4c:32:96:10:36: e4:85:53:c2:d6:25:96:78:46:a4:69:2d:29:8d:70: 0e:9a:05:91:6b:16:0a:77:17:7e:94:c6:53:f9:34: 61:b4:fd:23:1f:f7:36:10:6c:8a:ae:16:09:32:8a: 7a:c8:60:c4:80:41:6d:17:c7:87:37:ae:07:f0:dc: fe:85:2b:54:10:e2:9b:79:2b:60:b6:64:88:8d:d6: a3:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:AA:26:60:38:43:D2:E0:11:CC:D9:7B:20:CB:42:6E:4B:FF:CF:EF X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/-qomYDhD0uARzNl7IMtCbkv_z-8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.100.0/22 Signature Algorithm: sha256WithRSAEncryption 37:55:9a:29:6f:b8:6d:d8:51:39:ba:1c:fc:da:26:3d:f9:94: 30:ae:8c:ad:6a:8c:be:4d:f3:15:21:52:d6:68:87:38:2c:66: 13:f5:51:6b:5f:ba:82:d9:d3:b2:98:11:e6:50:49:8d:08:8b: 41:41:88:71:d7:7d:18:b5:9e:eb:eb:41:ee:d4:c8:bf:93:0c: e7:3b:0a:e7:5e:b4:1d:11:7a:8d:50:5d:bb:26:7e:28:9f:55: d6:33:c5:90:15:60:4c:24:bd:3b:f8:e7:a2:8b:d3:12:20:57: 09:47:88:76:02:18:80:19:44:5f:69:c8:4e:cc:19:4b:d0:5d: 08:5e:50:53:35:29:41:14:a6:ef:e7:eb:29:75:31:8a:ce:be: e9:6a:bf:09:f4:7a:3b:e2:07:82:7a:46:b1:eb:4d:ec:93:53: 4e:f3:22:0c:cc:4a:fb:1d:e7:4e:bc:6c:91:40:1f:2f:73:f8: dd:29:d7:e3:11:dd:ce:a9:25:1d:40:a7:19:c8:8d:be:7f:9a: fa:30:aa:a2:1b:3a:22:e3:37:5b:a3:c0:3e:70:a7:1f:ea:5c: a4:1a:5f:e2:b4:77:6f:6b:ce:c6:6c:6d:c9:03:84:0b:8d:37: 02:62:4a:4c:50:7c:71:8d:ab:5a:fe:a5:00:ae:3e:fd:e3:53: fe:74:89:78 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFLIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZBQUEyNjYwMzg0M0Qy RTAxMUNDRDk3QjIwQ0I0MjZFNEJGRkNGRUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCo4iOs5BmyDMLJG4IM2SaUmGOJQZ5iSTEWubtjhBMNXu1LSUZR gJPX9TCOECQIsTd3awHtnmJQe6POrPt5cy1yX2Aem8xchGcg56PqORqMb2Rd1lek lRGI8OkOAiIhYOu4z2BKz670CL63iYiM63nkxZV4UDKlLHxbFcS6BreVHN8pNFiX aPYrzASWslTErGG7hSuKKNEuP+JJl3FNF2o8ujOoRliZjnKQMvg/kERMMpYQNuSF U8LWJZZ4RqRpLSmNcA6aBZFrFgp3F36UxlP5NGG0/SMf9zYQbIquFgkyinrIYMSA QW0Xx4c3rgfw3P6FK1QQ4pt5K2C2ZIiN1qPpAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU+qomYDhD0uARzNl7IMtCbkv/z+8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3Ly1xb21ZRGhEMHVBUnpO bDdJTXRDYmt2X3otOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/GQwDQYJKoZIhvcNAQELBQADggEBADdVmilvuG3YUTm6HPzaJj35lDCujK1q jL5N8xUhUtZohzgsZhP1UWtfuoLZ07KYEeZQSY0Ii0FBiHHXfRi1nuvrQe7UyL+T DOc7CudetB0Reo1QXbsmfiifVdYzxZAVYEwkvTv456KL0xIgVwlHiHYCGIAZRF9p yE7MGUvQXQheUFM1KUEUpu/n6yl1MYrOvulqvwn0ejviB4J6RrHrTeyTU07zIgzM Svsd5068bJFAHy9z+N0p1+MR3c6pJR1ApxnIjb5/mvowqqIbOiLjN1ujwD5wpx/q XKQaX+K0d29rzsZsbckDhAuNNwJiSkxQfHGNq1r+pQCuPv3jU/50iXg= -----END CERTIFICATE-----Generated at Fri Nov 22 16:05:40 2024 by rpki-client on console-fra.rpki-client.org