$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/2IKL3yCyB3gXsvMEPKCUI0qoUPw.roa File: 2IKL3yCyB3gXsvMEPKCUI0qoUPw.roa (raw, json) Hash identifier: jKpc7DeywZmZNTt4cgpc5nevfVV0QusFtZ0WaUI6ApA= Subject key identifier: D8:82:8B:DF:20:B2:07:78:17:B2:F3:04:3C:A0:94:23:4A:A8:50:FC Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1463 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/2IKL3yCyB3gXsvMEPKCUI0qoUPw.roa Signing time: Wed 11 Sep 2024 02:23:14 +0000 ROA not before: Wed 11 Sep 2024 02:23:14 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 138527 IP address blocks: 45.252.36.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 04:51:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5219 (0x1463) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:14 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=D8828BDF20B2077817B2F3043CA094234AA850FC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:2b:f9:b2:fb:f0:36:c2:ae:00:cb:b5:4f:53: ce:03:dd:55:b0:e6:7c:a7:bb:cd:f7:f6:cc:d0:bf: 27:91:91:ea:12:83:53:17:34:6a:c4:d7:18:85:37: 90:94:b4:d6:04:5b:4d:ac:d1:1a:0a:a8:ac:ea:8c: b4:f9:22:90:ad:29:24:a9:08:59:85:79:1f:05:be: 29:bd:8a:d4:6c:d6:07:fb:02:29:1f:2e:c3:c8:c4: 29:41:b6:9e:ca:db:9e:29:c8:5d:ac:a6:09:0d:bb: 5d:9c:40:86:b2:33:c1:51:0d:86:1b:84:76:f3:a3: 29:93:43:74:70:3b:da:e8:85:2c:2a:96:70:a5:ba: 59:65:d1:19:43:aa:51:34:e9:45:93:b3:c5:57:0e: 55:ef:e4:78:2e:45:cb:91:88:03:26:24:6e:c4:3d: 47:b5:6a:97:bb:dc:62:07:0c:32:c9:81:3a:74:8d: 89:bd:0e:07:ec:96:cd:38:b1:4b:48:76:b9:35:d0: 36:7c:d3:11:a1:ad:6d:93:6f:44:15:fa:9a:f0:d5: 25:fe:78:48:c1:53:b7:98:a7:8e:6c:94:cb:07:d9: 1e:92:a3:fb:b7:8b:fe:5d:10:a9:85:78:52:da:b3: 13:a9:63:fe:e9:ac:1c:b7:c2:c2:09:7f:ce:78:f2: 65:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:82:8B:DF:20:B2:07:78:17:B2:F3:04:3C:A0:94:23:4A:A8:50:FC X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/2IKL3yCyB3gXsvMEPKCUI0qoUPw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.36.0/22 Signature Algorithm: sha256WithRSAEncryption 91:53:e8:c3:fe:91:2a:0d:38:e9:b4:a8:53:6b:f7:f0:8e:97: c4:67:83:2d:4a:79:bf:1d:73:22:b9:22:57:20:28:ed:bd:8e: c3:2b:62:46:41:54:b8:f6:00:a5:24:6b:23:80:4f:dd:c6:e8: 83:13:3a:6d:dd:42:e9:2d:db:4e:90:ae:95:32:f0:71:51:63: 9f:a4:3e:a5:6c:30:a8:51:ca:f3:fb:9b:55:9c:a7:6c:67:62: bc:d5:e6:c4:37:77:58:9b:c8:e0:b7:43:5f:71:f5:33:eb:ed: b7:5d:b0:c1:35:be:ee:0a:d5:93:a4:af:7d:5c:94:99:b1:95: b1:f1:4f:6a:57:d4:96:34:c3:c4:42:fb:d6:9d:c5:a1:79:f4: 3e:d3:7d:4a:16:64:ae:72:91:05:53:4e:ff:6c:e3:af:d6:8e: 8e:62:55:19:79:af:6b:f1:53:26:e5:31:b6:95:1b:dd:b6:f6: 89:56:0c:ae:3a:9b:b3:71:86:f5:ae:8e:da:2f:ee:ef:29:bd: b4:fe:56:76:85:a3:b3:a6:01:9f:40:d8:33:d3:51:af:a2:94: 6e:4d:86:3b:94:2d:41:fb:12:c2:45:9d:8c:14:09:3b:74:1f: 25:98:3d:d2:42:6a:74:d7:6d:cd:fe:6f:1b:62:2e:3f:e1:54: 02:4e:88:61 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFGMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ4ODI4QkRGMjBCMjA3 NzgxN0IyRjMwNDNDQTA5NDIzNEFBODUwRkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpK/my+/A2wq4Ay7VPU84D3VWw5nynu8339szQvyeRkeoSg1MX NGrE1xiFN5CUtNYEW02s0RoKqKzqjLT5IpCtKSSpCFmFeR8Fvim9itRs1gf7Aikf LsPIxClBtp7K254pyF2spgkNu12cQIayM8FRDYYbhHbzoymTQ3RwO9rohSwqlnCl ulll0RlDqlE06UWTs8VXDlXv5HguRcuRiAMmJG7EPUe1ape73GIHDDLJgTp0jYm9 Dgfsls04sUtIdrk10DZ80xGhrW2Tb0QV+prw1SX+eEjBU7eYp45slMsH2R6So/u3 i/5dEKmFeFLasxOpY/7prBy3wsIJf8548mXdAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU2IKL3yCyB3gXsvMEPKCUI0qoUPwwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzJJS0wzeUN5QjNnWHN2 TUVQS0NVSTBxb1VQdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/CQwDQYJKoZIhvcNAQELBQADggEBAJFT6MP+kSoNOOm0qFNr9/COl8Rngy1K eb8dcyK5IlcgKO29jsMrYkZBVLj2AKUkayOAT93G6IMTOm3dQukt206QrpUy8HFR Y5+kPqVsMKhRyvP7m1Wcp2xnYrzV5sQ3d1ibyOC3Q19x9TPr7bddsME1vu4K1ZOk r31clJmxlbHxT2pX1JY0w8RC+9adxaF59D7TfUoWZK5ykQVTTv9s46/Wjo5iVRl5 r2vxUyblMbaVG9229olWDK46m7NxhvWujtov7u8pvbT+VnaFo7OmAZ9A2DPTUa+i lG5NhjuULUH7EsJFnYwUCTt0HyWYPdJCanTXbc3+bxtiLj/hVAJOiGE= -----END CERTIFICATE-----Generated at Fri Nov 22 23:40:49 2024 by rpki-client on console-fra.rpki-client.org