$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/3fToAs3q5_5GX4vzsnWh4xMnDrY.roa File: 3fToAs3q5_5GX4vzsnWh4xMnDrY.roa (raw, json) Hash identifier: iBVb7dWRchtiz3nAw4oBX4icYidRJThdG0Ex9ZtwSmE= Subject key identifier: DD:F4:E8:02:CD:EA:E7:FE:46:5F:8B:F3:B2:75:A1:E3:13:27:0E:B6 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 14AA Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/3fToAs3q5_5GX4vzsnWh4xMnDrY.roa Signing time: Wed 11 Sep 2024 02:23:37 +0000 ROA not before: Wed 11 Sep 2024 02:23:37 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 138527 IP address blocks: 45.252.40.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5290 (0x14aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:37 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=DDF4E802CDEAE7FE465F8BF3B275A1E313270EB6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:db:9d:6c:8c:eb:95:47:ff:6b:fe:5d:ed:dd: 1f:58:8f:b0:a1:ca:40:b4:23:84:00:e8:13:30:a7: db:a2:df:67:41:af:a0:5c:38:5d:0e:ba:83:a4:f2: 02:d5:35:91:d6:a0:f5:7b:9b:75:7a:85:99:a4:11: 08:f0:e4:c7:3d:76:f5:45:71:16:85:42:78:54:db: f3:8c:9b:39:c1:67:86:e5:7d:5e:a9:cb:21:49:ee: c2:84:1f:72:df:12:a7:48:95:16:73:f4:e7:d7:12: 32:f7:e5:fb:5a:19:85:32:ee:4e:01:08:a2:dc:15: be:ff:03:e1:e9:5a:8a:8c:c9:7e:68:8d:25:0c:e5: 6b:82:6b:a3:33:2a:0e:96:34:4c:ef:c2:73:d5:ce: ac:30:7a:bd:f9:38:8b:8a:4e:6d:cd:93:f4:74:3b: 03:4f:8c:5d:b6:08:29:e6:49:ab:d3:b9:bf:50:62: e8:80:7e:1b:c7:3a:0a:aa:d7:27:d8:96:9c:d0:d3: e8:c8:43:31:78:6a:36:84:71:74:74:99:26:d5:c8: b3:50:7d:f6:f2:69:4a:a3:ef:25:30:2b:33:71:2b: c1:4b:fe:14:6d:ee:dc:e7:fa:97:78:1e:09:9b:d7: 32:68:82:b0:02:37:9b:41:70:d3:76:cc:db:92:77: e2:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:F4:E8:02:CD:EA:E7:FE:46:5F:8B:F3:B2:75:A1:E3:13:27:0E:B6 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/3fToAs3q5_5GX4vzsnWh4xMnDrY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.40.0/22 Signature Algorithm: sha256WithRSAEncryption 5c:fc:2d:c0:6c:20:d0:47:30:86:88:45:44:31:12:1d:2d:e6: 3b:da:93:7e:94:0e:71:05:f5:fe:03:1e:02:0f:16:e6:a7:51: 2b:68:cf:a1:52:21:d4:93:09:ac:82:d0:c4:2d:a8:5a:b9:eb: 1a:fb:ad:be:98:44:7c:ca:1e:ea:99:d8:23:c9:c1:a1:4a:e9: 1b:31:a7:d2:2a:9e:37:08:af:79:d6:15:b6:a5:d8:18:3c:a0: cb:4c:53:07:8c:2b:7e:1e:f5:20:24:41:b8:e0:d3:13:d3:94: 34:6e:8a:a5:85:37:c6:d4:07:54:26:62:18:5f:26:c6:29:98: 23:56:7b:f7:5a:d5:7b:5a:48:02:ad:52:61:29:72:94:ef:87: 1e:32:3a:0f:87:11:5d:ab:68:66:76:92:cc:c0:d7:ae:d9:11: b2:20:22:e4:71:3e:61:f7:13:29:cc:43:5b:d4:69:7c:9a:1e: e3:d1:31:25:70:5f:44:92:84:8c:e1:26:75:fb:6e:e1:af:37: f1:ee:a7:32:69:d6:c6:f1:a0:ba:f3:13:d8:eb:09:66:ba:ec: e4:d7:5a:46:77:ca:06:8b:88:c3:cc:54:4a:30:6d:ab:65:f2: b3:c8:c6:36:0d:8e:2b:48:d1:c4:1b:37:6f:31:03:1a:3b:0d: 4f:1c:0c:b8 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERERjRFODAyQ0RFQUU3 RkU0NjVGOEJGM0IyNzVBMUUzMTMyNzBFQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD2251sjOuVR/9r/l3t3R9Yj7ChykC0I4QA6BMwp9ui32dBr6Bc OF0OuoOk8gLVNZHWoPV7m3V6hZmkEQjw5Mc9dvVFcRaFQnhU2/OMmznBZ4blfV6p yyFJ7sKEH3LfEqdIlRZz9OfXEjL35ftaGYUy7k4BCKLcFb7/A+HpWoqMyX5ojSUM 5WuCa6MzKg6WNEzvwnPVzqwwer35OIuKTm3Nk/R0OwNPjF22CCnmSavTub9QYuiA fhvHOgqq1yfYlpzQ0+jIQzF4ajaEcXR0mSbVyLNQffbyaUqj7yUwKzNxK8FL/hRt 7tzn+pd4Hgmb1zJogrACN5tBcNN2zNuSd+KRAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU3fToAs3q5/5GX4vzsnWh4xMnDrYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzNmVG9BczNxNV81R1g0 dnpzbldoNHhNbkRyWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/CgwDQYJKoZIhvcNAQELBQADggEBAFz8LcBsINBHMIaIRUQxEh0t5jvak36U DnEF9f4DHgIPFuanUStoz6FSIdSTCayC0MQtqFq56xr7rb6YRHzKHuqZ2CPJwaFK 6Rsxp9IqnjcIr3nWFbal2Bg8oMtMUweMK34e9SAkQbjg0xPTlDRuiqWFN8bUB1Qm YhhfJsYpmCNWe/da1XtaSAKtUmEpcpTvhx4yOg+HEV2raGZ2kszA167ZEbIgIuRx PmH3EynMQ1vUaXyaHuPRMSVwX0SShIzhJnX7buGvN/HupzJp1sbxoLrzE9jrCWa6 7OTXWkZ3ygaLiMPMVEowbatl8rPIxjYNjitI0cQbN28xAxo7DU8cDLg= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org