$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/7N2kawXaXzvanLqbV58WqwozNGI.roa File: 7N2kawXaXzvanLqbV58WqwozNGI.roa (raw, json) Hash identifier: 7PL8jbcxGUg/WZfC9jKoFh8Y5NEWiXVew3FFq+iSNLg= Subject key identifier: EC:DD:A4:6B:05:DA:5F:3B:DA:9C:BA:9B:57:9F:16:AB:0A:33:34:62 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 14CA Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/7N2kawXaXzvanLqbV58WqwozNGI.roa Signing time: Wed 11 Sep 2024 02:23:50 +0000 ROA not before: Wed 11 Sep 2024 02:23:50 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 138527 IP address blocks: 45.252.12.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5322 (0x14ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:50 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=ECDDA46B05DA5F3BDA9CBA9B579F16AB0A333462 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:90:07:5e:d6:c4:42:f7:af:2b:17:8a:c4:a0: 5f:05:5d:8c:2a:30:7b:8a:25:01:49:f7:cf:77:28: 28:c6:a4:42:cf:a9:aa:2e:d4:6f:d9:25:b7:06:2a: 43:3b:c0:e3:f1:08:24:08:b2:2d:53:aa:84:6f:95: 1d:f5:8e:b7:d7:84:e2:87:48:1b:57:f1:c5:c0:e9: d2:22:23:14:45:6d:ad:75:ae:f9:76:dd:6e:1c:d4: 84:cc:8f:5e:09:65:e5:7d:4d:14:41:9a:46:0c:81: 3f:20:fe:a0:9c:2c:36:88:42:9e:4c:bf:7b:b6:38: 03:a1:d8:c1:04:0b:94:00:fb:a8:38:9c:1a:7d:27: 2d:c1:18:4f:94:83:b9:f3:fd:e2:8a:5d:0b:69:62: ed:e6:24:81:e4:62:86:d4:aa:8c:8d:ee:49:c7:b6: 3f:06:34:e0:ac:85:f1:79:07:6e:b1:ed:3c:ff:c7: d7:a6:94:fb:dd:3c:7e:d6:1a:ff:9b:10:76:62:2e: 87:1b:65:18:85:40:e2:88:eb:c7:d4:c6:fe:0a:44: b7:80:d8:8d:e3:e6:3b:9e:a7:0f:7a:f0:87:28:dd: 28:29:12:ce:8a:a6:32:fd:58:1d:54:5a:3e:47:89: 11:2f:a1:41:2f:d3:7a:9a:a9:5e:2e:70:b6:81:a8: ab:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:DD:A4:6B:05:DA:5F:3B:DA:9C:BA:9B:57:9F:16:AB:0A:33:34:62 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/7N2kawXaXzvanLqbV58WqwozNGI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.12.0/22 Signature Algorithm: sha256WithRSAEncryption 52:1e:41:13:b7:12:bf:f0:e2:4c:16:26:45:cb:32:60:f5:5a: 59:b2:ca:45:09:57:d8:71:e2:d0:57:44:c7:07:5a:3e:ee:a2: 11:3b:c6:1e:17:9a:05:0c:c8:14:a7:fc:cf:2b:f4:41:3e:4e: 3b:55:49:3b:0c:12:ea:35:8e:29:e6:e7:91:3d:95:2c:b1:72: 02:66:5b:60:91:c9:79:82:87:a0:46:92:bd:98:88:6a:45:aa: 25:f5:4a:fd:05:ee:97:ed:9b:4a:5e:ca:d2:d3:19:9a:ea:4a: 5c:c8:5f:4d:cf:d1:42:a3:57:85:66:75:d1:7d:f6:f7:70:0f: 29:08:21:bf:07:c2:32:23:f4:a8:af:5c:6a:4a:6f:58:0c:e3: 39:31:4f:83:1f:87:c7:82:96:62:40:e8:40:15:db:73:92:9f: 94:f5:7f:7f:c3:39:90:e2:dc:b7:b0:9d:50:91:f3:9b:e1:cc: 59:b6:03:4c:77:2a:7f:74:fd:2d:46:a7:eb:1d:a6:6b:10:74: 51:31:42:7d:cf:35:25:a5:0b:a8:5e:f7:4c:25:c0:c6:0d:35: fb:fb:ff:62:0c:88:f9:ee:f5:d2:86:0d:3e:0c:f9:ad:2c:8e: e4:22:f7:50:0d:c2:eb:9a:31:6e:34:1e:79:91:ae:fe:3d:06: b0:1a:ec:ec -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFMowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVDRERBNDZCMDVEQTVG M0JEQTlDQkE5QjU3OUYxNkFCMEEzMzM0NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4kAde1sRC968rF4rEoF8FXYwqMHuKJQFJ9893KCjGpELPqaou 1G/ZJbcGKkM7wOPxCCQIsi1TqoRvlR31jrfXhOKHSBtX8cXA6dIiIxRFba11rvl2 3W4c1ITMj14JZeV9TRRBmkYMgT8g/qCcLDaIQp5Mv3u2OAOh2MEEC5QA+6g4nBp9 Jy3BGE+Ug7nz/eKKXQtpYu3mJIHkYobUqoyN7knHtj8GNOCshfF5B26x7Tz/x9em lPvdPH7WGv+bEHZiLocbZRiFQOKI68fUxv4KRLeA2I3j5juepw968Ico3SgpEs6K pjL9WB1UWj5HiREvoUEv03qaqV4ucLaBqKufAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU7N2kawXaXzvanLqbV58WqwozNGIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzdOMmthd1hhWHp2YW5M cWJWNThXcXdvek5HSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/AwwDQYJKoZIhvcNAQELBQADggEBAFIeQRO3Er/w4kwWJkXLMmD1WlmyykUJ V9hx4tBXRMcHWj7uohE7xh4XmgUMyBSn/M8r9EE+TjtVSTsMEuo1jinm55E9lSyx cgJmW2CRyXmCh6BGkr2YiGpFqiX1Sv0F7pftm0peytLTGZrqSlzIX03P0UKjV4Vm ddF99vdwDykIIb8HwjIj9KivXGpKb1gM4zkxT4Mfh8eClmJA6EAV23OSn5T1f3/D OZDi3LewnVCR85vhzFm2A0x3Kn90/S1Gp+sdpmsQdFExQn3PNSWlC6he90wlwMYN Nfv7/2IMiPnu9dKGDT4M+a0sjuQi91ANwuuaMW40HnmRrv49BrAa7Ow= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org