$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/8zcG8rJRFsFSMXhNB2gTJpZvxq4.roa File: 8zcG8rJRFsFSMXhNB2gTJpZvxq4.roa (raw, json) Hash identifier: 0RI5FyIcbXWePvg45tt+uJu66JcqlKXmIAoKAtdCAVE= Subject key identifier: F3:37:06:F2:B2:51:16:C1:52:31:78:4D:07:68:13:26:96:6F:C6:AE Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 08C3 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/8zcG8rJRFsFSMXhNB2gTJpZvxq4.roa Signing time: Mon 14 Aug 2023 04:34:24 +0000 ROA not before: Mon 14 Aug 2023 04:34:24 +0000 ROA not after: Fri 07 Jun 2024 02:16:11 +0000 asID: 21859 IP address blocks: 45.252.8.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 00:54:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2243 (0x8c3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Aug 14 04:34:24 2023 GMT Not After : Jun 7 02:16:11 2024 GMT Subject: CN=F33706F2B25116C15231784D07681326966FC6AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:8d:f2:84:04:89:31:c6:a4:b8:35:0f:b8:b2: b4:3e:06:4a:05:98:57:d1:a3:98:8e:ea:9d:8e:dc: bd:ac:5c:43:74:c6:12:fb:bb:e9:ec:cf:71:8c:69: 43:87:3c:72:ab:30:f7:fc:c3:0d:1e:f6:cb:ef:58: 8a:ff:75:1f:d4:0b:d0:2b:f9:9c:b6:a2:6f:41:73: d4:19:2c:bf:2b:8e:e3:be:8f:42:8f:88:44:d8:ae: 3a:f6:77:8e:bb:90:24:b7:72:88:f0:d9:b5:c8:7f: d9:b7:77:5e:a7:6e:5b:52:38:13:e3:3f:0b:f3:d6: 12:bf:a0:b9:40:38:b5:f4:0c:e5:10:f0:e1:1a:52: 35:36:3a:26:73:93:d9:57:64:e8:e8:2d:c0:b5:29: 51:a3:d0:ae:e7:dd:2d:5d:ca:fc:99:39:a9:70:f0: c8:45:4a:54:bb:b4:a9:24:94:d4:bd:8d:fa:b6:5d: 4d:40:a3:60:25:86:53:94:c8:bb:bf:ce:4f:92:3b: cd:6f:fd:04:c4:ba:2e:08:1a:e4:35:40:26:27:af: d8:16:60:97:4c:51:8b:a8:5d:e5:c6:c4:43:01:a8: a2:9a:32:15:e5:dc:49:f3:10:e9:ca:d6:06:76:4f: 18:c6:7d:9a:b9:10:ae:22:a0:b4:f8:3c:3a:8c:ec: 19:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:37:06:F2:B2:51:16:C1:52:31:78:4D:07:68:13:26:96:6F:C6:AE X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/8zcG8rJRFsFSMXhNB2gTJpZvxq4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.8.0/24 Signature Algorithm: sha256WithRSAEncryption d8:d6:12:ac:46:50:91:a4:25:17:9a:1e:0a:8b:2a:3a:2a:92: 20:fc:17:0d:f9:05:07:00:df:25:42:dd:59:3b:08:bc:1f:60: f3:42:9d:ce:32:ea:83:29:7c:c4:b4:cc:07:e7:b7:b1:de:6c: 9d:bc:73:02:71:1e:f0:85:50:ef:9b:3e:a9:33:54:25:3e:09: 32:95:da:e6:cc:04:32:20:e7:c8:ae:c4:44:21:70:a2:eb:fc: ec:48:6f:c7:6d:7f:86:57:42:60:e0:22:90:fe:d9:f5:d4:fd: 4b:77:5d:11:78:7a:2b:61:2e:f6:99:d2:c8:58:fa:f1:99:ca: 22:81:69:47:76:5c:33:3d:ee:0f:a8:4a:05:01:c1:17:b9:85: 4c:15:ab:8e:39:d1:51:43:fa:22:e2:41:87:e0:12:bc:03:3c: 1a:89:40:3d:a1:0a:38:05:93:bb:39:1d:ba:df:2d:01:bf:b8: ef:29:99:b4:bd:6e:60:6c:db:b8:38:d8:59:13:bc:25:bc:3c: ce:6d:59:2d:31:7a:6e:43:0c:9f:69:af:83:16:1a:6a:67:7a: 6e:2b:f0:a7:0f:1a:22:21:1d:79:d1:13:90:42:53:ff:58:1d: 00:c4:a5:17:bf:a3:3b:43:d3:07:48:47:f7:4a:22:7a:a8:57: 4d:36:c1:84 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICCMMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yMzA4MTQw NDM0MjRaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKEYzMzcwNkYyQjI1MTE2 QzE1MjMxNzg0RDA3NjgxMzI2OTY2RkM2QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvjfKEBIkxxqS4NQ+4srQ+BkoFmFfRo5iO6p2O3L2sXEN0xhL7 u+nsz3GMaUOHPHKrMPf8ww0e9svvWIr/dR/UC9Ar+Zy2om9Bc9QZLL8rjuO+j0KP iETYrjr2d467kCS3cojw2bXIf9m3d16nbltSOBPjPwvz1hK/oLlAOLX0DOUQ8OEa UjU2OiZzk9lXZOjoLcC1KVGj0K7n3S1dyvyZOalw8MhFSlS7tKkklNS9jfq2XU1A o2AlhlOUyLu/zk+SO81v/QTEui4IGuQ1QCYnr9gWYJdMUYuoXeXGxEMBqKKaMhXl 3EnzEOnK1gZ2TxjGfZq5EK4ioLT4PDqM7BmXAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU8zcG8rJRFsFSMXhNB2gTJpZvxq4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3Lzh6Y0c4ckpSRnNGU01Y aE5CMmdUSnBadnhxNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAt/AgwDQYJKoZIhvcNAQELBQADggEBANjWEqxGUJGkJReaHgqLKjoqkiD8Fw35 BQcA3yVC3Vk7CLwfYPNCnc4y6oMpfMS0zAfnt7HebJ28cwJxHvCFUO+bPqkzVCU+ CTKV2ubMBDIg58iuxEQhcKLr/OxIb8dtf4ZXQmDgIpD+2fXU/Ut3XRF4eithLvaZ 0shY+vGZyiKBaUd2XDM97g+oSgUBwRe5hUwVq4450VFD+iLiQYfgErwDPBqJQD2h CjgFk7s5HbrfLQG/uO8pmbS9bmBs27g42FkTvCW8PM5tWS0xem5DDJ9pr4MWGmpn em4r8KcPGiIhHXnRE5BCU/9YHQDEpRe/oztD0wdIR/dKInqoV002wYQ= -----END CERTIFICATE-----Generated at Thu May 2 20:22:45 2024 by rpki-client on console-ams.rpki-client.org