$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/Ci22XULz4rQzPWmba5vTdVUjKfE.roa File: Ci22XULz4rQzPWmba5vTdVUjKfE.roa (raw, json) Hash identifier: 4ocPRGMJp51Ol4PYsdm4w2bMPTUAF0Atu5AJ8sV2MWU= Subject key identifier: 0A:2D:B6:5D:42:F3:E2:B4:33:3D:69:9B:6B:9B:D3:75:55:23:29:F1 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 16D7 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Ci22XULz4rQzPWmba5vTdVUjKfE.roa Signing time: Wed 20 Nov 2024 02:11:28 +0000 ROA not before: Wed 20 Nov 2024 02:11:28 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 45.252.84.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5847 (0x16d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Nov 20 02:11:28 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=0A2DB65D42F3E2B4333D699B6B9BD375552329F1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:9b:da:28:2c:6c:37:8d:ec:07:d8:94:30:5c: 96:88:dc:37:ac:6a:f2:35:3d:69:e0:a2:68:b1:97: 74:26:0e:fc:18:d5:87:fa:94:83:18:9c:ad:fe:a2: 8f:59:40:0f:2c:00:f5:19:20:a5:ea:5f:14:8d:b4: 66:43:e6:d3:73:57:f2:94:9f:de:c6:be:1f:51:52: 8b:89:00:eb:a2:6b:b5:c3:f9:99:72:07:ba:27:6e: b3:9a:69:be:d4:2c:84:75:cf:47:fc:7b:be:a9:ee: d8:e5:e2:8b:8c:5c:79:18:02:51:84:00:dc:58:ce: 22:86:7f:40:74:ef:f1:74:8b:10:19:15:5c:58:d9: ba:3b:da:4d:21:f2:e0:d5:a7:49:57:f7:9c:91:2f: 5a:a7:98:b2:c6:80:7e:2e:59:51:eb:28:b0:c9:55: 38:33:ff:94:d1:fc:e0:9d:b5:62:b7:66:bd:02:91: d8:15:08:13:0b:0f:80:54:88:2a:bb:ee:8b:a0:4a: 0c:f6:fa:5a:50:ff:b3:22:8e:e0:8a:de:b6:ee:34: dd:87:d2:70:6a:d0:2b:10:15:1a:9d:75:ce:f1:ac: 67:1a:29:3a:95:fe:cd:8e:d9:be:92:08:63:1f:4d: 3b:e2:6d:ff:7e:5f:db:99:d6:f9:15:65:22:8d:62: 92:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:2D:B6:5D:42:F3:E2:B4:33:3D:69:9B:6B:9B:D3:75:55:23:29:F1 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Ci22XULz4rQzPWmba5vTdVUjKfE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.84.0/24 Signature Algorithm: sha256WithRSAEncryption df:1c:9f:27:78:51:66:ed:af:b6:57:b5:cf:0f:44:63:25:1e: 0d:2c:45:68:3a:c0:03:ab:f6:d0:fd:0b:fd:75:59:89:30:94: 0f:0a:00:6b:03:2e:0f:37:d8:51:de:ac:bf:81:a7:82:1d:d4: 21:df:05:74:45:59:6e:57:8b:bb:21:97:b7:e5:ba:e1:26:c3: e4:34:0b:e0:b7:58:24:73:fb:f4:7f:1b:c9:41:47:c5:e9:1c: c1:4e:cf:ab:4b:07:a0:34:5a:86:19:26:7b:ce:d2:9c:30:9d: 4f:11:a1:ad:79:54:2b:fa:61:21:6d:05:62:66:d2:5a:40:e7: 7d:f4:1b:66:51:a3:2f:02:ba:cd:ee:f1:bf:ef:fc:bf:85:d2: d0:d5:e4:b1:79:02:99:ed:80:f7:c7:62:ce:19:86:5a:3e:32: 88:b4:3b:16:9f:1b:73:ad:75:c6:be:0a:26:96:7e:8f:00:64: f7:a1:4d:11:73:da:9b:56:fe:13:1e:1b:55:02:b5:39:a6:07: 70:ca:1c:67:c8:34:2b:e1:76:10:1a:49:26:69:c9:f4:2d:b4: 6c:16:af:d9:2f:be:d7:c2:59:7f:27:46:7c:e0:51:a0:e8:4c: 04:5f:a0:b4:11:44:04:92:44:7b:59:60:94:5a:3f:1f:e0:55: 21:2d:e1:08 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFtcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDExMjAw MjExMjhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDBBMkRCNjVENDJGM0Uy QjQzMzNENjk5QjZCOUJEMzc1NTUyMzI5RjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDim9ooLGw3jewH2JQwXJaI3DesavI1PWngomixl3QmDvwY1Yf6 lIMYnK3+oo9ZQA8sAPUZIKXqXxSNtGZD5tNzV/KUn97Gvh9RUouJAOuia7XD+Zly B7onbrOaab7ULIR1z0f8e76p7tjl4ouMXHkYAlGEANxYziKGf0B07/F0ixAZFVxY 2bo72k0h8uDVp0lX95yRL1qnmLLGgH4uWVHrKLDJVTgz/5TR/OCdtWK3Zr0CkdgV CBMLD4BUiCq77ougSgz2+lpQ/7MijuCK3rbuNN2H0nBq0CsQFRqddc7xrGcaKTqV /s2O2b6SCGMfTTvibf9+X9uZ1vkVZSKNYpLrAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUCi22XULz4rQzPWmba5vTdVUjKfEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0NpMjJYVUx6NHJRelBX bWJhNXZUZFZVaktmRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAt/FQwDQYJKoZIhvcNAQELBQADggEBAN8cnyd4UWbtr7ZXtc8PRGMlHg0sRWg6 wAOr9tD9C/11WYkwlA8KAGsDLg832FHerL+Bp4Id1CHfBXRFWW5Xi7shl7fluuEm w+Q0C+C3WCRz+/R/G8lBR8XpHMFOz6tLB6A0WoYZJnvO0pwwnU8Roa15VCv6YSFt BWJm0lpA5330G2ZRoy8Cus3u8b/v/L+F0tDV5LF5ApntgPfHYs4Zhlo+Moi0Oxaf G3Otdca+CiaWfo8AZPehTRFz2ptW/hMeG1UCtTmmB3DKHGfINCvhdhAaSSZpyfQt tGwWr9kvvtfCWX8nRnzgUaDoTARfoLQRRASSRHtZYJRaPx/gVSEt4Qg= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org