$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/EKRwlT47ztcMI9o-jD0QsREoMoE.roa File: EKRwlT47ztcMI9o-jD0QsREoMoE.roa (raw, json) Hash identifier: 0COlHtXzsdp9qN0lVOILAN1/2XK3fhCfWhj10+JklNY= Subject key identifier: 10:A4:70:95:3E:3B:CE:D7:0C:23:DA:3E:8C:3D:10:B1:11:28:32:81 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 14A3 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EKRwlT47ztcMI9o-jD0QsREoMoE.roa Signing time: Wed 11 Sep 2024 02:23:35 +0000 ROA not before: Wed 11 Sep 2024 02:23:35 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 45.252.8.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5283 (0x14a3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:35 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=10A470953E3BCED70C23DA3E8C3D10B111283281 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:df:36:02:c3:0a:59:c0:25:36:3a:c9:c1:11: 9a:23:52:d7:1d:71:83:0d:15:f2:9b:b3:b5:d1:1c: 06:7f:4a:19:5e:3b:a0:fd:0c:b0:57:b3:03:fe:a2: 7c:18:5c:13:32:34:36:4d:a3:88:0d:d9:1a:38:b4: 25:58:de:6d:47:f8:96:b5:1d:09:c0:d4:8c:3f:30: d7:4a:b5:8b:6e:d8:f9:d1:82:b8:96:71:3a:60:f5: 51:34:7b:11:e9:dc:71:26:51:2c:35:92:e0:a7:e9: 08:14:d8:fb:ed:07:6e:89:66:ca:5b:f1:27:72:37: 66:cd:a5:88:b4:31:bd:59:c4:7b:90:cd:b1:6c:ef: f7:46:7b:38:7c:ea:e7:db:f9:cb:09:91:25:2c:1d: 67:da:88:4e:b0:2d:4a:54:07:2d:27:cc:be:38:2f: 63:7d:c1:05:43:32:75:97:57:dc:9f:41:7b:ca:81: e4:a1:11:02:f9:5a:ea:37:33:1b:1e:f3:a7:ad:0f: 37:4b:15:05:5b:5c:4e:74:17:32:d4:ec:2c:e8:bc: f3:f8:c9:cf:4a:0b:95:08:66:84:20:04:6a:d7:45: 5e:30:36:5a:7f:6b:55:37:31:44:cc:d9:e2:7d:06: 5d:4c:af:a1:b2:a9:ce:07:ff:46:05:0a:08:e4:77: e7:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:A4:70:95:3E:3B:CE:D7:0C:23:DA:3E:8C:3D:10:B1:11:28:32:81 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EKRwlT47ztcMI9o-jD0QsREoMoE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.8.0/22 Signature Algorithm: sha256WithRSAEncryption 00:35:fd:50:d2:66:07:49:0a:79:80:b5:f3:e6:dd:8f:96:31: 29:d5:bc:80:d7:75:90:f8:13:d1:54:5a:72:7b:56:3b:4f:34: 20:3e:47:08:f5:6a:7f:1b:2f:8d:50:a4:95:7d:7d:74:6b:ee: d8:dd:f3:d6:1d:bb:8f:ee:41:0f:1f:84:c8:05:40:23:41:88: 5e:49:4c:96:f5:fa:11:fe:f9:3a:48:6d:26:a3:b5:a2:ff:2b: 58:55:cc:9c:b6:da:ba:90:3c:4e:a9:f7:72:67:80:2e:65:0a: d6:eb:a6:bd:bd:87:18:1d:f2:d3:ff:33:ff:8c:5b:ef:64:aa: b3:23:81:1a:3e:0f:55:e7:2b:36:62:66:a1:93:90:9e:97:84: ee:49:c4:79:1c:9f:07:44:27:59:c0:e1:f4:4f:63:df:c6:c5: ad:c9:1d:bc:ec:a7:2a:b8:91:b1:a5:95:14:0f:10:00:66:80: 38:be:4d:75:a7:80:78:e5:b7:a2:58:45:b0:cd:26:ea:ea:6f: cd:39:19:ea:07:c3:ae:ce:7e:2d:d4:ce:67:f3:e8:82:08:23: 5c:93:c4:ef:07:7c:63:8a:e4:49:c4:78:74:fb:c1:51:9e:4d: e4:c7:29:21:5f:c9:62:80:16:73:0f:e2:68:8e:1b:0f:28:3a: cb:7f:dd:30 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFKMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEwQTQ3MDk1M0UzQkNF RDcwQzIzREEzRThDM0QxMEIxMTEyODMyODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDV3zYCwwpZwCU2OsnBEZojUtcdcYMNFfKbs7XRHAZ/ShleO6D9 DLBXswP+onwYXBMyNDZNo4gN2Ro4tCVY3m1H+Ja1HQnA1Iw/MNdKtYtu2PnRgriW cTpg9VE0exHp3HEmUSw1kuCn6QgU2PvtB26JZspb8SdyN2bNpYi0Mb1ZxHuQzbFs 7/dGezh86ufb+csJkSUsHWfaiE6wLUpUBy0nzL44L2N9wQVDMnWXV9yfQXvKgeSh EQL5Wuo3Mxse86etDzdLFQVbXE50FzLU7CzovPP4yc9KC5UIZoQgBGrXRV4wNlp/ a1U3MUTM2eJ9Bl1Mr6Gyqc4H/0YFCgjkd+ejAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUEKRwlT47ztcMI9o+jD0QsREoMoEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0VLUndsVDQ3enRjTUk5 by1qRDBRc1JFb01vRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/AgwDQYJKoZIhvcNAQELBQADggEBAAA1/VDSZgdJCnmAtfPm3Y+WMSnVvIDX dZD4E9FUWnJ7VjtPNCA+Rwj1an8bL41QpJV9fXRr7tjd89Ydu4/uQQ8fhMgFQCNB iF5JTJb1+hH++TpIbSajtaL/K1hVzJy22rqQPE6p93JngC5lCtbrpr29hxgd8tP/ M/+MW+9kqrMjgRo+D1XnKzZiZqGTkJ6XhO5JxHkcnwdEJ1nA4fRPY9/Gxa3JHbzs pyq4kbGllRQPEABmgDi+TXWngHjlt6JYRbDNJurqb805GeoHw67Ofi3Uzmfz6III I1yTxO8HfGOK5EnEeHT7wVGeTeTHKSFfyWKAFnMP4miOGw8oOst/3TA= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:13 2024 by rpki-client on console-fra.rpki-client.org