$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/HpsVFO6_Pl0eVKgFB0sZBcaRYJc.roa File: HpsVFO6_Pl0eVKgFB0sZBcaRYJc.roa (raw, json) Hash identifier: VCwwcNDVcj6OUCOOXmn2X3wigBTfWtBzggXWQCkbUKU= Subject key identifier: 1E:9B:15:14:EE:BF:3E:5D:1E:54:A8:05:07:4B:19:05:C6:91:60:97 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 16CF Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/HpsVFO6_Pl0eVKgFB0sZBcaRYJc.roa Signing time: Tue 19 Nov 2024 02:39:42 +0000 ROA not before: Tue 19 Nov 2024 02:39:42 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 45.252.145.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5839 (0x16cf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Nov 19 02:39:42 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=1E9B1514EEBF3E5D1E54A805074B1905C6916097 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:be:5a:85:e4:a8:af:a0:30:bd:11:1f:7f:85: a0:95:cf:9c:55:88:b0:10:d3:de:75:64:33:c9:5e: 8d:33:69:d8:05:31:2e:03:2d:13:4a:49:2e:98:60: 39:6c:b8:23:15:25:76:52:68:5e:c4:c4:3b:11:a1: 19:2a:29:91:14:be:98:96:0d:7c:61:3d:e0:ed:28: 44:03:bb:ee:fd:0f:21:19:2c:84:97:07:32:5c:66: 96:c4:2a:7d:7a:b8:c6:e8:1a:5c:ff:8c:bf:27:0e: bb:aa:5d:a0:c3:88:71:06:b0:f0:2d:f8:09:a9:1f: 4e:70:d2:aa:bd:46:b8:bf:bd:a4:aa:fb:2b:4a:70: 1d:5b:4c:45:7f:b3:a9:f8:28:43:c3:0a:ed:36:a9: ae:20:34:40:4e:7e:b1:03:69:8b:f3:9e:4b:f7:32: 6f:92:25:ea:a1:80:00:28:6f:45:fa:03:c6:d3:47: cb:03:0e:6d:95:af:df:a4:99:56:c3:fe:a5:16:8f: 09:c0:3e:9a:59:8f:84:51:3c:51:18:46:6e:e2:1f: 42:b4:53:ca:d0:9c:50:72:07:46:de:2e:8e:e7:a9: 69:e4:7e:ec:42:c5:eb:5f:24:8d:bf:9f:37:e6:9a: 98:92:46:7d:e4:6b:81:e2:fa:2d:e7:d2:d8:40:cc: 9d:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:9B:15:14:EE:BF:3E:5D:1E:54:A8:05:07:4B:19:05:C6:91:60:97 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/HpsVFO6_Pl0eVKgFB0sZBcaRYJc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.145.0/24 Signature Algorithm: sha256WithRSAEncryption c7:f2:07:90:4a:85:00:b5:4f:0c:74:58:05:eb:14:13:ea:ed: 0b:25:f2:f8:91:ff:cf:bd:1a:1e:3e:c6:a1:63:dc:7f:ca:bf: b8:d8:c7:2c:55:60:1e:6e:76:be:8d:cf:30:e0:3b:17:7f:b9: 1e:f9:d6:df:a1:e4:18:92:ed:83:45:e6:9b:ae:24:bb:b0:75: f1:ef:48:1b:27:c9:27:ae:a9:1e:dd:34:76:ac:60:66:a9:6e: 5d:a0:9a:a3:db:5f:ea:43:87:8d:54:1b:bb:a7:15:ef:9b:22: 3e:94:fe:e9:e2:1b:2c:3b:1e:ff:32:72:3c:d7:96:ed:84:54: 1d:34:2d:ba:71:3b:fa:d6:91:c5:f2:37:7d:85:63:7d:03:2d: 13:fd:f2:64:ce:40:af:a0:ad:aa:a3:d6:c2:9d:6b:95:e8:06: be:30:8a:e3:a5:3e:7e:8e:6a:ce:21:97:ea:23:b7:d2:01:10: 68:b2:f1:ee:65:6a:2f:ee:98:56:43:52:ab:5d:f8:24:ea:85: 1b:00:75:5c:6e:da:0e:ef:b3:ac:d2:69:f6:10:ed:7f:3a:a4: af:29:7b:e5:60:fc:30:eb:03:7b:aa:fc:4c:db:14:37:68:d4: 44:70:dc:b4:0d:c7:16:ae:da:9c:58:5d:ad:5b:08:c5:f1:7d: 76:d6:49:15 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFs8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDExMTkw MjM5NDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDFFOUIxNTE0RUVCRjNF NUQxRTU0QTgwNTA3NEIxOTA1QzY5MTYwOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/vlqF5KivoDC9ER9/haCVz5xViLAQ0951ZDPJXo0zadgFMS4D LRNKSS6YYDlsuCMVJXZSaF7ExDsRoRkqKZEUvpiWDXxhPeDtKEQDu+79DyEZLISX BzJcZpbEKn16uMboGlz/jL8nDruqXaDDiHEGsPAt+AmpH05w0qq9Rri/vaSq+ytK cB1bTEV/s6n4KEPDCu02qa4gNEBOfrEDaYvznkv3Mm+SJeqhgAAob0X6A8bTR8sD Dm2Vr9+kmVbD/qUWjwnAPppZj4RRPFEYRm7iH0K0U8rQnFByB0beLo7nqWnkfuxC xetfJI2/nzfmmpiSRn3ka4Hi+i3n0thAzJ2/AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUHpsVFO6/Pl0eVKgFB0sZBcaRYJcwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0hwc1ZGTzZfUGwwZVZL Z0ZCMHNaQmNhUllKYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAt/JEwDQYJKoZIhvcNAQELBQADggEBAMfyB5BKhQC1Twx0WAXrFBPq7Qsl8viR /8+9Gh4+xqFj3H/Kv7jYxyxVYB5udr6NzzDgOxd/uR751t+h5BiS7YNF5puuJLuw dfHvSBsnySeuqR7dNHasYGapbl2gmqPbX+pDh41UG7unFe+bIj6U/uniGyw7Hv8y cjzXlu2EVB00LbpxO/rWkcXyN32FY30DLRP98mTOQK+graqj1sKda5XoBr4wiuOl Pn6Oas4hl+ojt9IBEGiy8e5lai/umFZDUqtd+CTqhRsAdVxu2g7vs6zSafYQ7X86 pK8pe+Vg/DDrA3uq/EzbFDdo1ERw3LQNxxau2pxYXa1bCMXxfXbWSRU= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org