$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/N0l0WD7engb5Nqj5IQ1onwH1HSg.roa File: N0l0WD7engb5Nqj5IQ1onwH1HSg.roa (raw, json) Hash identifier: O4VApB18IQS6QNKecIKHUhiQQuRqhICjmsBg1jxfA7A= Subject key identifier: 37:49:74:58:3E:DE:9E:06:F9:36:A8:F9:21:0D:68:9F:01:F5:1D:28 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 156E Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/N0l0WD7engb5Nqj5IQ1onwH1HSg.roa Signing time: Wed 11 Sep 2024 04:04:12 +0000 ROA not before: Wed 11 Sep 2024 04:04:12 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 45.252.100.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5486 (0x156e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 04:04:12 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=374974583EDE9E06F936A8F9210D689F01F51D28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:11:5a:99:1c:d1:16:f4:cc:90:75:01:f8:3b: 1d:31:9d:7a:f5:58:c4:02:3f:27:9d:0a:d8:eb:42: 06:5e:42:14:b9:83:54:e7:e6:eb:61:bb:07:43:6d: 03:ae:c2:1c:ae:51:a3:f1:ba:d5:2b:ca:e2:0e:a6: 88:bc:cb:f6:35:a8:dc:cb:01:54:24:0b:29:14:fa: 7d:dd:81:5b:0c:56:6d:9b:11:2d:da:15:a3:98:42: 5b:20:8b:51:cb:71:7e:d6:c0:af:63:63:65:2f:be: 05:23:b9:de:c5:77:7c:ff:0f:3b:b7:ae:0b:ff:0e: f2:97:4e:09:a2:77:be:73:f0:8e:b5:02:d3:12:de: 39:e2:28:fa:36:87:06:bc:86:3c:b5:12:b7:1d:0e: a1:db:c9:2c:3e:f2:b4:a6:90:87:5f:92:bf:cd:db: 6b:9c:bf:37:07:97:a8:39:88:8c:46:d0:03:1d:6e: ed:15:3d:74:fa:c4:d9:f5:28:c3:f1:99:64:08:0f: 04:f5:97:dc:88:7e:e0:48:b3:21:b5:3f:52:37:96: 77:56:83:c0:d0:78:ac:e3:a5:8d:9b:60:c0:d0:c3: 2e:c8:c1:88:97:56:a5:d6:67:23:6d:9f:88:b3:e9: 0b:f5:52:b2:9f:75:4e:fc:80:36:bd:44:d3:6d:ca: ea:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:49:74:58:3E:DE:9E:06:F9:36:A8:F9:21:0D:68:9F:01:F5:1D:28 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/N0l0WD7engb5Nqj5IQ1onwH1HSg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.100.0/24 Signature Algorithm: sha256WithRSAEncryption 35:9c:35:5c:d8:4d:94:33:4e:80:2b:ba:02:42:40:d9:27:88: 6a:4c:c9:8f:c7:47:f0:c1:d6:86:dc:66:03:d7:80:5f:e3:a1: ad:f8:77:cd:75:f6:7d:b9:d9:56:59:38:20:a4:fa:20:fd:82: 1e:65:73:37:7b:2a:02:d1:76:3d:c7:56:0f:aa:47:19:d7:4b: 99:df:ed:37:9e:1e:38:54:2e:9d:27:67:db:1e:4a:69:b8:b8: 6b:0f:c6:f2:11:a8:56:5e:cd:11:d3:8e:91:a1:cb:81:0a:39: ff:87:d3:fe:7e:42:89:cb:05:97:29:4c:c4:29:ec:e0:b0:13: ad:43:91:1f:65:79:bc:31:3a:6f:68:42:10:dc:72:70:94:d0: 1a:94:29:ee:93:50:ea:5f:bd:da:64:fc:82:17:4b:4a:7b:37: 43:44:5d:b2:d5:fc:94:c1:9e:c2:72:91:f2:f6:b6:ec:60:d7: 7c:3b:fe:f8:b4:d5:9a:9d:0a:5c:cc:b2:d1:c3:78:8b:0b:23: e2:87:9d:89:66:37:ca:c7:8a:12:ab:40:cb:80:ee:d1:f0:c5: a5:8a:39:a8:aa:31:b7:27:ab:be:56:27:cb:60:db:57:5d:30: 97:25:45:68:b0:16:c9:b0:c3:c1:e3:1c:57:43:ca:ad:d6:9d: 35:27:d3:d0 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFW4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw NDA0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM3NDk3NDU4M0VERTlF MDZGOTM2QThGOTIxMEQ2ODlGMDFGNTFEMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7EVqZHNEW9MyQdQH4Ox0xnXr1WMQCPyedCtjrQgZeQhS5g1Tn 5uthuwdDbQOuwhyuUaPxutUryuIOpoi8y/Y1qNzLAVQkCykU+n3dgVsMVm2bES3a FaOYQlsgi1HLcX7WwK9jY2UvvgUjud7Fd3z/Dzu3rgv/DvKXTgmid75z8I61AtMS 3jniKPo2hwa8hjy1ErcdDqHbySw+8rSmkIdfkr/N22ucvzcHl6g5iIxG0AMdbu0V PXT6xNn1KMPxmWQIDwT1l9yIfuBIsyG1P1I3lndWg8DQeKzjpY2bYMDQwy7IwYiX VqXWZyNtn4iz6Qv1UrKfdU78gDa9RNNtyurVAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUN0l0WD7engb5Nqj5IQ1onwH1HSgwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L04wbDBXRDdlbmdiNU5x ajVJUTFvbndIMUhTZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAt/GQwDQYJKoZIhvcNAQELBQADggEBADWcNVzYTZQzToArugJCQNkniGpMyY/H R/DB1obcZgPXgF/joa34d8119n252VZZOCCk+iD9gh5lczd7KgLRdj3HVg+qRxnX S5nf7TeeHjhULp0nZ9seSmm4uGsPxvIRqFZezRHTjpGhy4EKOf+H0/5+QonLBZcp TMQp7OCwE61DkR9lebwxOm9oQhDccnCU0BqUKe6TUOpfvdpk/IIXS0p7N0NEXbLV /JTBnsJykfL2tuxg13w7/vi01ZqdClzMstHDeIsLI+KHnYlmN8rHihKrQMuA7tHw xaWKOaiqMbcnq75WJ8tg21ddMJclRWiwFsmww8HjHFdDyq3WnTUn09A= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:13 2024 by rpki-client on console-fra.rpki-client.org