$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/Qf1BVzbq5Xn3pxFFQ8ZjkvKPVb8.roa File: Qf1BVzbq5Xn3pxFFQ8ZjkvKPVb8.roa (raw, json) Hash identifier: EVYLmcmrGppQAQtdIhBXWni/NA5zVMeArtAjp9EY62w= Subject key identifier: 41:FD:41:57:36:EA:E5:79:F7:A7:11:45:43:C6:63:92:F2:8F:55:BF Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 14B0 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Qf1BVzbq5Xn3pxFFQ8ZjkvKPVb8.roa Signing time: Wed 11 Sep 2024 02:23:40 +0000 ROA not before: Wed 11 Sep 2024 02:23:40 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 138527 IP address blocks: 45.252.28.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5296 (0x14b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:40 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=41FD415736EAE579F7A7114543C66392F28F55BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ea:c0:6b:d3:42:31:92:73:28:22:30:44:11: f2:9a:c6:4b:0e:59:f7:25:ce:9d:bd:e3:da:1a:c8: 00:32:ab:08:53:c9:5b:f8:d1:2a:db:90:6d:0d:82: 1c:71:52:cd:ca:47:ca:6e:a3:09:93:3e:51:a9:aa: 6d:72:d0:76:2d:a6:90:89:b8:8e:d9:99:84:1a:c0: 40:e3:16:61:01:ba:8a:74:73:e2:02:49:c6:9a:f3: 61:da:c5:2e:96:df:ba:46:1b:ad:d0:92:65:e6:39: 03:f3:f5:50:d0:6e:ae:72:0f:13:9a:1c:c1:8a:3a: a6:c3:f4:56:05:49:0a:3a:5e:8a:5b:f9:6d:5c:43: 06:18:e8:9c:29:90:c9:26:af:c2:20:a0:45:0c:c1: 01:03:32:77:90:1f:02:63:71:27:93:a1:84:0a:12: 9e:d1:75:ae:70:bb:de:88:6f:56:27:34:cd:f5:03: 65:55:d2:f5:b7:ea:34:58:7d:d2:1b:7b:bb:11:76: 98:8c:65:49:6c:ef:50:4d:11:24:f0:14:d8:d8:25: 8d:d2:a7:f2:9d:2c:47:e7:5d:ac:fe:47:8d:1d:f9: 86:53:64:57:bd:24:2f:f9:cb:7e:d5:3f:cb:b8:97: db:ea:7e:6a:49:87:f8:00:46:f8:49:d1:d2:1d:61: 63:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:FD:41:57:36:EA:E5:79:F7:A7:11:45:43:C6:63:92:F2:8F:55:BF X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Qf1BVzbq5Xn3pxFFQ8ZjkvKPVb8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.28.0/22 Signature Algorithm: sha256WithRSAEncryption be:03:42:84:ff:d4:78:76:d8:aa:9f:e0:48:d7:a2:72:0a:8f: 01:3e:f1:5a:a5:f1:a7:34:74:29:a3:74:e7:fb:cb:b1:86:3f: 63:e8:dd:16:db:0b:51:70:5d:76:58:0f:25:2f:25:b8:43:4e: 14:5d:7f:79:13:a4:30:7b:37:e7:4a:18:c4:eb:b1:dc:ad:92: e1:77:be:1a:a3:3c:06:44:b2:d8:1d:6d:b2:02:29:04:12:73: 2d:b3:85:71:bd:39:b5:2a:bb:9d:cf:9e:63:91:48:8e:72:92: 1e:79:2d:d9:ea:01:3a:75:bb:16:77:7f:77:a7:02:4d:c7:1a: a8:28:fb:bc:f2:0a:37:78:e8:29:7d:c7:af:a0:b6:1c:97:98: 3e:4b:ce:7c:e9:76:36:e0:8c:60:ff:9e:91:bd:aa:dc:50:78: 7e:ce:15:14:0d:8c:be:a1:d6:63:0e:28:e5:83:1a:17:b6:d2: 85:83:c6:6d:23:bf:15:a1:07:69:92:c7:b4:d9:bd:af:ad:7b: 1c:ec:5a:27:aa:62:fa:96:a3:d6:e5:26:7f:cb:a8:72:92:2b: 76:b1:f0:fe:69:f7:ed:5b:d3:f3:d2:2a:da:bd:a8:5e:fe:89: e1:1d:89:00:f4:c0:44:aa:b3:19:37:24:cc:28:34:61:db:38: cb:1c:ca:05 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFLAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQxRkQ0MTU3MzZFQUU1 NzlGN0E3MTE0NTQzQzY2MzkyRjI4RjU1QkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDH6sBr00IxknMoIjBEEfKaxksOWfclzp2949oayAAyqwhTyVv4 0SrbkG0NghxxUs3KR8puowmTPlGpqm1y0HYtppCJuI7ZmYQawEDjFmEBuop0c+IC Scaa82HaxS6W37pGG63QkmXmOQPz9VDQbq5yDxOaHMGKOqbD9FYFSQo6Xopb+W1c QwYY6JwpkMkmr8IgoEUMwQEDMneQHwJjcSeToYQKEp7Rda5wu96Ib1YnNM31A2VV 0vW36jRYfdIbe7sRdpiMZUls71BNESTwFNjYJY3Sp/KdLEfnXaz+R40d+YZTZFe9 JC/5y37VP8u4l9vqfmpJh/gARvhJ0dIdYWMvAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUQf1BVzbq5Xn3pxFFQ8ZjkvKPVb8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1FmMUJWemJxNVhuM3B4 RkZROFpqa3ZLUFZiOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/BwwDQYJKoZIhvcNAQELBQADggEBAL4DQoT/1Hh22Kqf4EjXonIKjwE+8Vql 8ac0dCmjdOf7y7GGP2Po3RbbC1FwXXZYDyUvJbhDThRdf3kTpDB7N+dKGMTrsdyt kuF3vhqjPAZEstgdbbICKQQScy2zhXG9ObUqu53PnmORSI5ykh55LdnqATp1uxZ3 f3enAk3HGqgo+7zyCjd46Cl9x6+gthyXmD5LznzpdjbgjGD/npG9qtxQeH7OFRQN jL6h1mMOKOWDGhe20oWDxm0jvxWhB2mSx7TZva+texzsWieqYvqWo9blJn/LqHKS K3ax8P5p9+1b0/PSKtq9qF7+ieEdiQD0wESqsxk3JMwoNGHbOMscygU= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org