$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/ij6q0oEQvQKkBKvsxkEXxn5h8Jw.roa File: ij6q0oEQvQKkBKvsxkEXxn5h8Jw.roa (raw, json) Hash identifier: K89fMnZPuwXmO3U1FthHtC+ZY3MVSPP6MZ14Kfq8CIA= Subject key identifier: 8A:3E:AA:D2:81:10:BD:02:A4:04:AB:EC:C6:41:17:C6:7E:61:F0:9C Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 14DA Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ij6q0oEQvQKkBKvsxkEXxn5h8Jw.roa Signing time: Wed 11 Sep 2024 02:23:55 +0000 ROA not before: Wed 11 Sep 2024 02:23:55 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24373 IP address blocks: 45.252.28.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5338 (0x14da) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:55 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=8A3EAAD28110BD02A404ABECC64117C67E61F09C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:14:77:8f:d3:c6:6f:05:a3:27:88:eb:09:45: 75:97:e3:b4:48:f7:37:ba:fa:91:dd:62:80:21:e9: 09:83:fc:79:f1:e5:dc:3e:1a:56:fa:83:8d:28:cc: 60:a0:d9:2f:80:f6:86:1f:3d:df:bb:e0:a0:f2:1a: 9d:10:dc:11:31:53:ba:c6:3f:df:65:2c:42:39:57: f2:c1:b5:1e:7b:8a:40:7b:2a:da:d3:46:3a:db:9a: c4:4d:40:95:30:6e:9f:f3:d0:93:5f:6e:ff:13:ba: 07:a1:ef:f6:95:eb:06:df:2c:d7:b9:0d:d9:2b:c4: 36:72:a5:3f:50:b9:63:c0:05:32:86:ea:ba:ea:de: 6b:9e:50:d6:1c:a6:23:2d:6b:2e:4e:dd:e3:84:27: fa:91:e4:e9:fc:92:b7:d5:44:7b:3d:5b:f2:65:99: d4:6b:0c:cb:6d:24:c3:95:a5:1c:af:c5:bb:d9:38: 41:54:a8:9c:54:e7:5d:95:0f:d8:b8:3c:36:62:c6: 99:6e:b1:da:8f:5d:0c:1f:9c:d8:ce:7f:13:35:ca: 11:b6:92:3f:0e:70:3c:f8:65:ea:af:b4:ac:de:f1: 67:63:4d:cc:91:4a:c5:8a:75:7e:b6:73:ca:92:2c: 98:7a:50:06:3b:57:4f:e0:85:16:8f:a5:66:c6:a4: 2a:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:3E:AA:D2:81:10:BD:02:A4:04:AB:EC:C6:41:17:C6:7E:61:F0:9C X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ij6q0oEQvQKkBKvsxkEXxn5h8Jw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.28.0/22 Signature Algorithm: sha256WithRSAEncryption bc:8a:c5:7e:5b:ae:49:3e:3e:d3:81:c6:50:d6:be:61:d5:03: 80:c2:75:e4:e6:13:a8:22:30:40:5a:00:de:f1:32:01:70:48: 7b:a7:22:a5:73:81:60:65:05:50:f3:03:72:87:f9:4a:c3:9e: 4a:52:34:f6:22:5c:db:ee:82:a6:8b:aa:12:90:08:67:59:b7: a2:e3:d6:a9:d9:ec:f7:18:cb:8e:fd:d1:fe:74:69:aa:1b:36: 27:ad:90:17:3b:67:09:26:dc:6b:b1:fd:95:24:6d:9b:29:1a: 4b:ea:eb:49:50:12:b4:6d:34:ba:96:2e:f9:3f:fb:e6:3f:ac: 1f:55:d9:ba:bc:2e:9c:02:01:77:ab:bf:92:1f:d0:ad:c9:9f: cf:98:9f:6f:d0:3e:dd:20:46:2c:c9:18:82:3c:7a:5e:fd:80: 5e:d8:12:2c:23:f1:7c:51:5b:63:da:5c:8c:ba:eb:47:30:c9: 05:4a:d2:91:6f:07:57:46:8a:25:11:3c:02:ec:0a:93:d0:95: 8e:af:c6:2c:41:bc:dd:11:32:c7:10:92:25:90:f9:01:96:62: 7c:9e:a5:fe:c0:f3:61:af:a3:1a:2f:6a:7c:56:39:2c:9d:a1: 26:2f:c3:f2:7f:c0:69:ba:9b:f7:7c:96:15:ae:dd:a8:f5:f1: 3f:a3:02:12 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFNowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhBM0VBQUQyODExMEJE MDJBNDA0QUJFQ0M2NDExN0M2N0U2MUYwOUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDXFHeP08ZvBaMniOsJRXWX47RI9ze6+pHdYoAh6QmD/Hnx5dw+ Glb6g40ozGCg2S+A9oYfPd+74KDyGp0Q3BExU7rGP99lLEI5V/LBtR57ikB7KtrT RjrbmsRNQJUwbp/z0JNfbv8Tugeh7/aV6wbfLNe5DdkrxDZypT9QuWPABTKG6rrq 3mueUNYcpiMtay5O3eOEJ/qR5On8krfVRHs9W/JlmdRrDMttJMOVpRyvxbvZOEFU qJxU512VD9i4PDZixplusdqPXQwfnNjOfxM1yhG2kj8OcDz4ZeqvtKze8WdjTcyR SsWKdX62c8qSLJh6UAY7V0/ghRaPpWbGpCrDAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUij6q0oEQvQKkBKvsxkEXxn5h8JwwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2lqNnEwb0VRdlFLa0JL dnN4a0VYeG41aDhKdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/BwwDQYJKoZIhvcNAQELBQADggEBALyKxX5brkk+PtOBxlDWvmHVA4DCdeTm E6giMEBaAN7xMgFwSHunIqVzgWBlBVDzA3KH+UrDnkpSNPYiXNvugqaLqhKQCGdZ t6Lj1qnZ7PcYy4790f50aaobNietkBc7Zwkm3Gux/ZUkbZspGkvq60lQErRtNLqW Lvk/++Y/rB9V2bq8LpwCAXerv5If0K3Jn8+Yn2/QPt0gRizJGII8el79gF7YEiwj 8XxRW2PaXIy660cwyQVK0pFvB1dGiiURPALsCpPQlY6vxixBvN0RMscQkiWQ+QGW Ynyepf7A82GvoxovanxWOSydoSYvw/J/wGm6m/d8lhWu3aj18T+jAhI= -----END CERTIFICATE-----Generated at Fri Nov 22 17:36:48 2024 by rpki-client on console-ams.rpki-client.org