$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/l58x0-2_mHty36bAJZQz8zVPU-I.roa File: l58x0-2_mHty36bAJZQz8zVPU-I.roa (raw, json) Hash identifier: y/gN6BxIrWzY369qfLrWtGsJeMYRiHpsO91+VRmjP7s= Subject key identifier: 97:9F:31:D3:ED:BF:98:7B:72:DF:A6:C0:25:94:33:F3:35:4F:53:E2 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 14D8 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/l58x0-2_mHty36bAJZQz8zVPU-I.roa Signing time: Wed 11 Sep 2024 02:23:54 +0000 ROA not before: Wed 11 Sep 2024 02:23:54 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24373 IP address blocks: 45.252.32.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5336 (0x14d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:54 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=979F31D3EDBF987B72DFA6C0259433F3354F53E2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:52:68:82:df:80:99:a5:bb:7c:21:c5:b6:0d: 78:ed:56:87:50:2e:a8:25:78:09:55:82:bc:e8:57: e4:af:dc:ca:58:58:86:42:36:b8:f5:81:3b:5e:54: 56:bc:82:ac:6e:51:81:23:0b:88:af:8b:34:61:e0: b6:66:e0:37:3d:c5:f1:68:e1:33:05:0e:8a:e5:78: 13:11:23:ee:aa:bd:18:7e:c1:a1:38:82:95:db:0d: cc:fc:cf:73:ee:81:93:b1:4a:e5:73:3e:1a:fa:c7: 1d:1c:38:77:6c:d4:90:e7:0d:ce:19:be:61:33:9c: a2:93:0d:43:21:8b:30:88:43:6d:3e:d2:d5:d5:76: 89:4a:7f:7d:98:cb:7a:da:44:b9:bb:b4:c5:08:f3: 39:09:3e:c0:3f:c8:f7:4c:53:19:0b:22:62:7a:dd: 5b:1e:a3:2d:e7:b1:fa:09:12:03:13:1e:43:99:e8: 4e:4a:0a:26:62:c5:56:0a:6f:0f:67:eb:ac:86:24: c3:8d:42:bd:b8:08:1a:7f:91:ad:58:ce:1b:3f:90: 68:51:1b:48:3e:33:bb:29:33:11:54:7f:d9:b9:3e: e6:0b:0f:0e:36:35:fe:34:84:47:5f:56:6a:cb:b3: 28:e3:de:7e:cb:2d:b5:59:28:a7:5c:2c:b8:66:92: ac:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:9F:31:D3:ED:BF:98:7B:72:DF:A6:C0:25:94:33:F3:35:4F:53:E2 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/l58x0-2_mHty36bAJZQz8zVPU-I.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.32.0/22 Signature Algorithm: sha256WithRSAEncryption 91:0d:71:2a:56:ea:ea:ba:6d:66:5a:c3:60:e7:93:bb:83:0a: e5:e6:63:a3:41:cf:f2:69:a9:78:d9:03:45:36:fa:0a:7e:60: 72:89:4b:7d:92:57:fa:9e:dd:57:d9:ac:e4:95:f2:8b:f9:77: 64:51:05:f9:4d:60:7f:c9:08:35:75:46:3b:b4:58:81:e2:4f: d8:a8:29:11:a7:3b:78:23:9c:9b:04:9a:26:8c:85:67:c4:c5: 23:fa:a2:96:e0:5b:aa:cb:69:82:63:68:01:f7:78:1d:92:51: 26:f8:d3:a6:db:91:97:fb:cc:2f:1e:7f:c5:01:fd:c5:95:30: 28:10:c5:c7:8d:d1:30:f1:3f:7e:61:cb:da:66:fe:5f:72:6e: a3:80:fc:63:a7:41:59:83:ed:1d:87:63:8a:9b:10:4a:48:fb: 28:be:96:d5:c1:92:b7:28:25:72:6b:1a:6b:58:d2:dd:ef:2a: 41:49:c4:55:08:9f:d9:87:8b:f1:7b:c1:c6:e5:38:2e:3e:73: b4:9e:99:02:7c:9c:30:54:7e:19:32:e3:64:51:34:8e:97:85: f0:54:71:31:bc:0f:4a:26:7a:a0:17:0d:d8:0d:20:9d:4d:4d: 33:7c:e8:cd:3b:c4:bc:bb:5d:c2:4e:cf:5a:ca:48:d1:16:37: 83:6d:7a:24 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFNgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk3OUYzMUQzRURCRjk4 N0I3MkRGQTZDMDI1OTQzM0YzMzU0RjUzRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMUmiC34CZpbt8IcW2DXjtVodQLqgleAlVgrzoV+Sv3MpYWIZC Nrj1gTteVFa8gqxuUYEjC4ivizRh4LZm4Dc9xfFo4TMFDorleBMRI+6qvRh+waE4 gpXbDcz8z3PugZOxSuVzPhr6xx0cOHds1JDnDc4ZvmEznKKTDUMhizCIQ20+0tXV dolKf32Yy3raRLm7tMUI8zkJPsA/yPdMUxkLImJ63Vseoy3nsfoJEgMTHkOZ6E5K CiZixVYKbw9n66yGJMONQr24CBp/ka1Yzhs/kGhRG0g+M7spMxFUf9m5PuYLDw42 Nf40hEdfVmrLsyjj3n7LLbVZKKdcLLhmkqxXAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUl58x0+2/mHty36bAJZQz8zVPU+IwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2w1OHgwLTJfbUh0eTM2 YkFKWlF6OHpWUFUtSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/CAwDQYJKoZIhvcNAQELBQADggEBAJENcSpW6uq6bWZaw2Dnk7uDCuXmY6NB z/JpqXjZA0U2+gp+YHKJS32SV/qe3VfZrOSV8ov5d2RRBflNYH/JCDV1Rju0WIHi T9ioKRGnO3gjnJsEmiaMhWfExSP6opbgW6rLaYJjaAH3eB2SUSb406bbkZf7zC8e f8UB/cWVMCgQxceN0TDxP35hy9pm/l9ybqOA/GOnQVmD7R2HY4qbEEpI+yi+ltXB krcoJXJrGmtY0t3vKkFJxFUIn9mHi/F7wcblOC4+c7SemQJ8nDBUfhky42RRNI6X hfBUcTG8D0omeqAXDdgNIJ1NTTN86M07xLy7XcJOz1rKSNEWN4NteiQ= -----END CERTIFICATE-----Generated at Fri Nov 22 16:05:41 2024 by rpki-client on console-fra.rpki-client.org