$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/lZvGg1c31kLHJv-LSao0SnMmi84.roa File: lZvGg1c31kLHJv-LSao0SnMmi84.roa (raw, json) Hash identifier: MxzOV3eGtoU6C17vZlNnivPSQfBR/kI13pPWwFt3hvM= Subject key identifier: 95:9B:C6:83:57:37:D6:42:C7:26:FF:8B:49:AA:34:4A:73:26:8B:CE Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 17FC Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/lZvGg1c31kLHJv-LSao0SnMmi84.roa Signing time: Fri 17 Jan 2025 01:24:23 +0000 ROA not before: Fri 17 Jan 2025 01:24:23 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 45.252.36.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6140 (0x17fc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:24:23 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=959BC6835737D642C726FF8B49AA344A73268BCE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:9c:9b:3a:d9:9c:0a:09:c7:76:a8:a1:9e:cf: d5:27:88:5a:2c:27:6f:5e:2d:13:b7:0a:c0:c2:75: b4:67:fa:d0:d1:a2:b8:39:5b:ac:2d:d0:39:06:96: f2:c3:7b:5c:35:7c:b9:a1:24:37:6b:8d:ad:74:b8: 67:66:d6:b6:7b:75:19:e5:dd:6d:a7:5a:30:0d:71: 6f:59:99:eb:d1:c6:02:cf:35:c4:76:c4:02:4e:e9: 0c:1b:f0:c8:d3:54:19:ce:73:a1:28:a2:15:75:0c: 7d:a2:fa:90:10:07:42:d5:d6:2b:4b:0a:38:9c:29: 77:7b:09:8b:c0:b5:fe:36:bb:c2:86:de:01:a3:45: cf:b7:6f:97:b0:87:ed:db:a0:e3:2d:ad:11:96:20: eb:1c:85:72:aa:a6:cb:ec:86:aa:5a:da:fa:ec:9d: fe:76:bd:9d:c7:cc:e1:11:80:1e:ad:e0:cc:22:6b: a7:50:1f:39:a5:65:bb:f4:68:2b:1a:0b:28:e3:71: 27:88:8c:7f:53:8e:d7:36:a3:5c:3c:a7:b2:9f:7d: 4c:38:99:85:3b:af:6e:fb:92:aa:ef:9e:23:e5:a8: e4:f6:8f:84:8f:fd:59:8e:89:04:24:e9:0d:1e:0f: e8:34:a3:b8:ed:c8:4d:cc:4d:7d:71:f0:70:12:c1: c9:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:9B:C6:83:57:37:D6:42:C7:26:FF:8B:49:AA:34:4A:73:26:8B:CE X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/lZvGg1c31kLHJv-LSao0SnMmi84.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.36.0/22 Signature Algorithm: sha256WithRSAEncryption d1:b1:e7:4c:d6:b5:64:00:95:4d:08:33:05:af:d5:0e:11:05: 82:19:67:58:27:bd:2f:34:d6:9c:10:8f:56:3a:c4:94:8a:27: 95:71:70:bc:12:80:ed:b1:4d:ae:82:d0:ce:56:4c:fe:08:04: 6d:8a:be:3c:5f:bb:e4:85:2e:d2:0d:cf:36:9d:07:44:18:3e: 75:18:cc:5d:aa:50:f2:be:d5:4f:6e:5c:94:3a:5f:36:54:d2: 62:0f:55:e5:de:d2:b7:ff:5f:b5:c8:72:ed:ea:f8:cb:be:f1: f1:8a:74:f1:2d:21:94:80:6f:f8:0d:d2:00:ec:fd:45:3e:f5: ea:b8:46:bf:a9:7f:db:0f:5f:a2:14:60:c6:04:f5:79:d6:e2: 50:29:84:17:da:ae:85:58:e7:fe:ac:a7:10:a5:bf:01:0b:d4: 78:eb:e0:a3:62:70:74:23:62:bc:38:57:9d:91:af:2d:ca:a2: 0f:a4:e5:c0:4a:2b:8a:21:32:7d:57:fd:e7:94:42:22:c6:e3: af:3f:92:3c:64:7c:03:26:67:5b:6a:94:24:bc:cf:c8:3a:0c: 1b:77:f5:e3:d2:dd:43:24:64:54:a7:29:9c:59:2b:c0:6d:7c: 3a:f2:66:14:9a:66:b4:5a:ed:2c:55:10:c2:15:bb:4d:36:be: 38:39:31:48 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICF/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI0MjNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDk1OUJDNjgzNTczN0Q2 NDJDNzI2RkY4QjQ5QUEzNDRBNzMyNjhCQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrnJs62ZwKCcd2qKGez9UniFosJ29eLRO3CsDCdbRn+tDRorg5 W6wt0DkGlvLDe1w1fLmhJDdrja10uGdm1rZ7dRnl3W2nWjANcW9ZmevRxgLPNcR2 xAJO6Qwb8MjTVBnOc6EoohV1DH2i+pAQB0LV1itLCjicKXd7CYvAtf42u8KG3gGj Rc+3b5ewh+3boOMtrRGWIOschXKqpsvshqpa2vrsnf52vZ3HzOERgB6t4Mwia6dQ HzmlZbv0aCsaCyjjcSeIjH9Tjtc2o1w8p7KffUw4mYU7r277kqrvniPlqOT2j4SP /VmOiQQk6Q0eD+g0o7jtyE3MTX1x8HASwcldAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUlZvGg1c31kLHJv+LSao0SnMmi84wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2xadkdnMWMzMWtMSEp2 LUxTYW8wU25NbWk4NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/CQwDQYJKoZIhvcNAQELBQADggEBANGx50zWtWQAlU0IMwWv1Q4RBYIZZ1gn vS801pwQj1Y6xJSKJ5VxcLwSgO2xTa6C0M5WTP4IBG2Kvjxfu+SFLtINzzadB0QY PnUYzF2qUPK+1U9uXJQ6XzZU0mIPVeXe0rf/X7XIcu3q+Mu+8fGKdPEtIZSAb/gN 0gDs/UU+9eq4Rr+pf9sPX6IUYMYE9XnW4lAphBfaroVY5/6spxClvwEL1Hjr4KNi cHQjYrw4V52Rry3Kog+k5cBKK4ohMn1X/eeUQiLG468/kjxkfAMmZ1tqlCS8z8g6 DBt39ePS3UMkZFSnKZxZK8BtfDryZhSaZrRa7SxVEMIVu002vjg5MUg= -----END CERTIFICATE-----Generated at Fri Apr 4 18:33:05 2025 by rpki-client