$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/rLb2WUg5P6Ok_vSok_YFbBtkwq4.roa File: rLb2WUg5P6Ok_vSok_YFbBtkwq4.roa (raw, json) Hash identifier: 8HoloHVH/upY4gDJMi2uCW2UeSnSUK/jOf45JHWicPs= Subject key identifier: AC:B6:F6:59:48:39:3F:A3:A4:FE:F4:A8:93:F6:05:6C:1B:64:C2:AE Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1470 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/rLb2WUg5P6Ok_vSok_YFbBtkwq4.roa Signing time: Wed 11 Sep 2024 02:23:18 +0000 ROA not before: Wed 11 Sep 2024 02:23:18 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 138527 IP address blocks: 45.252.48.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5232 (0x1470) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:18 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=ACB6F65948393FA3A4FEF4A893F6056C1B64C2AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:0f:d7:18:1a:53:cd:45:1e:e6:06:56:50:85: d6:58:c6:7e:d9:8d:53:ee:f3:ae:b4:87:e1:84:b6: e4:8b:c9:34:9a:84:80:86:28:02:3f:42:5e:e1:42: 2b:a7:38:0c:36:cb:37:ec:3d:dd:c9:35:51:d6:88: 38:b1:aa:84:a6:21:82:fc:0e:46:85:98:79:61:e4: 0f:a6:b7:05:13:96:98:48:af:94:fe:34:d0:9c:1c: 3e:91:56:a0:87:49:14:0c:e0:09:d3:55:30:01:12: fe:96:42:1f:03:60:59:c4:d3:3f:74:e1:a0:df:e6: 46:7c:0d:2b:f6:d9:2e:49:e8:dd:03:92:f4:f5:27: 3e:1b:91:f8:8b:a0:d7:6b:67:02:0e:39:9c:b1:e9: a2:02:c6:74:30:ec:4b:4c:74:2d:23:83:11:2e:91: df:09:d4:be:be:81:dd:28:71:e9:03:34:72:73:5a: 62:de:6d:9c:e0:98:0b:76:d1:52:44:0a:e1:e1:58: 72:bd:4b:99:d9:45:9a:39:e9:11:04:9e:28:96:9c: 5f:39:58:8c:6b:28:0e:4f:5d:23:27:6e:f6:5e:f1: 47:03:7a:ea:a5:b7:d3:f5:ef:5c:ed:26:30:4e:be: 39:a8:23:a6:88:35:6a:45:ce:03:22:96:16:96:53: ab:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:B6:F6:59:48:39:3F:A3:A4:FE:F4:A8:93:F6:05:6C:1B:64:C2:AE X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/rLb2WUg5P6Ok_vSok_YFbBtkwq4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.48.0/22 Signature Algorithm: sha256WithRSAEncryption 86:73:99:59:41:a1:de:b3:e5:db:63:53:d0:b7:89:2a:69:2c: 85:88:fb:a2:33:40:16:cb:12:a7:f5:b2:b6:c0:7e:60:eb:ed: 73:09:34:22:3f:2e:97:01:30:92:65:1b:80:7c:6d:eb:81:ed: 40:85:46:e4:cc:2c:91:3f:a5:3e:66:59:cd:94:a1:03:53:04: b0:73:0e:dd:53:2b:91:e8:e8:c5:07:17:4b:97:56:37:10:45: 40:78:cc:e0:34:8a:3a:6c:46:35:20:9d:96:b4:d6:a5:1a:74: aa:2e:d2:de:99:d7:2a:92:c6:1c:6f:cd:a5:ae:f2:37:9c:ea: 52:6f:e8:13:f2:9b:f6:4e:48:7f:9c:a7:f9:9f:25:42:f0:4c: 4f:0c:9d:75:21:a4:05:7c:b1:9b:6f:22:35:b4:88:ec:0c:8c: 38:5c:fd:88:19:74:0a:84:7d:00:04:3d:90:14:9d:66:11:2c: 9a:7f:57:53:2a:96:c2:5a:01:b8:99:73:d1:4f:df:aa:ae:62: a6:b1:c2:ba:38:dc:05:ec:20:2e:24:d0:77:a5:a0:35:9f:9f: 70:e0:84:f6:8e:8e:68:de:90:4e:06:c3:fd:53:95:ba:a7:86: 52:6e:49:80:97:80:b2:08:e3:b5:f2:0e:e5:fd:b2:79:d6:32: 55:e1:92:00 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFHAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFDQjZGNjU5NDgzOTNG QTNBNEZFRjRBODkzRjYwNTZDMUI2NEMyQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDZD9cYGlPNRR7mBlZQhdZYxn7ZjVPu8660h+GEtuSLyTSahICG KAI/Ql7hQiunOAw2yzfsPd3JNVHWiDixqoSmIYL8DkaFmHlh5A+mtwUTlphIr5T+ NNCcHD6RVqCHSRQM4AnTVTABEv6WQh8DYFnE0z904aDf5kZ8DSv22S5J6N0DkvT1 Jz4bkfiLoNdrZwIOOZyx6aICxnQw7EtMdC0jgxEukd8J1L6+gd0ocekDNHJzWmLe bZzgmAt20VJECuHhWHK9S5nZRZo56REEniiWnF85WIxrKA5PXSMnbvZe8UcDeuql t9P171ztJjBOvjmoI6aINWpFzgMilhaWU6sNAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUrLb2WUg5P6Ok/vSok/YFbBtkwq4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3JMYjJXVWc1UDZPa192 U29rX1lGYkJ0a3dxNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/DAwDQYJKoZIhvcNAQELBQADggEBAIZzmVlBod6z5dtjU9C3iSppLIWI+6Iz QBbLEqf1srbAfmDr7XMJNCI/LpcBMJJlG4B8beuB7UCFRuTMLJE/pT5mWc2UoQNT BLBzDt1TK5Ho6MUHF0uXVjcQRUB4zOA0ijpsRjUgnZa01qUadKou0t6Z1yqSxhxv zaWu8jec6lJv6BPym/ZOSH+cp/mfJULwTE8MnXUhpAV8sZtvIjW0iOwMjDhc/YgZ dAqEfQAEPZAUnWYRLJp/V1MqlsJaAbiZc9FP36quYqaxwro43AXsIC4k0HeloDWf n3DghPaOjmjekE4Gw/1TlbqnhlJuSYCXgLII47XyDuX9snnWMlXhkgA= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:13 2024 by rpki-client on console-fra.rpki-client.org