$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/sGOSXaTGjaiX5jte0ZwGkPigJIw.roa File: sGOSXaTGjaiX5jte0ZwGkPigJIw.roa (raw, json) Hash identifier: bkJ+D8/jBxPboKZRJKHRW4iMcZIFFv/ykKe1kO05lSE= Subject key identifier: B0:63:92:5D:A4:C6:8D:A8:97:E6:3B:5E:D1:9C:06:90:F8:A0:24:8C Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 148C Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sGOSXaTGjaiX5jte0ZwGkPigJIw.roa Signing time: Wed 11 Sep 2024 02:23:28 +0000 ROA not before: Wed 11 Sep 2024 02:23:28 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 45.252.16.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5260 (0x148c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:28 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=B063925DA4C68DA897E63B5ED19C0690F8A0248C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:19:31:c5:12:ea:73:b7:c4:82:59:80:ff:2a: c5:e9:d1:02:79:ae:ae:6f:5c:5d:dc:d7:45:cd:3f: 49:95:a3:9c:7f:ea:e1:17:60:a3:b4:06:96:01:2b: b7:37:7c:0a:34:ee:9d:29:e8:10:9d:f9:a5:1d:23: 44:fa:a1:ba:d7:8f:3a:87:ef:8f:ad:a3:e5:d7:02: ff:22:05:44:15:d2:64:bf:e2:6a:ba:48:cc:62:62: 1d:6b:bc:c4:a8:68:7a:b3:05:c2:c1:13:3c:83:76: 46:f3:c9:a5:54:50:e6:0c:74:1f:49:f8:91:66:38: 22:a8:ce:06:f9:05:37:50:d1:9b:eb:0b:51:d0:ff: da:77:b9:fe:e9:41:9e:19:05:c6:b8:cd:31:31:62: e5:57:49:3c:cc:36:d4:a4:6c:bc:e8:20:58:2b:ed: 1a:89:62:20:77:04:17:a6:38:0c:90:e0:c1:0a:95: 68:31:7b:51:20:bb:ba:a1:2d:92:1b:9a:77:a4:62: 3e:c5:98:73:58:82:4a:4b:e5:4e:a9:a3:a9:6d:67: 25:85:d6:37:74:a5:80:c2:c8:1b:68:10:fb:0c:48: 2e:57:16:ef:14:9a:8a:57:9b:03:cd:89:4a:54:9d: 30:fb:35:4e:2d:e6:f9:73:fd:02:1d:27:b7:86:f8: 28:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:63:92:5D:A4:C6:8D:A8:97:E6:3B:5E:D1:9C:06:90:F8:A0:24:8C X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sGOSXaTGjaiX5jte0ZwGkPigJIw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.16.0/22 Signature Algorithm: sha256WithRSAEncryption 5b:79:f8:f4:de:b0:b4:71:3e:c9:85:74:11:aa:42:cd:6c:c8: 50:67:67:2b:68:1f:bc:91:da:a4:b1:6f:01:a2:0b:61:bb:59: 9b:b0:fd:20:43:38:3a:2f:ee:17:f8:1e:c7:8d:27:2a:19:aa: 05:dd:72:c7:12:db:82:74:b1:fc:87:4a:19:33:92:da:4d:ef: 65:82:9b:59:08:36:45:37:f9:87:0c:49:c6:11:c5:b0:f3:39: 9e:47:c1:37:f5:43:b8:3c:f2:73:d2:73:3a:bd:2b:5e:6d:f3: c3:a9:34:44:89:c8:82:1b:88:03:93:df:18:34:05:6f:fb:28: 7f:36:bd:a2:e8:7d:c2:09:ab:1d:3b:df:68:e9:19:ae:b0:5a: c3:6d:b6:89:5a:68:be:24:62:93:1b:eb:a8:c8:b7:16:a6:ed: 77:a4:e1:23:cf:63:f8:3d:64:8b:01:ab:6b:30:99:c6:3a:ee: e4:34:5e:2e:6a:32:a8:f6:99:20:b8:a9:1c:69:20:a5:9b:01: f5:8e:63:ff:a7:25:fd:23:ce:20:29:f1:20:3e:72:18:3e:0c: 6e:7a:4b:d7:58:2a:ba:b9:92:a2:ad:7d:ae:db:0c:28:6a:3e: a6:99:fd:52:61:2d:8d:ff:0a:38:e7:ae:80:d6:ad:78:89:db: 11:22:ef:2a -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFIwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIwNjM5MjVEQTRDNjhE QTg5N0U2M0I1RUQxOUMwNjkwRjhBMDI0OEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyGTHFEupzt8SCWYD/KsXp0QJ5rq5vXF3c10XNP0mVo5x/6uEX YKO0BpYBK7c3fAo07p0p6BCd+aUdI0T6obrXjzqH74+to+XXAv8iBUQV0mS/4mq6 SMxiYh1rvMSoaHqzBcLBEzyDdkbzyaVUUOYMdB9J+JFmOCKozgb5BTdQ0ZvrC1HQ /9p3uf7pQZ4ZBca4zTExYuVXSTzMNtSkbLzoIFgr7RqJYiB3BBemOAyQ4MEKlWgx e1Egu7qhLZIbmnekYj7FmHNYgkpL5U6po6ltZyWF1jd0pYDCyBtoEPsMSC5XFu8U mopXmwPNiUpUnTD7NU4t5vlz/QIdJ7eG+CihAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUsGOSXaTGjaiX5jte0ZwGkPigJIwwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3NHT1NYYVRHamFpWDVq dGUwWndHa1BpZ0pJdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/BAwDQYJKoZIhvcNAQELBQADggEBAFt5+PTesLRxPsmFdBGqQs1syFBnZyto H7yR2qSxbwGiC2G7WZuw/SBDODov7hf4HseNJyoZqgXdcscS24J0sfyHShkzktpN 72WCm1kINkU3+YcMScYRxbDzOZ5HwTf1Q7g88nPSczq9K15t88OpNESJyIIbiAOT 3xg0BW/7KH82vaLofcIJqx0732jpGa6wWsNttolaaL4kYpMb66jItxam7Xek4SPP Y/g9ZIsBq2swmcY67uQ0Xi5qMqj2mSC4qRxpIKWbAfWOY/+nJf0jziAp8SA+chg+ DG56S9dYKrq5kqKtfa7bDChqPqaZ/VJhLY3/CjjnroDWrXiJ2xEi7yo= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:47 2024 by rpki-client on console-ams.rpki-client.org