$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/z7Het45FGU3sSwr8zMXrLxtucE8.roa File: z7Het45FGU3sSwr8zMXrLxtucE8.roa (raw, json) Hash identifier: pOtXnF3Bb5daVUamPlo9jYe+G9YeS2k2YBCWtxSuitE= Subject key identifier: CF:B1:DE:B7:8E:45:19:4D:EC:4B:0A:FC:CC:C5:EB:2F:1B:6E:70:4F Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1822 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/z7Het45FGU3sSwr8zMXrLxtucE8.roa Signing time: Fri 17 Jan 2025 01:24:38 +0000 ROA not before: Fri 17 Jan 2025 01:24:38 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 138527 IP address blocks: 45.252.48.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6178 (0x1822) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:24:38 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=CFB1DEB78E45194DEC4B0AFCCCC5EB2F1B6E704F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:7a:70:14:3c:4b:03:d6:db:2d:f2:d6:20:62: 60:ee:04:3e:3c:6a:bc:61:6e:9b:7b:a4:bb:a6:b5: 76:38:ed:04:00:cd:36:ed:d7:93:07:a5:92:ba:63: f7:29:96:4d:e7:e8:08:87:7e:6a:8e:13:ba:b2:63: f4:f0:eb:af:71:ee:e3:fd:f1:35:83:f9:d8:45:b5: cd:4c:27:79:3f:8b:13:b9:81:94:e5:05:5e:8c:b7: 4c:4c:3c:61:24:f2:76:a6:c4:79:7d:99:59:55:2c: ae:29:9b:31:ae:b4:fc:3d:eb:6b:a5:d4:f1:09:6f: ee:81:8d:e5:08:a1:f7:ce:f4:07:c8:3b:ce:fc:e2: 2d:60:c4:68:3c:20:ea:76:4e:71:1d:f2:3c:63:67: c5:1b:29:dd:29:3f:d1:6e:6c:77:1d:f9:13:cb:55: ea:c2:a1:04:d4:8f:8d:32:d7:62:1e:1b:cf:ab:1e: 33:40:66:74:7b:ac:90:e3:5d:f1:e1:93:c3:0d:5b: 41:1b:67:7f:a1:ed:32:89:59:2e:f8:17:6e:b2:51: 66:c2:3e:b7:1d:e8:42:b3:41:27:48:40:96:69:10: 83:a4:26:cc:4f:55:f0:dc:19:a3:25:02:b0:58:50: 00:8c:45:bd:3f:75:e6:af:84:47:e3:a8:a8:bf:3b: 26:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:B1:DE:B7:8E:45:19:4D:EC:4B:0A:FC:CC:C5:EB:2F:1B:6E:70:4F X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/z7Het45FGU3sSwr8zMXrLxtucE8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.48.0/22 Signature Algorithm: sha256WithRSAEncryption 42:43:f9:dd:a3:f5:58:94:3e:c6:79:eb:21:36:5c:d8:7f:46: 83:98:27:db:a4:fb:c4:14:13:36:67:13:ce:46:de:b8:81:67: 4e:bc:4c:aa:8a:4c:25:8d:b4:e0:4f:15:0b:b6:6f:d5:80:78: e1:16:67:ab:2f:b9:81:74:df:56:ff:01:78:69:ac:77:38:70: 4a:3a:4b:d2:2e:4b:3d:2b:27:b9:f6:00:f3:d9:53:c8:dc:5a: ec:d2:f8:49:4f:a3:0f:f5:4b:38:80:81:ce:8f:47:fb:d1:62: 8b:be:22:72:8e:8f:4a:8d:9b:0b:f6:99:4f:14:35:54:1d:17: d2:fc:dc:38:62:d5:43:30:57:2e:cd:63:b7:03:db:79:8f:58: f6:ba:05:0b:73:8d:5a:6d:21:83:76:2d:c9:40:19:d1:eb:b2: 45:d7:6b:e6:a0:4d:6a:2f:71:b2:54:ad:2c:a8:43:c9:d8:12: 03:2e:e3:70:c6:96:26:48:1a:02:c8:d3:e2:3f:c8:ab:9e:57: d2:1a:fe:52:80:20:f9:e8:27:61:44:12:d5:df:d8:e1:de:eb: 98:ea:73:f4:19:8b:b6:59:57:28:a7:e7:fc:68:8a:a7:5c:12: 8f:fc:87:2e:a9:62:7c:01:09:a5:b1:cf:67:1a:13:b3:69:ed: 93:82:87:d9 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGCIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI0MzhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKENGQjFERUI3OEU0NTE5 NERFQzRCMEFGQ0NDQzVFQjJGMUI2RTcwNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDYenAUPEsD1tst8tYgYmDuBD48arxhbpt7pLumtXY47QQAzTbt 15MHpZK6Y/cplk3n6AiHfmqOE7qyY/Tw669x7uP98TWD+dhFtc1MJ3k/ixO5gZTl BV6Mt0xMPGEk8namxHl9mVlVLK4pmzGutPw962ul1PEJb+6BjeUIoffO9AfIO878 4i1gxGg8IOp2TnEd8jxjZ8UbKd0pP9FubHcd+RPLVerCoQTUj40y12IeG8+rHjNA ZnR7rJDjXfHhk8MNW0EbZ3+h7TKJWS74F26yUWbCPrcd6EKzQSdIQJZpEIOkJsxP VfDcGaMlArBYUACMRb0/deavhEfjqKi/OyYdAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUz7Het45FGU3sSwr8zMXrLxtucE8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3o3SGV0NDVGR1Uzc1N3 cjh6TVhyTHh0dWNFOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/DAwDQYJKoZIhvcNAQELBQADggEBAEJD+d2j9ViUPsZ56yE2XNh/RoOYJ9uk +8QUEzZnE85G3riBZ068TKqKTCWNtOBPFQu2b9WAeOEWZ6svuYF031b/AXhprHc4 cEo6S9IuSz0rJ7n2APPZU8jcWuzS+ElPow/1SziAgc6PR/vRYou+InKOj0qNmwv2 mU8UNVQdF9L83Dhi1UMwVy7NY7cD23mPWPa6BQtzjVptIYN2LclAGdHrskXXa+ag TWovcbJUrSyoQ8nYEgMu43DGliZIGgLI0+I/yKueV9Ia/lKAIPnoJ2FEEtXf2OHe 65jqc/QZi7ZZVyin5/xoiqdcEo/8hy6pYnwBCaWxz2caE7Np7ZOCh9k= -----END CERTIFICATE-----Generated at Fri Apr 4 18:41:57 2025 by rpki-client