$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1200/dLFLCfPOJDiqV6nl1WUYq9RRY9k.roa File: dLFLCfPOJDiqV6nl1WUYq9RRY9k.roa (raw, json) Hash identifier: w2+eyboMg2raNvzyBBq1UkUe5snucvpd2HG/9se/Uu4= Subject key identifier: 74:B1:4B:09:F3:CE:24:38:AA:57:A9:E5:D5:65:18:AB:D4:51:63:D9 Certificate issuer: /CN=6191AACDCE560A74D83C05DA8EA9327AF944DBBD Certificate serial: 0CB6 Authority key identifier: 61:91:AA:CD:CE:56:0A:74:D8:3C:05:DA:8E:A9:32:7A:F9:44:DB:BD Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YZGqzc5WCnTYPAXajqkyevlE270.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/dLFLCfPOJDiqV6nl1WUYq9RRY9k.roa Signing time: Wed 13 Mar 2024 01:21:03 +0000 ROA not before: Wed 13 Mar 2024 01:21:03 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 59022 IP address blocks: 2400:ebc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/YZGqzc5WCnTYPAXajqkyevlE270.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/YZGqzc5WCnTYPAXajqkyevlE270.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YZGqzc5WCnTYPAXajqkyevlE270.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3254 (0xcb6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6191AACDCE560A74D83C05DA8EA9327AF944DBBD Validity Not Before: Mar 13 01:21:03 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=74B14B09F3CE2438AA57A9E5D56518ABD45163D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:e3:4f:d3:c2:86:76:66:e8:79:3b:a3:b6:36: 5a:d7:77:6a:e1:a0:46:f3:d7:d6:41:b0:a9:e3:ec: 8a:1a:68:e4:06:57:db:aa:a4:00:82:a0:c3:bb:de: 57:b4:d1:50:8b:f0:ce:bc:90:3e:d5:9e:c9:38:3a: c5:87:13:d2:81:8b:97:e3:67:d2:3d:30:ba:72:ec: cd:8b:25:51:31:87:a2:f5:49:cb:fb:98:26:3b:e4: 66:99:29:74:a2:84:c6:24:71:01:c4:b5:3b:fa:93: 7b:ba:f3:cc:54:3d:62:f4:0c:1e:55:71:4b:76:99: 4d:92:fd:49:64:8f:3a:83:80:21:0d:71:01:12:38: f1:2d:64:df:23:bf:53:df:cc:c0:61:c0:cf:fc:d0: a1:4c:fe:4a:d8:27:ab:3e:7c:95:69:d6:75:37:76: 98:cd:a1:6a:58:79:77:2e:db:1b:61:2a:e3:1c:d0: b2:13:4b:13:2e:9a:eb:6d:6b:e3:52:2b:3f:47:c3: a7:8e:fd:ea:47:b3:91:5f:62:17:19:cc:cd:cb:19: 95:7b:2e:05:46:6e:83:9d:03:45:13:71:de:a1:38: fd:9a:04:49:9e:9f:ee:46:73:67:57:99:76:cb:fa: 0d:4a:bf:61:06:9a:d7:30:b1:2d:61:15:4c:1c:eb: 3f:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:B1:4B:09:F3:CE:24:38:AA:57:A9:E5:D5:65:18:AB:D4:51:63:D9 X509v3 Authority Key Identifier: keyid:61:91:AA:CD:CE:56:0A:74:D8:3C:05:DA:8E:A9:32:7A:F9:44:DB:BD X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/YZGqzc5WCnTYPAXajqkyevlE270.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YZGqzc5WCnTYPAXajqkyevlE270.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/dLFLCfPOJDiqV6nl1WUYq9RRY9k.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:ebc0::/32 Signature Algorithm: sha256WithRSAEncryption 59:b7:89:6e:d2:a9:ec:88:9d:e2:c6:f6:94:9b:42:8d:11:a3: da:53:f7:7d:12:64:3b:e8:38:54:b4:8d:3c:72:7b:8f:95:eb: ea:2e:4e:f2:37:e0:76:b5:df:0e:88:4f:92:e7:0d:88:ac:e7: 1b:03:2f:32:8f:d0:2f:76:bb:10:52:85:78:b6:96:20:97:35: dd:07:a2:53:13:12:3b:09:ba:9f:8c:b3:40:81:15:10:07:34: 82:9b:b1:f0:e8:de:6f:8b:9c:8b:9d:a5:23:db:f8:2d:a1:12: a6:1b:c9:76:ab:a4:91:44:8d:a3:3f:da:ed:74:18:50:4f:28: 5c:43:e4:17:f7:63:26:94:1e:1f:8d:19:b1:27:dd:5d:f9:2a: 50:59:31:02:8a:3b:b2:5d:7f:84:7b:bc:8d:2e:b8:99:f7:f8: 22:dd:33:67:5d:c2:da:5e:38:02:52:62:c5:47:23:d2:94:c7: a6:0c:2d:3c:59:01:c6:11:ca:da:56:74:26:1f:f9:bc:81:c6: 2e:52:d9:0e:c7:d0:a9:15:14:b0:90:fb:70:9f:c9:6d:8e:2a: 45:c3:39:7c:86:04:a4:13:8d:81:71:6a:59:72:e7:07:19:73: 7c:be:ae:12:12:eb:d1:21:90:4c:74:66:5e:c4:33:a6:d7:cd: 83:fe:17:4c -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICDLYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjE5 MUFBQ0RDRTU2MEE3NEQ4M0MwNURBOEVBOTMyN0FGOTQ0REJCRDAeFw0yNDAzMTMw MTIxMDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc0QjE0QjA5RjNDRTI0 MzhBQTU3QTlFNUQ1NjUxOEFCRDQ1MTYzRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCe40/TwoZ2Zuh5O6O2NlrXd2rhoEbz19ZBsKnj7IoaaOQGV9uq pACCoMO73le00VCL8M68kD7Vnsk4OsWHE9KBi5fjZ9I9MLpy7M2LJVExh6L1Scv7 mCY75GaZKXSihMYkcQHEtTv6k3u688xUPWL0DB5VcUt2mU2S/UlkjzqDgCENcQES OPEtZN8jv1PfzMBhwM/80KFM/krYJ6s+fJVp1nU3dpjNoWpYeXcu2xthKuMc0LIT SxMumutta+NSKz9Hw6eO/epHs5FfYhcZzM3LGZV7LgVGboOdA0UTcd6hOP2aBEme n+5Gc2dXmXbL+g1Kv2EGmtcwsS1hFUwc6z89AgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUdLFLCfPOJDiqV6nl1WUYq9RRY9kwHwYDVR0jBBgwFoAUYZGqzc5WCnTYPAXa jqkyevlE270wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIw MC9ZWkdxemM1V0NuVFlQQVhhanFreWV2bEUyNzAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1laR3F6YzVXQ25UWVBBWGFqcWt5ZXZsRTI3MC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMDAvZExGTENmUE9KRGlx VjZubDFXVVlxOVJSWTlrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQA68AwDQYJKoZIhvcNAQELBQADggEBAFm3iW7SqeyIneLG9pSbQo0Ro9pT 930SZDvoOFS0jTxye4+V6+ouTvI34Ha13w6IT5LnDYis5xsDLzKP0C92uxBShXi2 liCXNd0HolMTEjsJup+Ms0CBFRAHNIKbsfDo3m+LnIudpSPb+C2hEqYbyXarpJFE jaM/2u10GFBPKFxD5Bf3YyaUHh+NGbEn3V35KlBZMQKKO7Jdf4R7vI0uuJn3+CLd M2ddwtpeOAJSYsVHI9KUx6YMLTxZAcYRytpWdCYf+byBxi5S2Q7H0KkVFLCQ+3Cf yW2OKkXDOXyGBKQTjYFxally5wcZc3y+rhIS69EhkEx0Zl7EM6bXzYP+F0w= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:42 2024 by rpki-client on console-ams.rpki-client.org