$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/A9TUrVS0yyWsFiXRXoUjZMwCuE8.roa File: A9TUrVS0yyWsFiXRXoUjZMwCuE8.roa (raw, json) Hash identifier: EFKz7Qp1KC/9PcB/sJjZQGIz1kMrAX+BBN9PMH0no/g= Subject key identifier: 03:D4:D4:AD:54:B4:CB:25:AC:16:25:D1:5E:85:23:64:CC:02:B8:4F Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 1D94 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/A9TUrVS0yyWsFiXRXoUjZMwCuE8.roa Signing time: Thu 12 Sep 2024 11:20:06 +0000 ROA not before: Thu 12 Sep 2024 11:20:06 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 212237 IP address blocks: 2403:6380:20::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7572 (0x1d94) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 12 11:20:06 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=03D4D4AD54B4CB25AC1625D15E852364CC02B84F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:a5:1b:7f:71:2a:60:cf:9a:85:01:94:a2:b3: 3d:65:c9:25:29:72:62:5c:fb:96:0e:ff:f6:d6:df: 7f:38:12:51:23:91:52:84:aa:c3:c9:80:43:44:51: c6:30:d4:7d:0f:43:e3:89:84:61:b7:3d:7f:bb:43: 66:91:76:1e:7f:ed:51:ba:27:42:b7:8f:8a:40:2f: e3:84:43:3d:3c:b4:47:f6:fc:31:ea:a1:9e:fc:6b: a6:fa:8c:7a:2e:c4:05:67:ca:ab:47:52:09:44:93: 03:59:27:72:0d:c4:cb:2d:db:5f:ab:6d:b8:29:bc: 65:aa:dc:11:9a:3c:88:14:9a:bc:47:1b:78:46:72: 72:55:7f:e4:88:eb:7c:5c:ca:3e:29:47:e2:66:28: 3a:bc:95:a4:a1:14:7f:eb:6d:f1:ad:35:41:3c:97: f9:68:40:25:51:0c:89:a9:1e:48:ab:9b:46:2a:dc: 6c:d9:f8:9b:75:59:c8:c8:5e:f5:90:89:6b:c1:a8: 14:ce:63:35:ce:84:3f:49:4f:24:58:f1:31:2d:1d: 45:7e:35:00:cf:36:19:06:b1:2f:f2:7b:00:4a:b3: f9:e0:02:47:83:74:33:1c:c2:46:2f:99:9d:b5:2b: e0:0b:4d:cb:a0:5e:80:dc:4e:0d:03:29:63:84:d4: 51:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:D4:D4:AD:54:B4:CB:25:AC:16:25:D1:5E:85:23:64:CC:02:B8:4F X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/A9TUrVS0yyWsFiXRXoUjZMwCuE8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380:20::/44 Signature Algorithm: sha256WithRSAEncryption 91:30:32:45:d8:5c:ef:b2:03:b9:d2:93:06:8c:90:d4:30:13: 70:7e:47:82:e5:e8:f5:62:fa:d7:c1:a1:a6:48:74:e2:c7:01: b8:57:01:18:61:5c:ba:d7:85:0c:12:f0:4d:92:22:60:a0:61: e8:69:c6:b1:4f:ab:10:e5:eb:cf:e7:f4:d9:de:93:14:65:72: 92:ce:95:88:a9:41:38:fe:7f:bb:f7:de:79:a4:53:9f:b8:02: 37:f5:d0:18:a0:ff:09:4f:71:94:21:5d:48:95:e2:45:b7:35: 28:5f:44:11:d9:40:69:17:fd:4b:6e:bf:27:d0:44:0c:01:51: 7e:42:ed:f8:c4:a6:4b:ab:da:17:99:d7:67:5a:c5:c6:9d:b4: 13:37:b1:b4:a5:fc:6f:8f:30:2c:69:a5:7e:34:f7:c5:5c:21: 18:35:27:66:68:e3:87:94:47:67:ea:ab:a1:3f:b0:64:7f:a9: ad:1c:8a:bf:e0:77:06:aa:15:20:ae:5d:9b:f1:25:7e:21:3e: e4:4e:58:2e:64:8a:f7:9e:d9:e4:bc:ab:32:d2:c5:0d:49:f0: f6:11:26:b0:f7:a5:6f:6f:a6:ac:81:e8:4f:a5:17:e1:70:b4: 32:63:4c:c7:bb:56:6a:eb:c7:4b:63:97:8a:91:b6:14:e0:99: 4a:34:c2:75 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICHZQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MTIx MTIwMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAzRDRENEFENTRCNENC MjVBQzE2MjVEMTVFODUyMzY0Q0MwMkI4NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDxpRt/cSpgz5qFAZSisz1lySUpcmJc+5YO//bW3384ElEjkVKE qsPJgENEUcYw1H0PQ+OJhGG3PX+7Q2aRdh5/7VG6J0K3j4pAL+OEQz08tEf2/DHq oZ78a6b6jHouxAVnyqtHUglEkwNZJ3INxMst21+rbbgpvGWq3BGaPIgUmrxHG3hG cnJVf+SI63xcyj4pR+JmKDq8laShFH/rbfGtNUE8l/loQCVRDImpHkirm0Yq3GzZ +Jt1WcjIXvWQiWvBqBTOYzXOhD9JTyRY8TEtHUV+NQDPNhkGsS/yewBKs/ngAkeD dDMcwkYvmZ21K+ALTcugXoDcTg0DKWOE1FGbAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUA9TUrVS0yyWsFiXRXoUjZMwCuE8wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvQTlUVXJWUzB5eVdz RmlYUlhvVWpaTXdDdUU4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQDY4AAIDANBgkqhkiG9w0BAQsFAAOCAQEAkTAyRdhc77IDudKTBoyQ1DAT cH5HguXo9WL618Ghpkh04scBuFcBGGFcuteFDBLwTZIiYKBh6GnGsU+rEOXrz+f0 2d6TFGVyks6ViKlBOP5/u/feeaRTn7gCN/XQGKD/CU9xlCFdSJXiRbc1KF9EEdlA aRf9S26/J9BEDAFRfkLt+MSmS6vaF5nXZ1rFxp20EzextKX8b48wLGmlfjT3xVwh GDUnZmjjh5RHZ+qroT+wZH+prRyKv+B3BqoVIK5dm/ElfiE+5E5YLmSK957Z5Lyr MtLFDUnw9hEmsPelb2+mrIHoT6UX4XC0MmNMx7tWauvHS2OXipG2FOCZSjTCdQ== -----END CERTIFICATE-----Generated at Fri Nov 22 13:38:12 2024 by rpki-client on console-fra.rpki-client.org