$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/QSkRe6ewYXXxezbrTF3VMPaVhSM.roa File: QSkRe6ewYXXxezbrTF3VMPaVhSM.roa (raw, json) Hash identifier: z8EIZfwPDu6c0pr/1wfvDy11M1TTLb7Tf1Hu9x+lc0Q= Subject key identifier: 41:29:11:7B:A7:B0:61:75:F1:7B:36:EB:4C:5D:D5:30:F6:95:85:23 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 1D91 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/QSkRe6ewYXXxezbrTF3VMPaVhSM.roa Signing time: Thu 12 Sep 2024 11:20:05 +0000 ROA not before: Thu 12 Sep 2024 11:20:05 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 212237 IP address blocks: 2403:6380::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7569 (0x1d91) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 12 11:20:05 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=4129117BA7B06175F17B36EB4C5DD530F6958523 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:4b:55:33:4a:03:f5:f9:00:75:76:9f:52:7a: 5c:40:82:81:3b:6d:a8:bc:95:d7:f4:d1:d3:84:5a: d0:84:72:6b:ec:27:36:df:87:af:1e:ac:16:db:76: 8f:d7:cc:f2:6a:7c:50:64:3e:f5:ae:02:9f:4c:21: e1:39:01:cf:e3:22:4c:ce:9c:a6:d2:bf:61:0a:35: c0:c1:e3:0a:66:3c:6f:57:c5:a7:a6:c9:48:7a:6a: 9f:b7:9c:36:60:4d:09:f9:84:db:32:74:87:8d:a5: 38:8b:1c:69:1c:84:69:6e:cf:36:d7:e8:c5:19:bf: 4f:07:33:f2:5f:63:1b:29:9b:d4:ac:48:42:8c:a7: d0:82:44:37:86:1f:f7:6e:8d:60:57:11:0c:cd:1c: f6:48:61:73:7a:cd:d3:b7:28:06:fd:01:e3:45:a0: 92:53:dd:db:57:f0:52:cd:75:d9:e0:66:9a:25:d1: 02:92:32:fa:00:f8:61:69:73:0f:8b:d8:17:b9:7c: 6d:65:23:f4:56:54:ed:ef:d5:7e:11:a9:43:73:d4: 48:50:5d:2f:e3:b9:1d:63:0b:d8:7d:4e:a8:a0:12: 1b:c8:90:80:d1:82:0e:b1:87:69:24:3c:ec:50:25: 7b:a8:e6:43:0a:55:17:c8:20:d6:1b:bf:c9:e1:30: 2a:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:29:11:7B:A7:B0:61:75:F1:7B:36:EB:4C:5D:D5:30:F6:95:85:23 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/QSkRe6ewYXXxezbrTF3VMPaVhSM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380::/44 Signature Algorithm: sha256WithRSAEncryption 45:37:16:32:1f:dc:77:cb:73:0b:ea:63:de:ed:7d:76:24:1f: 94:fa:e7:52:64:b9:e2:aa:be:16:06:a0:dc:e4:ae:52:7d:62: 5b:6f:38:a3:a9:e8:13:6a:0c:a1:90:cb:fd:3b:c2:a0:73:a9: 96:4c:22:a0:b8:ce:c4:27:ee:54:03:58:7b:fa:66:b6:a6:1b: f9:63:2d:cf:ed:55:c4:78:2d:63:51:89:d1:27:e1:cf:4d:dd: 85:d9:da:1d:2c:fa:01:cf:95:b4:7b:47:4a:20:a5:2c:e9:a7: b9:e1:0a:c3:81:c0:f8:eb:51:0c:bf:91:7a:bf:29:10:a4:a9: 77:ba:53:26:43:ce:9a:e2:f2:99:41:2a:5e:5d:b7:e9:87:b5: 68:d8:78:f5:15:65:67:a3:17:cf:57:43:d1:e7:f7:4e:9b:0f: 85:9e:4a:60:a2:9b:8e:19:9c:b8:06:47:c7:4c:88:21:e7:ca: a2:c8:2c:75:a9:6f:ae:73:41:76:1b:4b:81:b4:e8:99:5d:c2: fb:c7:5e:e4:75:02:76:fc:ab:c4:7d:16:bf:a9:53:f2:46:7c: ec:25:c2:89:6c:44:9a:35:2c:ea:f8:93:88:f1:e7:a9:ca:4f: 44:83:f0:8e:8d:51:7c:6a:ed:42:e9:5b:e1:7f:33:f0:3b:1b: ce:43:6f:86 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICHZEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MTIx MTIwMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQxMjkxMTdCQTdCMDYx NzVGMTdCMzZFQjRDNURENTMwRjY5NTg1MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2S1UzSgP1+QB1dp9SelxAgoE7bai8ldf00dOEWtCEcmvsJzbf h68erBbbdo/XzPJqfFBkPvWuAp9MIeE5Ac/jIkzOnKbSv2EKNcDB4wpmPG9Xxaem yUh6ap+3nDZgTQn5hNsydIeNpTiLHGkchGluzzbX6MUZv08HM/JfYxspm9SsSEKM p9CCRDeGH/dujWBXEQzNHPZIYXN6zdO3KAb9AeNFoJJT3dtX8FLNddngZpol0QKS MvoA+GFpcw+L2Be5fG1lI/RWVO3v1X4RqUNz1EhQXS/juR1jC9h9TqigEhvIkIDR gg6xh2kkPOxQJXuo5kMKVRfIINYbv8nhMCo7AgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUQSkRe6ewYXXxezbrTF3VMPaVhSMwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvUVNrUmU2ZXdZWFh4 ZXpiclRGM1ZNUGFWaFNNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQDY4AAADANBgkqhkiG9w0BAQsFAAOCAQEARTcWMh/cd8tzC+pj3u19diQf lPrnUmS54qq+Fgag3OSuUn1iW284o6noE2oMoZDL/TvCoHOplkwioLjOxCfuVANY e/pmtqYb+WMtz+1VxHgtY1GJ0Sfhz03dhdnaHSz6Ac+VtHtHSiClLOmnueEKw4HA +OtRDL+Rer8pEKSpd7pTJkPOmuLymUEqXl236Ye1aNh49RVlZ6MXz1dD0ef3TpsP hZ5KYKKbjhmcuAZHx0yIIefKosgsdalvrnNBdhtLgbTomV3C+8de5HUCdvyrxH0W v6lT8kZ87CXCiWxEmjUs6viTiPHnqcpPRIPwjo1RfGrtQulb4X8z8DsbzkNvhg== -----END CERTIFICATE-----Generated at Fri Nov 22 13:38:12 2024 by rpki-client on console-fra.rpki-client.org