$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/e_W__lhZil4gfIEsiWn6OSkFOdc.roa File: e_W__lhZil4gfIEsiWn6OSkFOdc.roa (raw, json) Hash identifier: Z7V4EQH2mr8/aMflJgQYXxAIsQ/UZwSrbEqb3h6L+N4= Subject key identifier: 7B:F5:BF:FE:58:59:8A:5E:20:7C:81:2C:89:69:FA:39:29:05:39:D7 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 1D82 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/e_W__lhZil4gfIEsiWn6OSkFOdc.roa Signing time: Thu 12 Sep 2024 11:20:00 +0000 ROA not before: Thu 12 Sep 2024 11:20:00 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 212237 IP address blocks: 2403:6380:32::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7554 (0x1d82) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 12 11:20:00 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=7BF5BFFE58598A5E207C812C8969FA39290539D7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:c7:88:b0:41:45:4b:6a:d6:53:b9:48:b3:d1: c3:db:2e:b6:10:b4:19:de:7b:10:36:89:8b:95:d9: 4d:97:69:84:75:13:9e:f7:21:b7:5d:2b:44:30:55: 72:0d:ff:71:3e:df:f4:ec:98:a0:e1:03:e0:3c:75: 6e:b5:78:b2:b3:a3:73:81:3a:b4:73:29:3b:d1:ae: a9:4d:fe:c4:29:27:06:88:56:7f:4a:30:ff:29:56: fe:7d:23:ae:96:de:c1:51:cf:ef:ef:84:c3:0a:34: 29:b2:f2:4e:98:19:5d:21:2c:77:35:09:de:9a:12: ca:e7:ea:58:0d:db:12:f4:a0:52:e6:1f:52:41:4f: f6:31:c9:f1:e4:91:06:8f:63:b9:a7:ea:28:26:32: 24:a4:de:43:a6:14:54:09:32:fb:66:14:42:db:3b: 4c:4f:8f:d7:78:c8:38:97:88:f4:53:23:1a:38:09: 31:c2:a8:f8:b8:07:ee:22:73:bb:93:d6:4f:a8:52: 6d:ad:f9:48:a9:0c:49:a1:ad:4b:6e:59:12:1e:fc: 9d:1b:21:18:6d:df:50:4f:fe:e1:5d:0d:56:f0:a2: 39:36:90:54:05:07:cf:cf:be:d9:59:45:0f:0c:57: a7:cb:5f:35:c0:27:07:b5:9c:cc:55:b4:91:84:59: c3:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:F5:BF:FE:58:59:8A:5E:20:7C:81:2C:89:69:FA:39:29:05:39:D7 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/e_W__lhZil4gfIEsiWn6OSkFOdc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380:32::/48 Signature Algorithm: sha256WithRSAEncryption ad:d5:fa:f0:84:c9:0a:4b:30:61:aa:b3:5c:5e:3b:95:3e:b0: 32:4b:eb:49:5f:d7:83:12:73:ff:11:82:5e:79:ab:23:61:b8: 0a:61:01:33:20:21:9a:f5:61:c5:0f:e0:e4:68:66:94:77:4a: a0:df:76:a2:85:15:d1:d9:0a:cb:3d:83:b7:20:41:82:46:dc: 48:34:b4:55:72:e6:43:9f:ef:16:c2:25:8c:a1:89:ed:ae:35: e9:35:ce:cd:3e:14:2f:27:b5:5f:28:4b:3d:61:3d:98:ec:21: 3e:3b:97:c4:9a:66:25:cb:11:94:c6:a1:05:a9:56:3f:0e:17: 7c:88:bf:a0:a4:cd:1c:81:c1:bc:10:bf:84:af:5e:c5:18:9d: 66:a1:02:3e:96:08:35:ba:23:67:9d:44:3f:1e:e0:e9:de:29: 5b:b4:66:b1:46:0a:f0:8d:fb:6f:11:d2:ef:4e:7b:89:2e:a0: 89:0e:4f:1b:67:e6:e9:14:10:07:d5:ac:17:9f:af:1c:5b:d6: 66:ee:b9:78:de:36:3a:5b:c1:ff:04:04:a2:9c:8e:d8:1d:96: 1a:99:97:f4:43:90:8b:29:f1:ad:d3:c0:ec:7a:eb:7f:02:89: 9e:2b:3e:4b:78:41:b4:f4:d6:7f:6a:8d:99:fc:ef:a8:8f:b7: 8d:70:f1:c4 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICHYIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MTIx MTIwMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdCRjVCRkZFNTg1OThB NUUyMDdDODEyQzg5NjlGQTM5MjkwNTM5RDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpx4iwQUVLatZTuUiz0cPbLrYQtBneexA2iYuV2U2XaYR1E573 IbddK0QwVXIN/3E+3/TsmKDhA+A8dW61eLKzo3OBOrRzKTvRrqlN/sQpJwaIVn9K MP8pVv59I66W3sFRz+/vhMMKNCmy8k6YGV0hLHc1Cd6aEsrn6lgN2xL0oFLmH1JB T/YxyfHkkQaPY7mn6igmMiSk3kOmFFQJMvtmFELbO0xPj9d4yDiXiPRTIxo4CTHC qPi4B+4ic7uT1k+oUm2t+UipDEmhrUtuWRIe/J0bIRht31BP/uFdDVbwojk2kFQF B8/PvtlZRQ8MV6fLXzXAJwe1nMxVtJGEWcP3AgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUe/W//lhZil4gfIEsiWn6OSkFOdcwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvZV9XX19saFppbDRn ZklFc2lXbjZPU2tGT2RjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQDY4AAMjANBgkqhkiG9w0BAQsFAAOCAQEArdX68ITJCkswYaqzXF47lT6w MkvrSV/XgxJz/xGCXnmrI2G4CmEBMyAhmvVhxQ/g5GhmlHdKoN92ooUV0dkKyz2D tyBBgkbcSDS0VXLmQ5/vFsIljKGJ7a416TXOzT4ULye1XyhLPWE9mOwhPjuXxJpm JcsRlMahBalWPw4XfIi/oKTNHIHBvBC/hK9exRidZqECPpYINbojZ51EPx7g6d4p W7RmsUYK8I37bxHS7057iS6giQ5PG2fm6RQQB9WsF5+vHFvWZu65eN42OlvB/wQE opyO2B2WGpmX9EOQiynxrdPA7HrrfwKJnis+S3hBtPTWf2qNmfzvqI+3jXDxxA== -----END CERTIFICATE-----Generated at Fri Nov 22 13:38:12 2024 by rpki-client on console-fra.rpki-client.org