$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/fbfxmtCp0ZdCcgvrmBScMggNB6g.roa File: fbfxmtCp0ZdCcgvrmBScMggNB6g.roa (raw, json) Hash identifier: CUV8JwHwLOA4XmIRIUoOdJSYCX8L55+3JGVo/VIktAo= Subject key identifier: 7D:B7:F1:9A:D0:A9:D1:97:42:72:0B:EB:98:14:9C:32:08:0D:07:A8 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 1D99 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/fbfxmtCp0ZdCcgvrmBScMggNB6g.roa Signing time: Thu 12 Sep 2024 11:20:08 +0000 ROA not before: Thu 12 Sep 2024 11:20:08 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 212237 IP address blocks: 2403:6380::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 22:21:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7577 (0x1d99) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 12 11:20:08 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=7DB7F19AD0A9D19742720BEB98149C32080D07A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:93:2e:3f:8e:06:59:98:c7:89:5c:5f:e4:d1: 97:77:4c:c2:59:0c:8a:9d:92:65:a0:3f:75:57:2f: 99:57:8c:61:d0:16:f6:a4:6e:9d:07:6c:11:96:6a: b5:71:c8:3b:f2:54:0a:5b:26:0a:e3:38:6c:bc:6a: 3a:19:b2:07:53:8e:c7:b2:1b:94:3f:00:8a:ae:eb: 85:37:7c:cf:1d:95:d2:72:e0:6a:32:8b:a1:96:f7: b0:eb:44:79:59:40:88:09:44:f9:80:cb:8e:a8:c8: 79:b8:32:0b:db:0a:03:18:2a:c8:9e:2d:5d:30:35: 35:aa:10:94:c4:f4:e1:ad:6f:b3:3f:51:f5:d8:73: 83:00:5a:72:7c:84:9e:e4:f8:c6:d6:8e:52:a0:1e: 91:29:db:51:3e:00:29:ac:5c:dc:ce:d7:e5:47:5d: be:e0:10:73:84:9f:fa:2a:e6:4e:10:f5:fb:cb:46: ee:4b:f5:7d:b7:8e:3c:16:5b:2e:79:5c:b6:95:84: a7:a8:9e:95:14:b0:df:73:f5:7f:41:d5:93:52:b2: 32:90:ae:00:80:b1:5d:5c:a9:4c:c5:56:82:e6:a8: c1:7f:c0:07:8f:42:48:de:17:68:f9:f6:51:98:2a: b9:1c:bd:e7:2c:0e:0f:53:c9:da:3a:b7:88:3b:b4: 02:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:B7:F1:9A:D0:A9:D1:97:42:72:0B:EB:98:14:9C:32:08:0D:07:A8 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/fbfxmtCp0ZdCcgvrmBScMggNB6g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380::/40 Signature Algorithm: sha256WithRSAEncryption 82:8f:61:7f:3c:4a:a0:d4:e9:1c:d9:1f:52:9d:a8:23:47:74: 55:94:1c:d6:47:dc:0f:22:12:53:c4:a1:de:dd:73:75:57:c5: 5a:01:95:cb:07:f4:b4:8f:9d:cb:e5:89:15:09:ce:2a:f2:62: 0c:21:fa:04:14:85:0b:8f:86:12:98:20:75:a2:67:9c:31:f9: b4:c5:99:1e:4f:b7:6a:fb:84:85:6d:66:f5:79:6b:98:0d:06: d8:b8:8e:72:96:97:7a:aa:b6:9a:9d:40:5e:83:14:5c:3a:94: ae:35:88:2e:c9:1d:82:9f:a9:c2:51:e0:9f:dd:a3:e0:28:72: 94:20:e9:d8:e1:68:b6:de:92:2e:d4:5c:dd:5f:2e:9e:e8:69: ab:85:8f:1d:f7:cd:2d:51:85:4f:98:8a:cf:57:a9:81:58:2f: a1:d0:c4:4d:0c:a8:2f:6c:56:50:4e:26:86:da:c3:93:da:3a: 23:1d:d9:7f:de:00:be:ac:e1:6e:af:7f:26:12:78:d5:7f:36: f3:c6:d1:78:e0:1f:92:9a:7a:9b:b8:c3:f9:33:62:4b:68:67: 2b:e3:85:bc:a9:24:f1:6a:4f:0d:1f:da:9b:91:92:d2:ee:1c: 2a:1b:6a:49:4a:c8:55:54:ac:08:be:78:3b:1f:6a:52:e6:6b: ae:11:d5:c1 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICHZkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MTIx MTIwMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdEQjdGMTlBRDBBOUQx OTc0MjcyMEJFQjk4MTQ5QzMyMDgwRDA3QTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLky4/jgZZmMeJXF/k0Zd3TMJZDIqdkmWgP3VXL5lXjGHQFvak bp0HbBGWarVxyDvyVApbJgrjOGy8ajoZsgdTjseyG5Q/AIqu64U3fM8dldJy4Goy i6GW97DrRHlZQIgJRPmAy46oyHm4MgvbCgMYKsieLV0wNTWqEJTE9OGtb7M/UfXY c4MAWnJ8hJ7k+MbWjlKgHpEp21E+ACmsXNzO1+VHXb7gEHOEn/oq5k4Q9fvLRu5L 9X23jjwWWy55XLaVhKeonpUUsN9z9X9B1ZNSsjKQrgCAsV1cqUzFVoLmqMF/wAeP QkjeF2j59lGYKrkcvecsDg9Tydo6t4g7tAK3AgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQUfbfxmtCp0ZdCcgvrmBScMggNB6gwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvZmJmeG10Q3AwWmRD Y2d2cm1CU2NNZ2dOQjZnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIw CAMGACQDY4AAMA0GCSqGSIb3DQEBCwUAA4IBAQCCj2F/PEqg1Okc2R9SnagjR3RV lBzWR9wPIhJTxKHe3XN1V8VaAZXLB/S0j53L5YkVCc4q8mIMIfoEFIULj4YSmCB1 omecMfm0xZkeT7dq+4SFbWb1eWuYDQbYuI5ylpd6qraanUBegxRcOpSuNYguyR2C n6nCUeCf3aPgKHKUIOnY4Wi23pIu1FzdXy6e6GmrhY8d980tUYVPmIrPV6mBWC+h 0MRNDKgvbFZQTiaG2sOT2jojHdl/3gC+rOFur38mEnjVfzbzxtF44B+SmnqbuMP5 M2JLaGcr44W8qSTxak8NH9qbkZLS7hwqG2pJSshVVKwIvng7H2pS5muuEdXB -----END CERTIFICATE-----Generated at Mon Nov 25 21:48:21 2024 by rpki-client on console-ams.rpki-client.org