$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/qKVEJVfnw8gyBjGM98vZSoLRpv0.roa File: qKVEJVfnw8gyBjGM98vZSoLRpv0.roa (raw, json) Hash identifier: T6r81Wt5ZgeYdxno5PWOqavrUNWRfwZJGU71jQxQtTY= Subject key identifier: A8:A5:44:25:57:E7:C3:C8:32:06:31:8C:F7:CB:D9:4A:82:D1:A6:FD Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 1D9A Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/qKVEJVfnw8gyBjGM98vZSoLRpv0.roa Signing time: Thu 12 Sep 2024 11:20:08 +0000 ROA not before: Thu 12 Sep 2024 11:20:08 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 212237 IP address blocks: 2403:6380:12::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7578 (0x1d9a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 12 11:20:08 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=A8A5442557E7C3C83206318CF7CBD94A82D1A6FD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:3c:fa:86:0a:b8:19:b4:e2:c8:54:d1:dc:9b: 95:2c:f5:4f:f4:a7:d1:0f:0d:0c:b9:19:ca:f7:5d: 34:df:d7:e5:bd:2b:87:66:73:0e:c8:c9:9c:dd:f5: 85:7b:98:55:71:87:a4:e1:c2:a3:a3:95:32:4a:ca: 3c:0c:65:c8:17:13:bf:08:bf:53:af:55:00:37:de: 3d:e2:cc:47:d2:ac:72:ce:c4:bd:64:5b:bd:1c:da: f8:7c:29:4a:d1:9e:b3:d2:ac:59:fc:69:c0:4e:4b: b9:1e:5d:e2:d3:45:57:49:53:42:6e:19:62:32:cb: 74:fa:02:0e:4f:0e:75:58:08:64:6c:8e:72:e6:a4: 81:8c:4d:aa:6f:c7:64:fa:93:0c:05:02:f6:97:52: a0:cb:cd:d1:eb:5c:08:48:a1:7b:76:a3:f6:6b:5b: 44:10:56:13:7e:10:05:b1:54:51:92:eb:1a:78:d6: 75:24:f3:e5:cb:45:9a:02:fc:bc:50:c9:41:e5:ad: 95:a7:dc:b9:2b:d3:30:99:2b:b2:69:fc:a2:6a:d3: 76:c5:61:98:c4:2f:f2:09:d0:2d:4a:84:da:ad:df: d2:b9:6f:ee:c6:00:89:5a:09:48:cb:02:8f:43:5b: 3f:19:31:e9:72:af:db:4f:09:cb:f1:7d:12:11:96: d6:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:A5:44:25:57:E7:C3:C8:32:06:31:8C:F7:CB:D9:4A:82:D1:A6:FD X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/qKVEJVfnw8gyBjGM98vZSoLRpv0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380:12::/48 Signature Algorithm: sha256WithRSAEncryption d0:43:e6:b1:97:5a:3e:b3:5a:64:6c:26:08:2f:fc:3f:55:7a: 57:5b:6a:3c:c9:fc:0b:ac:39:8f:6e:34:ec:ed:16:f4:19:f3: b4:a6:b4:0d:34:4f:82:63:0f:9a:5a:e3:54:ae:82:eb:fc:a8: 79:c8:d0:6d:13:53:8f:70:82:ac:0e:59:09:a3:8c:db:99:84: 62:12:b3:35:ea:ec:69:b1:91:0f:bf:5f:03:5a:57:8b:9b:99: de:44:25:4f:a2:06:c2:ec:50:82:ac:3a:e6:4f:9a:94:f0:d6: 7d:01:48:e7:11:09:69:6a:81:b7:59:f3:98:a9:32:2c:4b:fd: 1c:1a:79:ec:ce:57:35:9a:cc:86:49:3b:aa:cb:53:05:2b:d5: 48:f6:52:a2:db:f7:23:47:7e:cd:ad:8e:63:23:8e:36:4f:cc: 48:cf:8b:26:c8:7b:7e:bb:67:d5:17:25:51:ca:fa:75:07:26: df:8e:9e:3c:24:09:01:59:38:01:bf:bf:bd:94:09:0c:c3:53: fb:0b:bf:d8:86:d4:b0:90:2d:14:c7:fd:bc:90:da:14:ed:78: dd:88:42:95:e3:b5:0c:59:d9:26:56:19:74:e0:c0:95:e5:e7: ab:1e:04:24:df:e1:8b:0a:50:a2:2b:00:4c:6d:ab:77:c6:77: 28:c7:d6:1e -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICHZowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MTIx MTIwMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE4QTU0NDI1NTdFN0Mz QzgzMjA2MzE4Q0Y3Q0JEOTRBODJEMUE2RkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDkPPqGCrgZtOLIVNHcm5Us9U/0p9EPDQy5Gcr3XTTf1+W9K4dm cw7IyZzd9YV7mFVxh6ThwqOjlTJKyjwMZcgXE78Iv1OvVQA33j3izEfSrHLOxL1k W70c2vh8KUrRnrPSrFn8acBOS7keXeLTRVdJU0JuGWIyy3T6Ag5PDnVYCGRsjnLm pIGMTapvx2T6kwwFAvaXUqDLzdHrXAhIoXt2o/ZrW0QQVhN+EAWxVFGS6xp41nUk 8+XLRZoC/LxQyUHlrZWn3Lkr0zCZK7Jp/KJq03bFYZjEL/IJ0C1KhNqt39K5b+7G AIlaCUjLAo9DWz8ZMelyr9tPCcvxfRIRltYBAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUqKVEJVfnw8gyBjGM98vZSoLRpv0wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvcUtWRUpWZm53OGd5 QmpHTTk4dlpTb0xScHYwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQDY4AAEjANBgkqhkiG9w0BAQsFAAOCAQEA0EPmsZdaPrNaZGwmCC/8P1V6 V1tqPMn8C6w5j2407O0W9BnztKa0DTRPgmMPmlrjVK6C6/yoecjQbRNTj3CCrA5Z CaOM25mEYhKzNersabGRD79fA1pXi5uZ3kQlT6IGwuxQgqw65k+alPDWfQFI5xEJ aWqBt1nzmKkyLEv9HBp57M5XNZrMhkk7qstTBSvVSPZSotv3I0d+za2OYyOONk/M SM+LJsh7frtn1RclUcr6dQcm346ePCQJAVk4Ab+/vZQJDMNT+wu/2IbUsJAtFMf9 vJDaFO143YhCleO1DFnZJlYZdODAleXnqx4EJN/hiwpQoisATG2rd8Z3KMfWHg== -----END CERTIFICATE-----Generated at Fri Nov 22 14:30:51 2024 by rpki-client on console-ams.rpki-client.org