$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/t8xdPLb9kQp9DDa5XyaEgGglR70.roa File: t8xdPLb9kQp9DDa5XyaEgGglR70.roa (raw, json) Hash identifier: /Qlr+yGjNqzeZQm7HCKVOoKb5ZeWWL3df37Rd5Bjy/s= Subject key identifier: B7:CC:5D:3C:B6:FD:91:0A:7D:0C:36:B9:5F:26:84:80:68:25:47:BD Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 1D97 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/t8xdPLb9kQp9DDa5XyaEgGglR70.roa Signing time: Thu 12 Sep 2024 11:20:07 +0000 ROA not before: Thu 12 Sep 2024 11:20:07 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 212237 IP address blocks: 2403:6380:40::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7575 (0x1d97) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 12 11:20:07 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=B7CC5D3CB6FD910A7D0C36B95F268480682547BD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:ae:f6:b8:d7:26:6d:c0:87:76:bf:2d:a5:29: 9b:4b:ec:26:03:21:e1:f7:b1:12:5b:43:48:a1:73: fd:76:d6:e1:71:92:a4:1d:f0:3d:54:4f:e6:84:54: f2:fa:f0:36:a7:0f:4b:ae:a7:88:c1:c8:08:ef:8e: f5:89:77:72:ec:81:a8:b5:61:64:a3:f0:61:fb:2f: 42:de:03:e7:a9:82:f6:b8:17:b4:28:73:2d:35:9b: 15:cd:a5:b2:3f:db:9b:ac:6b:09:73:7e:60:9f:b3: 6a:09:c0:35:2b:e9:cf:ed:86:ac:7d:6d:d5:8b:ba: 4a:3a:78:be:15:52:96:9c:f8:8a:9c:8c:91:56:20: e4:6c:d2:ec:27:3c:29:35:4f:0d:aa:e0:73:b4:e4: ab:1e:30:13:21:68:2b:48:b0:f6:f4:a9:f4:8d:03: 8c:2d:51:d5:3b:53:bf:71:ce:c5:c7:25:fe:4d:ed: 63:cc:02:4d:25:19:0f:63:51:3f:ba:3f:d5:71:de: 18:c4:38:4d:27:5c:21:7c:d9:94:92:68:8a:c6:a2: a8:9f:96:eb:c5:3a:e3:ca:31:7e:08:aa:bc:07:04: e7:76:d4:5e:d1:71:37:13:32:f2:71:b4:3a:eb:98: ed:bc:aa:27:6e:58:aa:73:73:3a:29:75:cc:81:1b: ac:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:CC:5D:3C:B6:FD:91:0A:7D:0C:36:B9:5F:26:84:80:68:25:47:BD X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/t8xdPLb9kQp9DDa5XyaEgGglR70.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380:40::/44 Signature Algorithm: sha256WithRSAEncryption d4:fd:84:c1:cf:07:18:f7:d6:b4:28:b1:bd:c4:67:95:58:7c: e4:e9:31:90:c0:24:07:02:be:44:c7:2b:37:45:6c:94:25:93: 79:f1:45:3b:ee:0f:27:45:50:4e:3a:b6:fc:93:30:0e:43:ae: 8a:2c:18:63:02:bb:fd:df:0f:19:aa:32:fe:ae:1b:d6:bd:4f: ea:42:c1:ad:53:14:10:f2:48:9c:43:6f:db:b0:ad:1c:32:f5: 13:d8:c9:b7:7b:09:49:94:cf:5d:42:be:f5:99:1a:e0:09:4e: 05:a6:5f:f8:6d:2c:a7:f1:88:67:df:1a:65:7b:c2:d4:8a:47: 22:55:e2:e9:df:f7:41:51:14:44:3b:6f:e5:d2:79:29:3b:56: d9:5f:87:e1:bf:2a:99:b2:29:68:e3:b1:c4:76:71:a3:5d:aa: 92:d0:a7:82:f1:ce:5d:dd:9b:53:d2:16:b4:c3:85:b4:7e:c8: fd:73:66:e4:9f:fe:b9:d2:8a:0c:c4:53:cc:f3:fe:c4:a8:1e: 3d:1c:86:10:8f:86:74:5b:47:46:51:fd:07:10:35:97:e6:6c: ba:9a:cf:83:39:3b:52:4f:4d:99:b5:b1:d2:29:99:51:84:5b: 60:18:8f:03:df:cc:e8:46:62:38:47:e0:57:b5:2c:b3:93:fb: 01:7e:05:64 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICHZcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MTIx MTIwMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI3Q0M1RDNDQjZGRDkx MEE3RDBDMzZCOTVGMjY4NDgwNjgyNTQ3QkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNrva41yZtwId2vy2lKZtL7CYDIeH3sRJbQ0ihc/121uFxkqQd 8D1UT+aEVPL68DanD0uup4jByAjvjvWJd3Lsgai1YWSj8GH7L0LeA+epgva4F7Qo cy01mxXNpbI/25usawlzfmCfs2oJwDUr6c/thqx9bdWLuko6eL4VUpac+IqcjJFW IORs0uwnPCk1Tw2q4HO05KseMBMhaCtIsPb0qfSNA4wtUdU7U79xzsXHJf5N7WPM Ak0lGQ9jUT+6P9Vx3hjEOE0nXCF82ZSSaIrGoqifluvFOuPKMX4IqrwHBOd21F7R cTcTMvJxtDrrmO28qiduWKpzczopdcyBG6wzAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUt8xdPLb9kQp9DDa5XyaEgGglR70wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvdDh4ZFBMYjlrUXA5 RERhNVh5YUVnR2dsUjcwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQDY4AAQDANBgkqhkiG9w0BAQsFAAOCAQEA1P2Ewc8HGPfWtCixvcRnlVh8 5OkxkMAkBwK+RMcrN0VslCWTefFFO+4PJ0VQTjq2/JMwDkOuiiwYYwK7/d8PGaoy /q4b1r1P6kLBrVMUEPJInENv27CtHDL1E9jJt3sJSZTPXUK+9Zka4AlOBaZf+G0s p/GIZ98aZXvC1IpHIlXi6d/3QVEURDtv5dJ5KTtW2V+H4b8qmbIpaOOxxHZxo12q ktCngvHOXd2bU9IWtMOFtH7I/XNm5J/+udKKDMRTzPP+xKgePRyGEI+GdFtHRlH9 BxA1l+ZsuprPgzk7Uk9NmbWx0imZUYRbYBiPA9/M6EZiOEfgV7Uss5P7AX4FZA== -----END CERTIFICATE-----Generated at Fri Nov 22 14:30:51 2024 by rpki-client on console-ams.rpki-client.org