$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/xxW-2WEuhe9ieSFFNxR6Sa8BlRk.roa File: xxW-2WEuhe9ieSFFNxR6Sa8BlRk.roa (raw, json) Hash identifier: Ly95fDZjsIPZ510IJYSooOWSbRN4M/pWdTrNi//PSjA= Subject key identifier: C7:15:BE:D9:61:2E:85:EF:62:79:21:45:37:14:7A:49:AF:01:95:19 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 1D83 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/xxW-2WEuhe9ieSFFNxR6Sa8BlRk.roa Signing time: Thu 12 Sep 2024 11:20:00 +0000 ROA not before: Thu 12 Sep 2024 11:20:00 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 212237 IP address blocks: 2403:6380:10::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7555 (0x1d83) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 12 11:20:00 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=C715BED9612E85EF6279214537147A49AF019519 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:86:0d:09:86:68:a0:68:79:d0:6a:ac:31:57: ef:da:30:68:f1:c0:be:5d:db:e6:02:1f:cd:b5:f5: 1f:cf:12:4e:00:d2:2c:b0:27:d1:ff:26:1f:2d:57: 13:a1:0d:63:66:8e:2e:14:95:97:6e:ca:7a:83:af: 6f:29:76:e7:b3:32:1c:49:28:99:6e:88:91:1f:25: ea:7a:e3:1d:4b:b7:77:a0:f5:ee:c7:8a:cc:e7:ce: ae:58:95:81:c4:c0:fe:d0:6f:3d:d6:ee:b5:ec:ba: 6f:b3:18:df:3a:61:3c:d6:d6:2f:01:a5:b4:83:71: 8d:d2:81:63:5c:31:b4:02:35:88:95:b7:97:7f:c9: cc:ae:83:4e:b9:67:50:af:bc:f1:6e:dd:3e:dc:f7: 5f:5d:5e:13:ef:e9:6e:c8:45:01:ab:27:93:f0:e5: 19:15:dc:3b:c2:8e:ff:68:3e:27:aa:f0:5f:e9:f9: e9:75:f7:c5:eb:31:7b:28:cb:56:25:58:d5:79:9e: b3:62:02:83:bb:3a:b2:72:99:79:52:9b:80:69:75: bf:80:fb:bd:a2:c3:51:91:c0:ce:51:bf:d1:22:3c: 61:60:cf:ea:75:be:ea:49:6e:86:b2:c7:fd:db:c0: 3a:df:15:4f:42:5f:71:fd:fc:7e:3a:a6:cc:a2:8b: 38:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:15:BE:D9:61:2E:85:EF:62:79:21:45:37:14:7A:49:AF:01:95:19 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/xxW-2WEuhe9ieSFFNxR6Sa8BlRk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380:10::/44 Signature Algorithm: sha256WithRSAEncryption 44:01:bb:60:30:28:ec:b6:5c:2a:28:df:a7:ce:59:b9:9f:7e: 0d:be:23:f6:d7:0b:a1:87:af:80:b0:6f:19:10:71:32:cf:de: a5:45:d3:87:57:d3:d9:34:b5:87:b8:0c:f3:4e:80:fb:3a:98: 2e:0d:58:ab:6b:15:30:17:94:79:f3:6d:68:8f:9f:8e:45:53: 20:d4:7c:43:6d:3f:14:35:ef:db:b4:7a:d6:d4:1b:b8:11:1f: 7e:e6:49:47:11:b9:9b:29:70:d9:76:9e:3c:e6:a0:b6:44:e7: e9:cf:8b:69:92:14:f0:6b:97:cb:f9:e2:8a:cb:22:0e:fb:f1: 58:e5:2c:82:bc:36:50:8e:07:69:96:1c:24:18:7d:71:db:2d: 9b:0e:60:87:a0:17:53:bc:74:ed:2e:12:6b:e7:93:9e:41:cd: b9:10:ef:eb:8b:11:69:0b:e9:62:46:f7:30:20:6e:21:c7:de: 55:a2:52:e3:1c:5b:3f:fc:f8:d7:7e:62:ae:d3:bb:6d:2b:fa: 13:07:59:3a:5d:dc:55:e5:bb:86:87:10:99:69:d9:7d:be:a1: 24:2d:53:e0:e8:2d:1f:39:d0:4f:99:f2:8c:43:ed:40:ee:9d: 12:1b:12:7b:a1:71:ae:7d:4d:9f:dc:16:7e:96:f9:2a:81:dc: 59:2c:15:53 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICHYMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MTIx MTIwMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM3MTVCRUQ5NjEyRTg1 RUY2Mjc5MjE0NTM3MTQ3QTQ5QUYwMTk1MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGhg0JhmigaHnQaqwxV+/aMGjxwL5d2+YCH8219R/PEk4A0iyw J9H/Jh8tVxOhDWNmji4UlZduynqDr28pduezMhxJKJluiJEfJep64x1Lt3eg9e7H isznzq5YlYHEwP7Qbz3W7rXsum+zGN86YTzW1i8BpbSDcY3SgWNcMbQCNYiVt5d/ ycyug065Z1CvvPFu3T7c919dXhPv6W7IRQGrJ5Pw5RkV3DvCjv9oPieq8F/p+el1 98XrMXsoy1YlWNV5nrNiAoO7OrJymXlSm4Bpdb+A+72iw1GRwM5Rv9EiPGFgz+p1 vupJboayx/3bwDrfFU9CX3H9/H46psyiizh/AgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUxxW+2WEuhe9ieSFFNxR6Sa8BlRkwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEveHhXLTJXRXVoZTlp ZVNGRk54UjZTYThCbFJrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQDY4AAEDANBgkqhkiG9w0BAQsFAAOCAQEARAG7YDAo7LZcKijfp85ZuZ9+ Db4j9tcLoYevgLBvGRBxMs/epUXTh1fT2TS1h7gM806A+zqYLg1Yq2sVMBeUefNt aI+fjkVTINR8Q20/FDXv27R61tQbuBEffuZJRxG5mylw2XaePOagtkTn6c+LaZIU 8GuXy/niissiDvvxWOUsgrw2UI4HaZYcJBh9cdstmw5gh6AXU7x07S4Sa+eTnkHN uRDv64sRaQvpYkb3MCBuIcfeVaJS4xxbP/z4135irtO7bSv6EwdZOl3cVeW7hocQ mWnZfb6hJC1T4OgtHznQT5nyjEPtQO6dEhsSe6Fxrn1Nn9wWfpb5KoHcWSwVUw== -----END CERTIFICATE-----Generated at Fri Nov 22 13:38:12 2024 by rpki-client on console-fra.rpki-client.org