$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/HhDwzNoYcmkBZcMgeFEGhl5UBXU.roa File: HhDwzNoYcmkBZcMgeFEGhl5UBXU.roa (raw, json) Hash identifier: 2E5RSWubIJ4gxm/oWyVOH6Xorz/DdKUwaGEN0R5cikI= Subject key identifier: 1E:10:F0:CC:DA:18:72:69:01:65:C3:20:78:51:06:86:5E:54:05:75 Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022 Certificate serial: 1600 Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/HhDwzNoYcmkBZcMgeFEGhl5UBXU.roa Signing time: Wed 13 Mar 2024 01:22:02 +0000 ROA not before: Wed 13 Mar 2024 01:22:02 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 132168 IP address blocks: 2402:1440::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5632 (0x1600) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022 Validity Not Before: Mar 13 01:22:02 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=1E10F0CCDA1872690165C320785106865E540575 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:2d:d2:1b:0d:1d:9c:2f:97:8c:05:63:c7:12: ed:f4:bb:79:a6:e0:5c:76:4c:4a:cf:51:70:ce:49: f3:a4:ad:9c:fd:96:ef:1e:7b:e7:6f:b7:22:94:15: d6:51:be:95:26:e5:1d:a8:c7:c4:ae:7f:f9:b3:bf: 2e:52:d6:52:91:c0:0e:75:aa:5f:93:92:f6:ea:42: 26:44:2c:f0:1c:b6:41:af:4a:4f:d5:bb:8b:d5:ac: bc:fe:5e:77:ec:be:52:6f:00:e5:3c:d1:0b:ae:5d: 43:6a:3b:a0:28:7e:e9:df:72:9b:1a:ff:22:c1:f9: 49:69:a1:62:03:cc:5e:c3:57:bf:72:25:04:44:99: bd:58:47:db:71:96:e2:55:b6:c1:57:0b:7b:72:9c: 1a:57:4a:a2:9a:46:42:9e:11:d7:a7:76:45:e6:b8: 04:1e:58:96:36:8f:75:8b:0c:68:f6:1a:f1:17:b8: 89:22:53:65:9b:14:0c:bb:b9:e1:99:ec:b4:ee:82: f4:01:48:f9:ca:23:46:59:61:f1:72:1b:db:30:ea: 16:78:92:10:3d:ba:32:b3:05:bd:a0:8f:61:b2:e1: a4:ce:1f:81:88:3c:5e:60:5e:1a:39:7a:7f:75:e3: 1f:4b:5e:af:8d:b4:51:20:18:b7:e0:18:cf:4b:69: ab:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:10:F0:CC:DA:18:72:69:01:65:C3:20:78:51:06:86:5E:54:05:75 X509v3 Authority Key Identifier: keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/HhDwzNoYcmkBZcMgeFEGhl5UBXU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:1440::/32 Signature Algorithm: sha256WithRSAEncryption 9d:42:3f:8f:76:a3:d3:ad:56:06:8a:16:e2:69:ca:d9:63:27: af:79:a5:3a:4f:50:3b:b3:ae:2e:af:6d:12:77:1d:31:4a:9e: a9:d1:a8:e9:7b:25:5b:64:89:d9:46:80:d6:da:21:03:1b:9e: 23:f7:58:23:79:66:4f:ad:5b:df:35:4f:7c:98:d9:f0:16:5f: 23:44:b0:1f:65:c6:93:7c:d9:c0:b8:1e:d3:4e:cf:4d:db:16: bc:b8:09:1f:56:66:60:b4:76:0f:3d:61:95:a2:e3:e4:e6:07: 7e:6a:1a:82:b5:b5:88:59:99:93:d9:12:9a:51:43:fc:90:dc: a4:14:fb:b1:65:3a:11:8e:cd:a2:91:4b:75:d8:f1:0a:7b:17: a3:2f:2a:3b:f3:d3:30:e2:17:05:fe:2e:28:37:e4:d0:d2:2e: df:16:ca:b9:22:bd:b3:5e:5e:e7:80:0b:48:aa:01:1a:fa:3c: c4:a9:78:35:ad:7c:98:32:97:98:21:40:d0:b1:81:24:78:91: e9:22:f9:17:9b:f3:ea:f1:ff:53:9c:94:2f:08:c3:83:bd:40: 80:02:74:08:17:20:31:7e:a6:1e:64:46:fb:c2:56:92:46:aa: c1:d6:bb:a7:1b:14:78:f2:49:11:72:1a:72:ea:d9:89:43:b6: e3:5d:16:e2 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICFgAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yNDAzMTMw MTIyMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFFMTBGMENDREExODcy NjkwMTY1QzMyMDc4NTEwNjg2NUU1NDA1NzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDgLdIbDR2cL5eMBWPHEu30u3mm4Fx2TErPUXDOSfOkrZz9lu8e e+dvtyKUFdZRvpUm5R2ox8Suf/mzvy5S1lKRwA51ql+TkvbqQiZELPActkGvSk/V u4vVrLz+XnfsvlJvAOU80QuuXUNqO6Aofunfcpsa/yLB+UlpoWIDzF7DV79yJQRE mb1YR9txluJVtsFXC3tynBpXSqKaRkKeEdendkXmuAQeWJY2j3WLDGj2GvEXuIki U2WbFAy7ueGZ7LTugvQBSPnKI0ZZYfFyG9sw6hZ4khA9ujKzBb2gj2Gy4aTOH4GI PF5gXho5en914x9LXq+NtFEgGLfgGM9LaauXAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUHhDwzNoYcmkBZcMgeFEGhl5UBXUwHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvSGhEd3pOb1ljbWtC WmNNZ2VGRUdobDVVQlhVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQCFEAwDQYJKoZIhvcNAQELBQADggEBAJ1CP492o9OtVgaKFuJpytljJ695 pTpPUDuzri6vbRJ3HTFKnqnRqOl7JVtkidlGgNbaIQMbniP3WCN5Zk+tW981T3yY 2fAWXyNEsB9lxpN82cC4HtNOz03bFry4CR9WZmC0dg89YZWi4+TmB35qGoK1tYhZ mZPZEppRQ/yQ3KQU+7FlOhGOzaKRS3XY8Qp7F6MvKjvz0zDiFwX+Lig35NDSLt8W yrkivbNeXueAC0iqARr6PMSpeDWtfJgyl5ghQNCxgSR4keki+Reb8+rx/1OclC8I w4O9QIACdAgXIDF+ph5kRvvCVpJGqsHWu6cbFHjySRFyGnLq2YlDtuNdFuI= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:42 2024 by rpki-client on console-ams.rpki-client.org