$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/kGHFfqdiBK4HoRls2-q0DbbzdVQ.roa File: kGHFfqdiBK4HoRls2-q0DbbzdVQ.roa (raw, json) Hash identifier: ZjTxb7gaI3O0GCktcPoRXER8ED06yfFT/TKIZ+ZbKyM= Subject key identifier: 90:61:C5:7E:A7:62:04:AE:07:A1:19:6C:DB:EA:B4:0D:B6:F3:75:54 Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022 Certificate serial: 1601 Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/kGHFfqdiBK4HoRls2-q0DbbzdVQ.roa Signing time: Wed 13 Mar 2024 01:22:02 +0000 ROA not before: Wed 13 Mar 2024 01:22:02 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 59033 IP address blocks: 2402:1440::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5633 (0x1601) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022 Validity Not Before: Mar 13 01:22:02 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=9061C57EA76204AE07A1196CDBEAB40DB6F37554 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:e6:9e:b7:fb:d2:95:ba:67:ee:fa:b0:fd:c4: 7c:01:f9:8e:4f:cd:e7:c6:7d:ae:ca:ff:c2:44:fd: ee:5f:37:15:c8:da:ca:58:b0:91:6d:93:bc:10:98: ef:f6:c1:cd:7d:89:f7:14:b0:51:ec:a7:4c:8c:f0: 33:4b:ef:f5:5b:4e:79:c9:89:dc:1b:1c:81:c6:3d: 17:b5:e5:e9:41:0c:36:d5:2a:18:18:17:26:87:ba: b7:d2:48:fa:cf:60:fc:4f:f9:e0:d6:01:75:a3:8c: 7a:2f:3d:eb:3a:7f:d5:6e:c6:c9:e6:d0:43:4f:b1: 98:4b:f2:d7:f5:62:8e:d4:bc:66:4a:8a:0d:56:86: 2e:0f:fd:7a:fb:e6:6a:18:e3:60:22:e4:33:b2:08: 7a:bf:b4:99:2b:2e:ec:2c:56:4c:d1:00:c0:bb:82: a6:13:7e:7b:4e:74:10:d9:50:59:9d:e6:b4:54:ec: a9:a6:91:83:38:d4:11:d8:1e:c3:ab:0f:07:a6:0e: c0:ce:d1:0c:53:fe:e4:d3:72:e4:0c:23:cf:9f:a8: 58:c8:af:1a:6b:89:fc:3b:23:10:5d:1f:b6:10:99: 78:03:b8:ce:ce:cb:da:25:04:f3:1a:06:90:33:c3: b5:63:a9:31:6b:b0:60:50:7d:1f:3c:3a:e0:5d:fb: ab:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:61:C5:7E:A7:62:04:AE:07:A1:19:6C:DB:EA:B4:0D:B6:F3:75:54 X509v3 Authority Key Identifier: keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/kGHFfqdiBK4HoRls2-q0DbbzdVQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:1440::/32 Signature Algorithm: sha256WithRSAEncryption 66:c2:d7:82:67:5f:9a:67:a8:0c:a5:f7:de:fa:4a:77:8c:f7: d2:5b:c0:a2:4d:14:b8:4a:cc:af:b4:60:8a:c8:c4:3c:dc:71: 42:e6:4f:ae:76:f0:2a:1e:b7:f7:d9:15:da:7c:e5:f2:1d:8b: 00:70:31:1a:76:b0:e7:12:14:ae:b0:f9:6e:d6:23:e9:8b:ae: ff:91:35:4f:03:b2:5e:fb:0d:44:18:8d:b3:8d:54:28:e0:7b: b2:70:56:67:b5:4b:ca:ac:7a:ef:0f:85:2c:be:be:1f:0e:72: a5:f3:e0:27:0a:8c:4f:dc:5c:23:8b:88:dd:1e:b1:94:17:18: a9:95:1e:2f:fc:12:01:eb:8c:a6:bc:21:56:16:83:eb:24:63: 98:f7:f6:e9:4a:28:2f:ba:f2:8d:5f:5e:12:6d:e3:00:49:77: de:97:bb:d5:25:e1:c9:ea:99:00:3a:80:5e:a6:6d:b7:76:2b: 99:2b:ad:85:cc:49:9c:77:bc:f9:05:13:df:84:f5:78:25:b0: 23:67:5d:a5:35:eb:2a:0e:f4:cd:b3:65:1d:a4:1b:db:89:d1: b2:01:8b:6f:4a:0e:e8:2b:b5:d8:0f:c0:cc:56:b2:d7:91:82: 3c:26:d3:a8:90:13:66:74:95:b6:a1:26:67:65:12:cf:dc:46: 3e:9d:41:27 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICFgEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yNDAzMTMw MTIyMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwNjFDNTdFQTc2MjA0 QUUwN0ExMTk2Q0RCRUFCNDBEQjZGMzc1NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDK5p63+9KVumfu+rD9xHwB+Y5PzefGfa7K/8JE/e5fNxXI2spY sJFtk7wQmO/2wc19ifcUsFHsp0yM8DNL7/VbTnnJidwbHIHGPRe15elBDDbVKhgY FyaHurfSSPrPYPxP+eDWAXWjjHovPes6f9Vuxsnm0ENPsZhL8tf1Yo7UvGZKig1W hi4P/Xr75moY42Ai5DOyCHq/tJkrLuwsVkzRAMC7gqYTfntOdBDZUFmd5rRU7Kmm kYM41BHYHsOrDwemDsDO0QxT/uTTcuQMI8+fqFjIrxprifw7IxBdH7YQmXgDuM7O y9olBPMaBpAzw7VjqTFrsGBQfR88OuBd+6s5AgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUkGHFfqdiBK4HoRls2+q0DbbzdVQwHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcva0dIRmZxZGlCSzRI b1JsczItcTBEYmJ6ZFZRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQCFEAwDQYJKoZIhvcNAQELBQADggEBAGbC14JnX5pnqAyl9976SneM99Jb wKJNFLhKzK+0YIrIxDzccULmT6528Coet/fZFdp85fIdiwBwMRp2sOcSFK6w+W7W I+mLrv+RNU8Dsl77DUQYjbONVCjge7JwVme1S8qseu8PhSy+vh8OcqXz4CcKjE/c XCOLiN0esZQXGKmVHi/8EgHrjKa8IVYWg+skY5j39ulKKC+68o1fXhJt4wBJd96X u9Ul4cnqmQA6gF6mbbd2K5krrYXMSZx3vPkFE9+E9XglsCNnXaU16yoO9M2zZR2k G9uJ0bIBi29KDugrtdgPwMxWsteRgjwm06iQE2Z0lbahJmdlEs/cRj6dQSc= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:09 2024 by rpki-client on console-fra.rpki-client.org