$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2154/zDyyxg5IOYc8_qOsqr4_R3Thuq0.roa File: zDyyxg5IOYc8_qOsqr4_R3Thuq0.roa (raw, json) Hash identifier: TAazcAYgIIyVl5zEYN1mTlYrN5u7EWpIPrjVt3iJeHw= Subject key identifier: CC:3C:B2:C6:0E:48:39:87:3C:FE:A3:AC:AA:BE:3F:47:74:E1:BA:AD Certificate issuer: /CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2 Certificate serial: 018D Authority key identifier: E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/zDyyxg5IOYc8_qOsqr4_R3Thuq0.roa Signing time: Tue 08 Oct 2024 10:02:32 +0000 ROA not before: Tue 08 Oct 2024 10:02:32 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 63631 IP address blocks: 2407:8b80::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 397 (0x18d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2 Validity Not Before: Oct 8 10:02:32 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=CC3CB2C60E4839873CFEA3ACAABE3F4774E1BAAD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:54:b0:b3:49:09:c1:74:8a:1d:cc:2c:c3:ae: 61:04:62:8d:d3:18:2b:10:8d:cf:58:7a:9f:f0:cc: dc:cd:ec:32:eb:eb:53:4b:81:eb:e1:bf:7f:23:29: a6:2d:95:b9:62:75:32:ae:22:5b:d3:60:cf:58:3a: bb:bb:09:51:3f:c7:e9:4c:08:bd:e5:fc:89:f6:51: 32:c0:97:3a:8a:26:ff:3b:80:95:37:ee:8a:25:30: 22:93:df:db:03:81:33:d2:9d:9d:e5:dc:74:6f:08: 64:52:4c:43:c9:fb:11:ab:13:fe:de:7d:f6:d8:86: 84:87:13:dc:48:60:17:38:20:7f:cc:04:4f:53:45: d1:58:0e:fa:23:fd:de:72:4f:8e:32:84:26:f5:f4: 16:d4:b3:7b:74:12:a7:7a:e2:84:fe:27:57:4a:45: 84:3b:d9:20:d4:97:99:be:2e:3e:3f:fb:06:72:33: 26:62:7b:67:55:2e:76:50:0a:3a:7d:d4:20:4d:b2: 18:44:5a:d0:a0:60:e4:dc:e1:5f:85:7c:19:3a:80: cb:83:e7:e1:e1:61:59:af:01:cf:a5:78:46:05:7d: 3c:80:4c:9d:61:9d:4e:e7:05:f2:cb:47:00:f3:8d: 8f:0f:5e:96:4d:7d:64:d6:f7:b8:aa:cc:01:0e:f7: 3a:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:3C:B2:C6:0E:48:39:87:3C:FE:A3:AC:AA:BE:3F:47:74:E1:BA:AD X509v3 Authority Key Identifier: keyid:E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/zDyyxg5IOYc8_qOsqr4_R3Thuq0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:8b80::/32 Signature Algorithm: sha256WithRSAEncryption 7d:ac:8c:80:f2:83:af:56:46:17:c8:2b:82:92:5c:06:fa:f6: f6:7c:02:d1:96:bd:82:92:ff:d2:30:34:9e:4a:04:d8:c9:28: 97:17:9d:ee:89:7c:ae:5d:0e:e6:69:36:0c:6a:c8:2a:c7:4a: df:e0:7a:9d:a5:f1:12:a4:8d:c4:be:68:19:9f:54:89:0c:a0: e5:46:66:bf:ea:c9:9f:3f:ff:c0:1c:ba:46:92:cf:8a:cf:21: 90:fe:33:d3:6d:b0:91:01:f7:64:aa:8d:1f:ab:bb:2c:a8:a7: 36:07:c4:6b:e2:e8:b1:37:a6:64:60:61:73:c7:1a:ea:4f:c9: c2:23:f6:c3:5f:20:c7:e3:4a:16:c3:32:c9:50:b1:e1:3c:8d: 91:20:75:c6:7f:bd:c2:2e:35:c0:6a:c6:e4:20:ba:eb:9c:91: ed:de:20:22:28:b9:98:31:8c:0d:de:28:51:53:a3:14:63:1b: 2c:76:80:6d:13:43:ab:8f:58:7a:9b:23:5b:7b:37:fe:7d:96: d8:49:83:12:81:0c:1b:7e:6b:7a:15:0e:27:10:63:22:ff:61: c1:20:ef:b8:3c:2b:90:29:e4:e4:af:5a:19:84:18:c7:4c:a2: ec:ef:a4:e1:43:66:27:cd:08:1e:67:fb:40:24:8d:6d:5f:64: 51:e2:92:4b -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICAY0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTUw MkRFMkM2MDg2QTY2Mjg0QjgwQ0RCN0I1QUMwQzEyQ0MzRjNDMjAeFw0yNDEwMDgx MDAyMzJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKENDM0NCMkM2MEU0ODM5 ODczQ0ZFQTNBQ0FBQkUzRjQ3NzRFMUJBQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQClVLCzSQnBdIodzCzDrmEEYo3TGCsQjc9Yep/wzNzN7DLr61NL gevhv38jKaYtlblidTKuIlvTYM9YOru7CVE/x+lMCL3l/In2UTLAlzqKJv87gJU3 7oolMCKT39sDgTPSnZ3l3HRvCGRSTEPJ+xGrE/7effbYhoSHE9xIYBc4IH/MBE9T RdFYDvoj/d5yT44yhCb19BbUs3t0Eqd64oT+J1dKRYQ72SDUl5m+Lj4/+wZyMyZi e2dVLnZQCjp91CBNshhEWtCgYOTc4V+FfBk6gMuD5+HhYVmvAc+leEYFfTyATJ1h nU7nBfLLRwDzjY8PXpZNfWTW97iqzAEO9zrHAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUzDyyxg5IOYc8/qOsqr4/R3Thuq0wHwYDVR0jBBgwFoAU5QLeLGCGpmKEuAzb e1rAwSzD88IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjE1 NC81UUxlTEdDR3BtS0V1QXpiZTFyQXdTekQ4OEkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzVRTGVMR0NHcG1LRXVBemJlMXJBd1N6RDg4SS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxNTQvekR5eXhnNUlPWWM4 X3FPc3FyNF9SM1RodXEwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHi4AwDQYJKoZIhvcNAQELBQADggEBAH2sjIDyg69WRhfIK4KSXAb69vZ8 AtGWvYKS/9IwNJ5KBNjJKJcXne6JfK5dDuZpNgxqyCrHSt/gep2l8RKkjcS+aBmf VIkMoOVGZr/qyZ8//8AcukaSz4rPIZD+M9NtsJEB92SqjR+ruyyopzYHxGvi6LE3 pmRgYXPHGupPycIj9sNfIMfjShbDMslQseE8jZEgdcZ/vcIuNcBqxuQguuucke3e ICIouZgxjA3eKFFToxRjGyx2gG0TQ6uPWHqbI1t7N/59lthJgxKBDBt+a3oVDicQ YyL/YcEg77g8K5Ap5OSvWhmEGMdMouzvpOFDZifNCB5n+0AkjW1fZFHikks= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:09 2024 by rpki-client on console-fra.rpki-client.org