$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/BSmvnMNOKFcCngwVf7TyTYFVr80.roa File: BSmvnMNOKFcCngwVf7TyTYFVr80.roa (raw, json) Hash identifier: U8NgkHDxIiXlsC3csGmrIN0QiPdqG65WxHtOBK1CNx0= Subject key identifier: 05:29:AF:9C:C3:4E:28:57:02:9E:0C:15:7F:B4:F2:4D:81:55:AF:CD Certificate issuer: /CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Certificate serial: 15EC Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/BSmvnMNOKFcCngwVf7TyTYFVr80.roa Signing time: Wed 13 Mar 2024 01:22:28 +0000 ROA not before: Wed 13 Mar 2024 01:22:28 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 18257 IP address blocks: 2404:6380::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5612 (0x15ec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Validity Not Before: Mar 13 01:22:28 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=0529AF9CC34E2857029E0C157FB4F24D8155AFCD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:0d:de:72:44:79:af:dd:fb:17:12:31:58:9f: 7d:20:7f:cd:96:fa:86:63:b4:a0:64:e1:fd:ac:39: bb:1f:41:5d:56:10:a6:96:50:6d:18:7e:8c:01:fc: 9b:b1:a6:f4:41:d8:80:75:36:95:93:eb:63:2d:e4: b7:ed:a8:74:0e:e2:61:8a:3a:39:b8:9f:2a:5b:a9: 40:a6:05:81:60:3d:3d:bf:c7:9b:bb:df:aa:a6:76: 30:cc:1b:eb:83:60:6d:be:29:05:bc:6f:ba:41:97: 07:d0:de:bb:5a:6e:2e:25:99:9c:4c:c3:84:a0:38: de:9e:46:ab:d2:38:54:74:a1:c9:f5:07:fe:1b:2c: 49:3a:22:fd:68:86:6d:cb:fe:e8:fc:bc:d0:37:3b: d0:93:b4:3a:7a:23:63:28:9d:93:17:4d:c9:a0:e0: 97:93:ed:45:09:86:48:31:85:b6:fe:40:62:ac:b6: bd:48:88:21:2b:db:c6:5c:2d:0e:7a:6d:13:25:86: c7:a2:65:ef:4e:b8:75:97:b2:82:9b:5c:35:53:77: a9:a3:e2:43:a2:5b:70:44:63:18:bc:6b:e9:d5:7f: 19:d5:64:a0:6f:52:df:46:9a:ee:d4:a3:3c:6b:8a: c8:55:01:ed:92:a7:b8:9f:b6:ec:62:27:af:e6:52: 19:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:29:AF:9C:C3:4E:28:57:02:9E:0C:15:7F:B4:F2:4D:81:55:AF:CD X509v3 Authority Key Identifier: keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/BSmvnMNOKFcCngwVf7TyTYFVr80.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:6380::/32 Signature Algorithm: sha256WithRSAEncryption 5a:c7:c6:f3:25:37:de:2a:a6:b2:30:a7:c3:db:aa:7d:62:2c: 7f:2f:53:77:bc:d6:65:46:96:35:83:e8:9b:0c:74:6e:5e:1c: e0:9c:28:d5:60:3a:fa:91:ee:65:49:3b:b3:41:b5:1d:2c:db: fd:71:13:f3:b5:52:4f:13:cc:b3:9d:c4:48:c9:27:0e:4c:3f: 16:60:9f:9e:81:86:ca:a7:5a:48:fa:e3:9e:d9:8f:aa:48:47: ec:41:d6:b6:d3:83:c6:df:d8:df:7c:90:c7:77:60:3e:8d:c8: 5f:b5:5c:05:ab:0f:9c:fd:78:4a:d3:c8:73:a4:74:9c:20:5e: ef:59:a4:86:ff:e3:f9:8a:9c:0c:cf:4d:c1:77:48:d6:8f:57: fe:1b:ec:0a:04:8a:dd:4d:5c:e7:fc:7b:dd:e2:65:9a:5c:c1: 8f:69:98:81:88:c0:9b:f6:4e:aa:e8:02:a4:f9:99:b6:78:be: 7d:ea:7c:84:78:f6:88:33:1e:35:bb:a9:54:ff:ff:fd:96:9a: 16:8f:da:fc:22:1f:f0:27:d3:82:0a:83:08:7f:38:e8:eb:f3: 99:1b:3e:9e:cf:0a:58:a7:e2:19:c2:6f:fa:ea:56:86:f3:c7: eb:f8:c3:da:f7:25:35:cd:af:a3:e3:66:98:11:87:5e:36:1f: c8:02:7c:18 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICFewwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNDAzMTMw MTIyMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA1MjlBRjlDQzM0RTI4 NTcwMjlFMEMxNTdGQjRGMjREODE1NUFGQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDeDd5yRHmv3fsXEjFYn30gf82W+oZjtKBk4f2sObsfQV1WEKaW UG0YfowB/JuxpvRB2IB1NpWT62Mt5LftqHQO4mGKOjm4nypbqUCmBYFgPT2/x5u7 36qmdjDMG+uDYG2+KQW8b7pBlwfQ3rtabi4lmZxMw4SgON6eRqvSOFR0ocn1B/4b LEk6Iv1ohm3L/uj8vNA3O9CTtDp6I2MonZMXTcmg4JeT7UUJhkgxhbb+QGKstr1I iCEr28ZcLQ56bRMlhseiZe9OuHWXsoKbXDVTd6mj4kOiW3BEYxi8a+nVfxnVZKBv Ut9Gmu7UozxrishVAe2Sp7iftuxiJ6/mUhmjAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUBSmvnMNOKFcCngwVf7TyTYFVr80wHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ +wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvQlNtdm5NTk9LRmND bmd3VmY3VHlUWUZWcjgwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQEY4AwDQYJKoZIhvcNAQELBQADggEBAFrHxvMlN94qprIwp8Pbqn1iLH8v U3e81mVGljWD6JsMdG5eHOCcKNVgOvqR7mVJO7NBtR0s2/1xE/O1Uk8TzLOdxEjJ Jw5MPxZgn56BhsqnWkj6457Zj6pIR+xB1rbTg8bf2N98kMd3YD6NyF+1XAWrD5z9 eErTyHOkdJwgXu9ZpIb/4/mKnAzPTcF3SNaPV/4b7AoEit1NXOf8e93iZZpcwY9p mIGIwJv2TqroAqT5mbZ4vn3qfIR49ogzHjW7qVT///2WmhaP2vwiH/An04IKgwh/ OOjr85kbPp7PClin4hnCb/rqVobzx+v4w9r3JTXNr6PjZpgRh142H8gCfBg= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:44 2024 by rpki-client on console-ams.rpki-client.org