$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/27/m8zlQDUB60ZgEGyYMLytgspKht8.roa File: m8zlQDUB60ZgEGyYMLytgspKht8.roa (raw, json) Hash identifier: uIqreK0uiS+D1JElY/pXyROsFto2K8/E77t/EU9ybng= Subject key identifier: 9B:CC:E5:40:35:01:EB:46:60:10:6C:98:30:BC:AD:82:CA:4A:86:DF Certificate issuer: /CN=39E47899249325DB499BFC6910919D2F36003E9A Certificate serial: 18BC Authority key identifier: 39:E4:78:99:24:93:25:DB:49:9B:FC:69:10:91:9D:2F:36:00:3E:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OeR4mSSTJdtJm_xpEJGdLzYAPpo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27/m8zlQDUB60ZgEGyYMLytgspKht8.roa Signing time: Fri 27 Sep 2024 03:02:21 +0000 ROA not before: Fri 27 Sep 2024 03:02:21 +0000 ROA not after: Sat 27 Sep 2025 02:42:48 +0000 asID: 17964 IP address blocks: 2403:8080::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27/OeR4mSSTJdtJm_xpEJGdLzYAPpo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27/OeR4mSSTJdtJm_xpEJGdLzYAPpo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OeR4mSSTJdtJm_xpEJGdLzYAPpo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6332 (0x18bc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39E47899249325DB499BFC6910919D2F36003E9A Validity Not Before: Sep 27 03:02:21 2024 GMT Not After : Sep 27 02:42:48 2025 GMT Subject: CN=9BCCE5403501EB4660106C9830BCAD82CA4A86DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:e9:4e:65:94:9d:b1:39:d7:46:a0:69:c1:98: 47:f5:0f:c9:b0:29:85:2d:2c:66:f6:de:ad:06:b2: aa:60:fe:7f:23:d0:bf:45:2d:6a:6c:95:30:2d:f4: 32:f5:6d:e9:b4:ef:93:cb:ff:15:29:b5:87:ec:47: 9d:a2:12:5f:74:b7:44:70:16:53:2d:47:6d:b7:66: 00:69:6d:b5:ac:5d:d2:1d:bd:56:8e:64:4b:d6:d3: 64:e7:4c:09:ae:fa:f4:f7:bb:18:a8:5c:b2:8f:d3: 4e:9b:57:fa:9e:b6:37:41:82:50:f8:79:21:0c:ee: a6:3f:72:9d:5c:7e:7f:7e:c7:fa:33:08:9c:56:8e: 4e:11:84:d1:8f:83:2b:cf:12:be:6c:76:5f:59:4c: 17:8c:6b:c9:da:bb:55:12:07:11:17:2f:32:03:30: 11:8a:e2:90:0b:36:5d:dc:cf:63:b3:fc:bb:1a:e4: 11:97:cf:f1:bc:a2:ff:6e:c7:fc:9b:85:b1:72:c8: 75:4e:90:4f:4e:62:2a:e9:4b:42:ae:b4:fe:ee:fa: 5d:1a:c2:5f:44:28:0b:64:94:59:20:f5:cb:af:9d: 36:d6:1b:0f:4a:d9:97:19:ed:e1:81:46:03:f7:83: 2d:6f:24:44:04:06:a0:7e:c3:2f:30:f6:95:d8:a7: bc:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:CC:E5:40:35:01:EB:46:60:10:6C:98:30:BC:AD:82:CA:4A:86:DF X509v3 Authority Key Identifier: keyid:39:E4:78:99:24:93:25:DB:49:9B:FC:69:10:91:9D:2F:36:00:3E:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27/OeR4mSSTJdtJm_xpEJGdLzYAPpo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OeR4mSSTJdtJm_xpEJGdLzYAPpo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27/m8zlQDUB60ZgEGyYMLytgspKht8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:8080::/32 Signature Algorithm: sha256WithRSAEncryption 8b:79:b0:c2:13:f5:99:9b:d3:f8:bd:60:cb:93:38:4d:58:9d: 74:c9:84:a5:49:b2:39:6f:38:ee:21:da:76:13:2e:12:dc:ad: 32:43:3c:23:20:07:cc:30:3f:54:74:e4:d0:de:6e:fe:d4:44: 4b:9e:ef:59:ce:31:06:62:02:21:a9:b5:8e:40:33:cf:bf:91: 34:c5:88:b6:0a:14:0e:7f:e8:53:f0:5d:f4:f8:3e:e4:06:df: 27:54:d5:7e:de:20:95:55:86:77:d5:3d:c1:66:d5:fd:8d:c6: 68:01:fc:f1:69:a1:5a:fa:92:08:2a:39:e7:3e:92:ca:99:f9: c0:4d:82:66:2b:b0:f7:ca:71:c1:31:0a:5b:c0:47:f5:4b:f0: 73:3d:21:ce:d8:a9:6c:56:6c:c0:8e:f4:f2:df:81:38:15:6d: 68:27:2d:fd:cb:5f:30:51:48:7c:aa:3f:ea:5a:f3:02:b0:fe: 52:98:a2:f7:80:80:60:0f:82:62:10:89:aa:91:98:89:cc:30: 31:7e:bd:85:62:32:90:62:f4:54:fa:09:ac:48:f7:a0:f6:47: a8:0d:11:02:a7:a1:dd:1b:95:3b:18:eb:bf:02:46:f5:36:ec: 64:ac:f9:97:7d:c3:1a:4e:35:b8:fa:a5:f7:15:24:20:f7:15: b9:b0:79:a9 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICGLwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF NDc4OTkyNDkzMjVEQjQ5OUJGQzY5MTA5MTlEMkYzNjAwM0U5QTAeFw0yNDA5Mjcw MzAyMjFaFw0yNTA5MjcwMjQyNDhaMDMxMTAvBgNVBAMTKDlCQ0NFNTQwMzUwMUVC NDY2MDEwNkM5ODMwQkNBRDgyQ0E0QTg2REYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCp6U5llJ2xOddGoGnBmEf1D8mwKYUtLGb23q0Gsqpg/n8j0L9F LWpslTAt9DL1bem075PL/xUptYfsR52iEl90t0RwFlMtR223ZgBpbbWsXdIdvVaO ZEvW02TnTAmu+vT3uxioXLKP006bV/qetjdBglD4eSEM7qY/cp1cfn9+x/ozCJxW jk4RhNGPgyvPEr5sdl9ZTBeMa8nau1USBxEXLzIDMBGK4pALNl3cz2Oz/Lsa5BGX z/G8ov9ux/ybhbFyyHVOkE9OYirpS0KutP7u+l0awl9EKAtklFkg9cuvnTbWGw9K 2ZcZ7eGBRgP3gy1vJEQEBqB+wy8w9pXYp7y1AgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUm8zlQDUB60ZgEGyYMLytgspKht8wHwYDVR0jBBgwFoAUOeR4mSSTJdtJm/xp EJGdLzYAPpowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcv T2VSNG1TU1RKZHRKbV94cEVKR2RMellBUHBvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9PZVI0bVNTVEpkdEptX3hwRUpHZEx6WUFQcG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNy9tOHpsUURVQjYwWmdFR3lZ TUx5dGdzcEtodDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA JAOAgDANBgkqhkiG9w0BAQsFAAOCAQEAi3mwwhP1mZvT+L1gy5M4TViddMmEpUmy OW847iHadhMuEtytMkM8IyAHzDA/VHTk0N5u/tRES57vWc4xBmICIam1jkAzz7+R NMWItgoUDn/oU/Bd9Pg+5AbfJ1TVft4glVWGd9U9wWbV/Y3GaAH88WmhWvqSCCo5 5z6Sypn5wE2CZiuw98pxwTEKW8BH9Uvwcz0hztipbFZswI708t+BOBVtaCct/ctf MFFIfKo/6lrzArD+Upii94CAYA+CYhCJqpGYicwwMX69hWIykGL0VPoJrEj3oPZH qA0RAqeh3RuVOxjrvwJG9TbsZKz5l33DGk41uPql9xUkIPcVubB5qQ== -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:44 2024 by rpki-client on console-ams.rpki-client.org