$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2823/2s9sNwrTxfNk91vVNutWjQQkwfY.roa File: 2s9sNwrTxfNk91vVNutWjQQkwfY.roa (raw, json) Hash identifier: Ocl4ANnFPioY0oTdGfzInNMzQrjGDVHyhseiAE2I+DQ= Subject key identifier: DA:CF:6C:37:0A:D3:C5:F3:64:F7:5B:D5:36:EB:56:8D:04:24:C1:F6 Certificate issuer: /CN=6647DAB6455116964FAC00012CCC83174D4E46E1 Certificate serial: 0CA6 Authority key identifier: 66:47:DA:B6:45:51:16:96:4F:AC:00:01:2C:CC:83:17:4D:4E:46:E1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZkfatkVRFpZPrAABLMyDF01ORuE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/2s9sNwrTxfNk91vVNutWjQQkwfY.roa Signing time: Wed 13 Mar 2024 01:22:06 +0000 ROA not before: Wed 13 Mar 2024 01:22:06 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 137730 IP address blocks: 2403:d9c0::/48 maxlen: 48 2403:d9c0:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/ZkfatkVRFpZPrAABLMyDF01ORuE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/ZkfatkVRFpZPrAABLMyDF01ORuE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZkfatkVRFpZPrAABLMyDF01ORuE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3238 (0xca6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6647DAB6455116964FAC00012CCC83174D4E46E1 Validity Not Before: Mar 13 01:22:06 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=DACF6C370AD3C5F364F75BD536EB568D0424C1F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:0a:2e:21:6e:f2:d2:a8:43:4b:04:d1:2c:40: 0b:73:ae:81:37:6e:e4:a5:16:d2:78:58:bf:3e:56: 0e:1e:f4:a4:b0:18:64:ac:97:2b:3a:7e:cf:10:66: 83:1e:b0:69:36:60:9b:91:68:92:5f:06:ae:65:4c: 1a:c8:23:c6:12:d5:99:fb:b0:7e:0d:60:00:0e:e0: cf:22:e8:24:5f:6e:7d:87:d7:8c:ee:ed:6c:d7:bc: 82:88:5d:0a:83:b7:9f:01:6f:3d:8c:27:28:f0:46: c0:f9:da:85:d9:dc:e8:cd:9a:16:fa:37:e3:8b:eb: e3:ba:75:7b:2f:a0:e9:77:9d:85:5c:ec:17:57:12: aa:91:24:4e:33:7b:e2:90:9f:ad:81:a0:93:81:57: fa:06:eb:8b:fc:ac:cf:32:1c:64:0b:b0:be:2f:e2: c1:cc:d0:42:ff:52:17:2e:9e:bd:0c:e7:dd:50:8b: a9:6c:4e:df:42:53:9d:b3:79:78:46:8d:52:47:85: 25:69:39:fc:b7:0d:aa:5f:2b:04:56:65:9e:dc:15: 14:a3:a9:01:e3:0d:46:64:9f:e9:6f:e4:d6:be:c3: 51:b3:96:0b:56:b6:c8:c7:a4:3f:01:b9:62:87:51: 8c:b0:5e:3a:99:74:c7:84:31:9e:39:94:f9:7e:e2: 64:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:CF:6C:37:0A:D3:C5:F3:64:F7:5B:D5:36:EB:56:8D:04:24:C1:F6 X509v3 Authority Key Identifier: keyid:66:47:DA:B6:45:51:16:96:4F:AC:00:01:2C:CC:83:17:4D:4E:46:E1 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/ZkfatkVRFpZPrAABLMyDF01ORuE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZkfatkVRFpZPrAABLMyDF01ORuE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/2s9sNwrTxfNk91vVNutWjQQkwfY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:d9c0::/48 2403:d9c0:2::/48 Signature Algorithm: sha256WithRSAEncryption a3:d1:19:92:35:aa:a9:0f:c9:de:25:2e:69:45:ab:f9:e1:9e: ee:fd:65:d8:00:27:28:bf:ad:97:f0:b2:ef:6f:5c:66:18:a0: 26:0a:0a:d7:6e:d1:37:ee:19:4a:57:cf:20:d9:2e:ce:b3:bb: 2f:03:f1:3b:ff:60:31:3d:81:74:8e:dd:bd:bd:48:73:bc:e8: 7a:18:8b:f9:7a:f7:3e:23:c0:49:a4:87:79:76:5a:d7:b1:66: e8:60:75:79:d9:7d:e9:1b:b3:ec:eb:a0:14:59:4e:8c:2d:cc: cd:9a:5b:fd:32:ea:59:2a:52:dd:39:79:72:13:45:7b:0c:6e: 87:89:31:67:a0:87:7b:c7:30:4d:b9:b6:15:fa:50:33:ee:f3: 24:10:4a:bd:ab:9c:a0:c2:08:8b:f9:ef:af:7b:01:3a:22:cf: d0:11:0a:0d:09:33:cf:af:75:2c:5c:bd:f1:22:56:95:29:1d: 49:b4:a9:91:30:50:32:7b:fa:6e:fc:5b:23:55:9a:86:c7:18: 9d:43:2b:ed:c1:57:b1:16:ff:d9:58:e6:cc:ec:3b:16:7f:f1: 1c:5a:be:4b:2a:0e:62:26:3a:c6:b1:4a:53:d9:3b:03:32:2d: e0:e0:80:6b:14:91:38:ec:8b:6f:fe:a6:67:91:69:2b:04:24: 9d:5d:4b:86 -----BEGIN CERTIFICATE----- MIIE4zCCA8ugAwIBAgICDKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjY0 N0RBQjY0NTUxMTY5NjRGQUMwMDAxMkNDQzgzMTc0RDRFNDZFMTAeFw0yNDAzMTMw MTIyMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBQ0Y2QzM3MEFEM0M1 RjM2NEY3NUJENTM2RUI1NjhEMDQyNEMxRjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6Ci4hbvLSqENLBNEsQAtzroE3buSlFtJ4WL8+Vg4e9KSwGGSs lys6fs8QZoMesGk2YJuRaJJfBq5lTBrII8YS1Zn7sH4NYAAO4M8i6CRfbn2H14zu 7WzXvIKIXQqDt58Bbz2MJyjwRsD52oXZ3OjNmhb6N+OL6+O6dXsvoOl3nYVc7BdX EqqRJE4ze+KQn62BoJOBV/oG64v8rM8yHGQLsL4v4sHM0EL/Uhcunr0M591Qi6ls Tt9CU52zeXhGjVJHhSVpOfy3DapfKwRWZZ7cFRSjqQHjDUZkn+lv5Na+w1GzlgtW tsjHpD8BuWKHUYywXjqZdMeEMZ45lPl+4mQXAgMBAAGjggH/MIIB+zAdBgNVHQ4E FgQU2s9sNwrTxfNk91vVNutWjQQkwfYwHwYDVR0jBBgwFoAUZkfatkVRFpZPrAAB LMyDF01ORuEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgy My9aa2ZhdGtWUkZwWlByQUFCTE15REYwMU9SdUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1prZmF0a1ZSRnBaUHJBQUJMTXlERjAxT1J1RS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MjMvMnM5c053clR4Zk5r OTF2Vk51dFdqUVFrd2ZZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAIw EgMHACQD2cAAAAMHACQD2cAAAjANBgkqhkiG9w0BAQsFAAOCAQEAo9EZkjWqqQ/J 3iUuaUWr+eGe7v1l2AAnKL+tl/Cy729cZhigJgoK127RN+4ZSlfPINkuzrO7LwPx O/9gMT2BdI7dvb1Ic7zoehiL+Xr3PiPASaSHeXZa17Fm6GB1edl96Ruz7OugFFlO jC3MzZpb/TLqWSpS3Tl5chNFewxuh4kxZ6CHe8cwTbm2FfpQM+7zJBBKvaucoMII i/nvr3sBOiLP0BEKDQkzz691LFy98SJWlSkdSbSpkTBQMnv6bvxbI1WahscYnUMr 7cFXsRb/2VjmzOw7Fn/xHFq+SyoOYiY6xrFKU9k7AzIt4OCAaxSROOyLb/6mZ5Fp KwQknV1Lhg== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:10 2024 by rpki-client on console-fra.rpki-client.org