$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2894/Ph-8WQW1aPyHd-978d3Y2ZHGmsQ.roa File: Ph-8WQW1aPyHd-978d3Y2ZHGmsQ.roa (raw, json) Hash identifier: PSATaAgU+BI8ZQw7WZWLSPhghUCIdM4geLVcrdsghlM= Subject key identifier: 3E:1F:BC:59:05:B5:68:FC:87:77:EF:7B:F1:DD:D8:D9:91:C6:9A:C4 Certificate issuer: /CN=839F557B9F9F2F6CDD75AFB4ABA8A2A796C610E8 Certificate serial: 1239 Authority key identifier: 83:9F:55:7B:9F:9F:2F:6C:DD:75:AF:B4:AB:A8:A2:A7:96:C6:10:E8 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g59Ve5-fL2zdda-0q6iip5bGEOg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/Ph-8WQW1aPyHd-978d3Y2ZHGmsQ.roa Signing time: Tue 24 Sep 2024 00:21:25 +0000 ROA not before: Tue 24 Sep 2024 00:21:25 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 146834 IP address blocks: 2404:e5c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/g59Ve5-fL2zdda-0q6iip5bGEOg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/g59Ve5-fL2zdda-0q6iip5bGEOg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g59Ve5-fL2zdda-0q6iip5bGEOg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4665 (0x1239) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=839F557B9F9F2F6CDD75AFB4ABA8A2A796C610E8 Validity Not Before: Sep 24 00:21:25 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=3E1FBC5905B568FC8777EF7BF1DDD8D991C69AC4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:7e:bd:af:0f:14:40:41:1c:f2:11:5b:58:40: fc:8d:0e:aa:c4:36:9d:15:cc:e5:06:3f:a1:4f:8a: 81:79:eb:19:aa:1b:79:32:12:6c:de:8e:33:dd:d4: 02:eb:24:cd:d6:69:84:76:3a:7c:ed:b5:ad:e4:9f: 72:9f:4e:35:0a:17:44:9f:d0:d3:32:2c:38:04:e8: 05:99:ea:3a:d3:59:4a:9e:6e:5b:49:ff:97:3d:d1: c0:95:6c:f5:fc:24:1a:42:39:d0:b0:65:51:83:40: 7c:2b:f9:38:27:ca:c6:d7:44:8c:e0:36:9c:d3:43: 80:45:af:74:3d:5e:50:1f:71:d6:c6:ad:f4:13:95: 7c:e7:fe:e6:07:ab:0f:e8:3b:99:1f:0a:cf:b5:15: de:f0:41:1e:2e:b8:41:3e:52:06:d3:b7:85:8d:c3: 46:9c:bc:fd:b3:55:f1:39:e2:c9:11:e8:42:ee:fa: fe:a7:eb:3d:67:41:f9:f3:1f:e9:7f:db:38:06:51: ea:4e:f9:24:ee:18:7e:4d:cb:f2:19:7f:46:20:27: 20:38:60:26:a0:41:e0:4b:82:12:af:1c:81:cb:70: 6d:bf:77:2f:5e:bd:52:81:8d:31:41:24:f8:7c:31: 3e:c6:df:15:2a:33:c5:c4:41:19:fa:6f:1d:b5:29: 9e:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:1F:BC:59:05:B5:68:FC:87:77:EF:7B:F1:DD:D8:D9:91:C6:9A:C4 X509v3 Authority Key Identifier: keyid:83:9F:55:7B:9F:9F:2F:6C:DD:75:AF:B4:AB:A8:A2:A7:96:C6:10:E8 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/g59Ve5-fL2zdda-0q6iip5bGEOg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g59Ve5-fL2zdda-0q6iip5bGEOg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/Ph-8WQW1aPyHd-978d3Y2ZHGmsQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:e5c0::/32 Signature Algorithm: sha256WithRSAEncryption 0e:e4:dc:94:a5:42:99:eb:9f:dc:20:71:2a:8b:e2:3e:c3:9a: cc:c3:4a:99:e5:c1:c6:d6:86:a1:a5:45:e7:b0:0c:ba:af:d3: 56:bb:b7:99:5c:30:e2:94:22:49:af:5e:29:3b:51:28:6d:f1: 3c:60:52:58:c8:40:c2:2c:eb:02:68:c8:ca:71:fb:9d:18:9b: e6:2d:b5:59:c3:5a:b2:ef:08:dd:b5:c2:16:db:9b:5e:9b:33: 32:78:95:55:7e:73:79:b2:db:76:a0:94:b5:f1:a5:8c:15:dc: e2:ee:3f:9d:b0:f7:e8:0c:77:da:aa:30:7a:02:87:b1:63:43: 37:d2:9c:94:47:ab:d5:26:61:16:cb:1f:7e:ad:1c:5d:e2:94: 22:9e:5f:bc:09:1a:8b:20:59:af:b4:27:77:12:63:cf:c1:83: bc:1a:fd:52:dc:62:e6:8c:0d:5d:30:12:72:2f:79:c8:77:72: ec:49:b2:17:d4:04:2e:37:1c:44:9a:52:c8:19:14:95:69:7a: d4:4c:61:d7:ca:df:15:d9:32:35:db:45:1c:4e:a5:fa:30:79: 59:e6:a4:ce:2d:ed:92:67:c4:f8:46:31:e4:b0:96:0e:e6:91: 8c:7a:a6:c5:c1:9b:1e:77:d6:93:51:b7:1c:6e:38:f3:d9:7d: 0e:a2:6d:16 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICEjkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODM5 RjU1N0I5RjlGMkY2Q0RENzVBRkI0QUJBOEEyQTc5NkM2MTBFODAeFw0yNDA5MjQw MDIxMjVaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDNFMUZCQzU5MDVCNTY4 RkM4Nzc3RUY3QkYxREREOEQ5OTFDNjlBQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxfr2vDxRAQRzyEVtYQPyNDqrENp0VzOUGP6FPioF56xmqG3ky EmzejjPd1ALrJM3WaYR2Onztta3kn3KfTjUKF0Sf0NMyLDgE6AWZ6jrTWUqebltJ /5c90cCVbPX8JBpCOdCwZVGDQHwr+TgnysbXRIzgNpzTQ4BFr3Q9XlAfcdbGrfQT lXzn/uYHqw/oO5kfCs+1Fd7wQR4uuEE+UgbTt4WNw0acvP2zVfE54skR6ELu+v6n 6z1nQfnzH+l/2zgGUepO+STuGH5Ny/IZf0YgJyA4YCagQeBLghKvHIHLcG2/dy9e vVKBjTFBJPh8MT7G3xUqM8XEQRn6bx21KZ4RAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUPh+8WQW1aPyHd+978d3Y2ZHGmsQwHwYDVR0jBBgwFoAUg59Ve5+fL2zdda+0 q6iip5bGEOgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg5 NC9nNTlWZTUtZkwyemRkYS0wcTZpaXA1YkdFT2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2c1OVZlNS1mTDJ6ZGRhLTBxNmlpcDViR0VPZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4OTQvUGgtOFdRVzFhUHlI ZC05NzhkM1kyWkhHbXNRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQE5cAwDQYJKoZIhvcNAQELBQADggEBAA7k3JSlQpnrn9wgcSqL4j7DmszD SpnlwcbWhqGlReewDLqv01a7t5lcMOKUIkmvXik7USht8TxgUljIQMIs6wJoyMpx +50Ym+YttVnDWrLvCN21whbbm16bMzJ4lVV+c3my23aglLXxpYwV3OLuP52w9+gM d9qqMHoCh7FjQzfSnJRHq9UmYRbLH36tHF3ilCKeX7wJGosgWa+0J3cSY8/Bg7wa /VLcYuaMDV0wEnIvech3cuxJshfUBC43HESaUsgZFJVpetRMYdfK3xXZMjXbRRxO pfoweVnmpM4t7ZJnxPhGMeSwlg7mkYx6psXBmx531pNRtxxuOPPZfQ6ibRY= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:10 2024 by rpki-client on console-fra.rpki-client.org