$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/IdSYZ564NqGCV_ffZwk7Sqi0Dts.roa File: IdSYZ564NqGCV_ffZwk7Sqi0Dts.roa (raw, json) Hash identifier: rYtvN7f7juMpttQmpW2teaqmcKzbU26Ih/k3JPD9GZI= Subject key identifier: 21:D4:98:67:9E:B8:36:A1:82:57:F7:DF:67:09:3B:4A:A8:B4:0E:DB Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB Certificate serial: 1BE0 Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/IdSYZ564NqGCV_ffZwk7Sqi0Dts.roa Signing time: Wed 13 Mar 2024 01:23:28 +0000 ROA not before: Wed 13 Mar 2024 01:23:28 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139139 IP address blocks: 2406:3340::/36 maxlen: 36 2406:3340:1000::/36 maxlen: 36 2406:3340:2000::/36 maxlen: 36 2406:3340:3000::/36 maxlen: 36 2406:3340:4000::/36 maxlen: 36 2406:3340:5000::/36 maxlen: 36 2406:3340:6000::/36 maxlen: 36 2406:3340:7000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7136 (0x1be0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB Validity Not Before: Mar 13 01:23:28 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=21D498679EB836A18257F7DF67093B4AA8B40EDB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a2:56:71:f4:26:64:3b:4b:01:26:b9:ec:96: 47:3a:5e:26:40:ef:b3:35:7c:60:f6:9f:96:09:96: 5a:0c:32:ea:11:e1:6a:e0:3d:cc:f9:04:5e:4f:76: e6:61:38:4c:2f:a9:e0:00:d7:31:0b:5a:8c:53:6f: b8:e5:e4:39:12:6c:ed:b3:ef:2d:8d:b4:a9:8d:cf: c5:54:3b:45:ca:51:7e:83:55:5f:eb:01:68:67:6a: c3:a4:cb:47:c5:e6:53:fa:7a:53:c0:6d:72:65:e6: 6c:48:d4:da:ce:2a:d4:a0:a1:fa:f6:f7:51:11:de: 1d:d2:25:63:72:52:a5:5b:69:3e:4b:99:76:10:41: 1d:24:2f:98:05:98:a6:a0:b7:41:bf:99:f3:3c:43: 21:6d:31:44:6f:da:8d:fb:79:f9:c3:b8:20:f8:58: ef:e2:67:30:8f:d0:a8:97:09:16:36:f1:7e:3c:db: 5c:3f:6f:ac:d6:6f:b5:b2:0a:dd:b9:7a:28:fb:de: a8:2d:49:b4:4b:e7:9b:47:97:a7:77:39:54:ac:de: 20:10:75:8b:33:d3:90:0b:ab:58:dd:82:08:97:70: c4:83:e1:26:14:17:3d:78:17:55:1d:cb:fe:4b:bd: 91:79:5b:f4:d2:bd:75:d2:98:d3:42:49:b7:4b:a3: e1:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:D4:98:67:9E:B8:36:A1:82:57:F7:DF:67:09:3B:4A:A8:B4:0E:DB X509v3 Authority Key Identifier: keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/IdSYZ564NqGCV_ffZwk7Sqi0Dts.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:3340::/33 Signature Algorithm: sha256WithRSAEncryption 00:05:ff:a3:4b:73:46:bc:a8:86:ae:eb:4a:09:9a:c2:89:8e: 4c:6b:2b:55:aa:6c:8c:d5:b6:5a:16:5f:c9:09:96:61:a5:e2: cc:1d:c7:cb:2c:2e:ab:69:36:74:e4:b6:a4:63:3b:7f:87:8f: 1f:12:5e:b0:41:17:a2:85:89:be:d2:46:78:fb:06:42:c9:76: 91:82:6e:33:c5:08:0a:6a:87:c9:7d:c1:ed:c5:d3:ce:20:9d: 53:12:76:20:a1:e8:3a:6b:0a:15:8f:55:9c:23:bc:b7:13:cf: 16:d2:a2:b2:da:cd:45:d1:64:7f:60:5b:3e:26:d6:d7:64:7d: 6f:8e:02:43:55:ea:30:ab:dc:06:04:cd:a4:87:5b:5d:87:3b: 3c:84:4f:1f:0b:54:4c:c9:00:8b:98:3a:16:76:79:49:08:de: 28:16:f5:6c:1a:20:f6:0f:17:22:bb:80:b5:73:f9:72:24:d0: ff:72:64:b0:2c:59:17:75:37:f5:d7:ac:40:97:2c:1d:8b:94: 49:ce:d7:0f:31:e2:a5:36:77:be:3a:49:47:32:62:a7:8c:a4: e2:73:10:c1:88:8c:94:b3:1d:43:87:91:9b:1c:30:b2:f2:95: 03:c1:94:5a:26:8d:db:6c:98:f8:eb:d0:1a:9a:3e:1e:f8:2b: af:8c:18:64 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICG+AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNDAzMTMw MTIzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIxRDQ5ODY3OUVCODM2 QTE4MjU3RjdERjY3MDkzQjRBQThCNDBFREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyolZx9CZkO0sBJrnslkc6XiZA77M1fGD2n5YJlloMMuoR4Wrg Pcz5BF5PduZhOEwvqeAA1zELWoxTb7jl5DkSbO2z7y2NtKmNz8VUO0XKUX6DVV/r AWhnasOky0fF5lP6elPAbXJl5mxI1NrOKtSgofr291ER3h3SJWNyUqVbaT5LmXYQ QR0kL5gFmKagt0G/mfM8QyFtMURv2o37efnDuCD4WO/iZzCP0KiXCRY28X4821w/ b6zWb7WyCt25eij73qgtSbRL55tHl6d3OVSs3iAQdYsz05ALq1jdggiXcMSD4SYU Fz14F1Udy/5LvZF5W/TSvXXSmNNCSbdLo+HzAgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQUIdSYZ564NqGCV/ffZwk7Sqi0DtswHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4 OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvSWRTWVo1NjROcUdD Vl9mZlp3azdTcWkwRHRzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIw CAMGByQGM0AAMA0GCSqGSIb3DQEBCwUAA4IBAQAABf+jS3NGvKiGrutKCZrCiY5M aytVqmyM1bZaFl/JCZZhpeLMHcfLLC6raTZ05LakYzt/h48fEl6wQReihYm+0kZ4 +wZCyXaRgm4zxQgKaofJfcHtxdPOIJ1TEnYgoeg6awoVj1WcI7y3E88W0qKy2s1F 0WR/YFs+JtbXZH1vjgJDVeowq9wGBM2kh1tdhzs8hE8fC1RMyQCLmDoWdnlJCN4o FvVsGiD2Dxciu4C1c/lyJND/cmSwLFkXdTf116xAlywdi5RJztcPMeKlNne+OklH MmKnjKTicxDBiIyUsx1Dh5GbHDCy8pUDwZRaJo3bbJj469Aamj4e+CuvjBhk -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:44 2024 by rpki-client on console-ams.rpki-client.org