$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/KfP0ZCUuC1PhF8CzdtWtzcszduY.roa File: KfP0ZCUuC1PhF8CzdtWtzcszduY.roa (raw, json) Hash identifier: r/AGnm9YcBTVWRVhDcRk7BQDUKW02eT+VxXbyfnGKHY= Subject key identifier: 29:F3:F4:64:25:2E:0B:53:E1:17:C0:B3:76:D5:AD:CD:CB:33:76:E6 Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB Certificate serial: 1BCC Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/KfP0ZCUuC1PhF8CzdtWtzcszduY.roa Signing time: Sat 09 Mar 2024 23:44:04 +0000 ROA not before: Sat 09 Mar 2024 23:44:04 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 4538 IP address blocks: 2406:3340::/36 maxlen: 36 2406:3340:1000::/36 maxlen: 36 2406:3340:2000::/36 maxlen: 36 2406:3340:3000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7116 (0x1bcc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB Validity Not Before: Mar 9 23:44:04 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=29F3F464252E0B53E117C0B376D5ADCDCB3376E6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:c0:dc:09:b8:98:f3:03:08:60:2c:54:e1:41: 1f:9c:cd:2e:73:ce:eb:30:da:6f:9c:fd:06:26:30: bd:cd:f9:73:34:f0:03:1f:76:1d:a1:1e:db:35:1e: fe:2f:14:28:c4:70:04:52:54:5c:bd:82:72:a1:9e: 2d:3b:30:1c:79:43:18:4e:b6:e2:98:7a:33:64:e1: 7c:55:07:ac:e4:c4:80:fd:d1:f4:62:cb:09:06:fe: a8:9c:49:08:a4:05:de:c8:65:ad:c5:a7:8c:12:b4: a2:4a:89:ee:f5:3a:0b:e6:4c:80:52:4e:8c:b6:79: b3:e8:00:e6:b5:1b:69:3a:0e:87:49:76:06:1e:e9: 44:96:28:ca:9e:c9:00:3d:25:43:58:78:36:1c:e0: f7:96:21:76:07:b4:1b:36:94:f9:8f:5e:48:f7:a1: ce:07:c0:40:d7:f2:73:6a:7d:14:89:26:1d:33:eb: 4a:a9:27:22:17:6d:d8:bc:0e:03:c7:ec:88:a8:7c: 87:d4:81:96:b3:60:24:83:3f:ee:09:5e:dc:df:1a: e6:e7:9d:c8:78:4e:df:88:87:6b:b2:17:82:99:2b: 97:0e:1f:31:93:2d:af:d5:77:6b:91:c9:f6:fd:dd: 2f:f0:b8:d0:8c:d0:69:5d:20:63:2b:ff:e0:75:6f: f7:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:F3:F4:64:25:2E:0B:53:E1:17:C0:B3:76:D5:AD:CD:CB:33:76:E6 X509v3 Authority Key Identifier: keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/KfP0ZCUuC1PhF8CzdtWtzcszduY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:3340::/34 Signature Algorithm: sha256WithRSAEncryption 31:8c:4d:88:49:ce:e6:5d:7c:49:ce:c5:49:23:47:b7:5a:ca: fd:ef:3c:eb:39:9f:29:63:7a:4b:5d:36:91:80:e7:f5:11:28: a8:3b:96:1c:88:b7:da:a9:10:68:11:2d:d9:40:eb:fc:42:00: e4:95:5c:53:c5:a0:a9:e7:63:f6:cf:6d:43:a1:4b:d5:2d:64: 92:bd:12:f3:f0:55:f5:2b:72:a1:6f:2b:9c:f5:6a:7b:89:af: 14:46:3a:9c:1a:56:99:53:5a:42:02:69:7b:d2:d4:54:81:f6: 81:6c:37:90:98:f2:42:45:84:3a:25:ce:c7:b6:eb:b7:f5:dd: 89:6e:c8:a3:4c:5d:b7:7d:14:9b:36:67:ee:62:cd:84:f5:d4: 14:de:29:22:49:27:c6:ff:7e:2a:2f:6d:6f:c1:e5:a5:01:ca: 6f:fb:1b:7c:a5:6d:8d:5d:13:bb:b5:72:7d:30:7b:de:3b:b6: 1c:35:2d:ee:90:a4:0e:22:ba:4a:9b:59:d2:2c:0f:4d:24:2c: 8d:2b:58:cc:e8:f9:36:56:ac:f2:17:ef:21:c7:72:1c:70:96: ec:74:ab:4c:cc:d1:26:e3:74:39:7b:e1:b7:7d:0f:d4:d5:d0: 3d:c2:dd:16:4f:8d:74:63:95:bf:f3:fc:d6:af:0c:d9:17:a9: 30:8a:11:8f -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICG8wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNDAzMDky MzQ0MDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI5RjNGNDY0MjUyRTBC NTNFMTE3QzBCMzc2RDVBRENEQ0IzMzc2RTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDYwNwJuJjzAwhgLFThQR+czS5zzusw2m+c/QYmML3N+XM08AMf dh2hHts1Hv4vFCjEcARSVFy9gnKhni07MBx5QxhOtuKYejNk4XxVB6zkxID90fRi ywkG/qicSQikBd7IZa3Fp4wStKJKie71OgvmTIBSToy2ebPoAOa1G2k6DodJdgYe 6USWKMqeyQA9JUNYeDYc4PeWIXYHtBs2lPmPXkj3oc4HwEDX8nNqfRSJJh0z60qp JyIXbdi8DgPH7IiofIfUgZazYCSDP+4JXtzfGubnnch4Tt+Ih2uyF4KZK5cOHzGT La/Vd2uRyfb93S/wuNCM0GldIGMr/+B1b/ctAgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQUKfP0ZCUuC1PhF8CzdtWtzcszduYwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4 OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvS2ZQMFpDVXVDMVBo RjhDemR0V3R6Y3N6ZHVZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIw CAMGBiQGM0AAMA0GCSqGSIb3DQEBCwUAA4IBAQAxjE2ISc7mXXxJzsVJI0e3Wsr9 7zzrOZ8pY3pLXTaRgOf1ESioO5YciLfaqRBoES3ZQOv8QgDklVxTxaCp52P2z21D oUvVLWSSvRLz8FX1K3Khbyuc9Wp7ia8URjqcGlaZU1pCAml70tRUgfaBbDeQmPJC RYQ6Jc7Htuu39d2JbsijTF23fRSbNmfuYs2E9dQU3ikiSSfG/34qL21vweWlAcpv +xt8pW2NXRO7tXJ9MHveO7YcNS3ukKQOIrpKm1nSLA9NJCyNK1jM6Pk2VqzyF+8h x3IccJbsdKtMzNEm43Q5e+G3fQ/U1dA9wt0WT410Y5W/8/zWrwzZF6kwihGP -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:10 2024 by rpki-client on console-fra.rpki-client.org