$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/YvkkzfNsMG-gGMhGG-RDkQr1SrQ.roa File: YvkkzfNsMG-gGMhGG-RDkQr1SrQ.roa (raw, json) Hash identifier: vShACIoA0Afzj3wrgfnkp6iISiTjbVGZ73quUmTzGSE= Subject key identifier: 62:F9:24:CD:F3:6C:30:6F:A0:18:C8:46:1B:E4:43:91:0A:F5:4A:B4 Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB Certificate serial: 1BCA Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/YvkkzfNsMG-gGMhGG-RDkQr1SrQ.roa Signing time: Sat 09 Mar 2024 23:42:23 +0000 ROA not before: Sat 09 Mar 2024 23:42:23 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 4538 IP address blocks: 2406:3340::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7114 (0x1bca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB Validity Not Before: Mar 9 23:42:23 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=62F924CDF36C306FA018C8461BE443910AF54AB4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:3a:9c:f5:f6:c6:64:1e:ad:a2:6c:ad:b7:2e: 5f:07:03:02:41:ee:16:52:50:b0:7a:cc:2d:d1:f5: 11:26:2f:e6:db:59:5b:ec:07:0a:f0:e3:41:01:05: 17:b6:90:4b:50:e1:f3:74:f6:33:4b:5f:73:e4:1e: eb:7f:5a:8c:6b:3e:d6:3a:69:85:65:05:54:5b:a0: 1f:0e:c3:3a:f1:74:ca:96:46:68:da:e2:f8:db:88: e3:b7:cd:45:9f:f9:5f:62:52:82:c4:a8:b0:8f:78: 01:0b:42:32:3a:c3:d0:7e:bc:b6:96:b1:11:b6:76: 43:97:ce:79:17:bf:ab:fa:a6:9c:8a:06:be:5f:9f: e3:cd:60:cc:43:5e:8e:a4:4e:a6:25:fe:18:2c:44: 91:be:33:42:1a:8e:8e:c1:ae:49:45:5b:d1:3f:e2: e4:42:8f:41:bf:af:dc:aa:c6:34:42:d2:4e:b1:d7: c5:33:b7:fb:cc:90:5d:a2:46:78:91:59:a9:8e:b3: 9e:31:97:05:d4:e0:76:32:5b:78:90:89:e7:4f:d7: 8d:6d:b4:ed:b2:a0:9b:da:42:e9:56:84:d8:82:11: 33:15:9a:28:a1:a8:41:9a:5a:9e:c2:c3:3c:df:3e: 75:5a:de:0b:48:c5:9f:fd:16:0b:52:6d:c6:30:1b: 2e:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:F9:24:CD:F3:6C:30:6F:A0:18:C8:46:1B:E4:43:91:0A:F5:4A:B4 X509v3 Authority Key Identifier: keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/YvkkzfNsMG-gGMhGG-RDkQr1SrQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:3340::/32 Signature Algorithm: sha256WithRSAEncryption 11:5e:4c:0f:d6:8a:37:2c:80:b2:32:c6:d7:84:56:44:ce:ca: a1:2d:68:7b:ef:27:99:04:a7:d2:79:6a:3c:23:69:dc:53:68: 21:bf:d0:5c:1b:1f:fe:4b:be:f8:65:d5:14:73:54:d7:c7:ce: 48:18:6b:19:aa:4b:2d:9f:d8:27:de:4b:cc:13:60:92:12:49: d6:2d:43:ac:7f:40:54:89:48:bd:27:74:2f:c8:90:0a:81:3f: 0e:9b:b6:1f:96:ef:71:9a:80:cd:fd:5f:ad:46:6b:cd:0f:5a: b8:7f:d9:04:bd:16:05:d0:a5:03:ee:8d:91:f0:9c:08:af:ea: a3:b1:4c:13:2d:1a:ad:95:97:80:25:db:8d:c1:a7:89:2e:46: 72:fd:f0:a9:0e:af:1f:2c:65:74:3b:3b:aa:63:2f:84:db:a4: c9:77:19:2e:02:bb:0c:be:80:00:bd:dd:1f:0d:de:a2:f7:81: bc:41:d3:a1:42:84:1b:1f:c7:a6:b0:61:37:1c:79:2c:67:ae: 1e:9c:26:cc:6a:2c:c9:88:40:36:ed:c2:b8:d1:ed:db:9b:53: 31:3c:e6:4c:dd:78:c1:f9:1b:3a:2f:b3:4e:30:2c:da:00:2c: 0a:eb:95:6b:5e:5e:91:ad:df:94:67:22:91:62:ae:18:d5:1a: 3c:d9:b2:25 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICG8owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNDAzMDky MzQyMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYyRjkyNENERjM2QzMw NkZBMDE4Qzg0NjFCRTQ0MzkxMEFGNTRBQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCnOpz19sZkHq2ibK23Ll8HAwJB7hZSULB6zC3R9REmL+bbWVvs Bwrw40EBBRe2kEtQ4fN09jNLX3PkHut/WoxrPtY6aYVlBVRboB8OwzrxdMqWRmja 4vjbiOO3zUWf+V9iUoLEqLCPeAELQjI6w9B+vLaWsRG2dkOXznkXv6v6ppyKBr5f n+PNYMxDXo6kTqYl/hgsRJG+M0Iajo7BrklFW9E/4uRCj0G/r9yqxjRC0k6x18Uz t/vMkF2iRniRWamOs54xlwXU4HYyW3iQiedP141ttO2yoJvaQulWhNiCETMVmiih qEGaWp7CwzzfPnVa3gtIxZ/9FgtSbcYwGy4hAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUYvkkzfNsMG+gGMhGG+RDkQr1SrQwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4 OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvWXZra3pmTnNNRy1n R01oR0ctUkRrUXIxU3JRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQGM0AwDQYJKoZIhvcNAQELBQADggEBABFeTA/WijcsgLIyxteEVkTOyqEt aHvvJ5kEp9J5ajwjadxTaCG/0FwbH/5Lvvhl1RRzVNfHzkgYaxmqSy2f2CfeS8wT YJISSdYtQ6x/QFSJSL0ndC/IkAqBPw6bth+W73GagM39X61Ga80PWrh/2QS9FgXQ pQPujZHwnAiv6qOxTBMtGq2Vl4Al243Bp4kuRnL98KkOrx8sZXQ7O6pjL4TbpMl3 GS4Cuwy+gAC93R8N3qL3gbxB06FChBsfx6awYTcceSxnrh6cJsxqLMmIQDbtwrjR 7dubUzE85kzdeMH5Gzovs04wLNoALArrlWteXpGt35RnIpFirhjVGjzZsiU= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:44 2024 by rpki-client on console-ams.rpki-client.org