$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/nsm0ltu_2TAhjT1a6iu2VujuIrU.roa File: nsm0ltu_2TAhjT1a6iu2VujuIrU.roa (raw, json) Hash identifier: tq9U4/mdZYJKH1UcdouftPM9SkoI9OUoRPY6rb63K2k= Subject key identifier: 9E:C9:B4:96:DB:BF:D9:30:21:8D:3D:5A:EA:2B:B6:56:E8:EE:22:B5 Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB Certificate serial: 1BDE Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/nsm0ltu_2TAhjT1a6iu2VujuIrU.roa Signing time: Wed 13 Mar 2024 01:23:27 +0000 ROA not before: Wed 13 Mar 2024 01:23:27 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139139 IP address blocks: 2406:3340::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7134 (0x1bde) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB Validity Not Before: Mar 13 01:23:27 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=9EC9B496DBBFD930218D3D5AEA2BB656E8EE22B5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:fb:86:be:ca:99:24:5a:e3:f7:5d:76:7c:73: c2:b6:84:7d:f5:ef:05:ff:59:6e:f7:dd:03:7c:91: 6c:cf:99:c7:a0:0e:3c:14:75:3a:0c:c8:c5:50:d3: 94:96:ff:7a:56:03:75:c5:49:3c:e7:ac:0f:6f:f5: 76:7c:cd:99:32:d9:2a:bc:2a:de:30:24:0f:c5:a5: 30:8c:0f:b6:0b:fa:24:92:97:06:0c:09:90:e8:9d: a8:01:ec:a7:1f:5e:43:57:4f:8f:82:72:4d:0e:a3: 09:8f:3f:6e:c8:c6:5b:62:cf:85:d2:fd:67:1a:cb: a4:97:c3:98:e0:55:87:33:a5:e3:c3:cb:26:ec:17: 73:b1:1f:66:79:94:05:ba:94:23:8f:c4:d9:c9:26: 4d:e1:a3:24:20:90:67:ed:9a:a9:23:56:a2:b3:a6: 97:35:da:ae:f7:40:2f:77:52:9e:7c:d0:70:7f:53: 9b:5f:a0:23:e0:03:67:fe:94:ce:06:1b:36:fa:11: a1:7e:e1:5c:f9:11:41:6f:19:75:dd:6c:a9:d1:9c: 72:64:ff:09:70:c0:2a:1e:be:69:80:1d:d0:0d:2e: ad:bd:5c:b1:13:cd:bb:a9:74:51:88:9a:bd:fd:1f: 4e:ef:c0:6b:60:51:f7:2c:60:c4:88:2b:ce:11:49: 8c:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:C9:B4:96:DB:BF:D9:30:21:8D:3D:5A:EA:2B:B6:56:E8:EE:22:B5 X509v3 Authority Key Identifier: keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/nsm0ltu_2TAhjT1a6iu2VujuIrU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:3340::/32 Signature Algorithm: sha256WithRSAEncryption 01:10:68:42:51:8b:4b:d4:56:5e:a0:cb:77:79:85:fd:71:88: 63:7d:81:62:90:8f:67:72:e4:ec:99:d8:f8:34:89:cf:25:e7: 94:cc:8f:47:af:30:3a:97:4a:70:a4:52:4c:ef:79:99:87:07: 7a:46:62:48:5e:f4:53:0a:f4:8c:c0:fa:57:c8:a0:31:1d:d9: 55:57:b0:7e:39:0b:ed:43:7e:ad:c0:ea:35:f9:27:62:97:23: 3b:66:12:2a:b5:91:26:f9:f5:d2:d6:3a:b8:41:dd:5b:ce:3c: ba:86:d8:ad:b7:48:d9:84:f9:bf:0b:8f:52:2a:cf:63:f3:8e: da:a4:ad:8e:8c:12:2a:d2:e5:75:aa:2f:32:6b:80:97:97:b1: d9:8d:26:0f:08:ad:8f:6b:97:71:23:e9:47:b1:ae:d7:b1:1d: ab:63:28:0a:ee:a2:4c:05:29:b9:49:5f:6c:74:dd:17:71:3d: 09:c2:70:62:bc:d1:cb:e3:43:b5:36:cb:5b:94:df:19:c3:a8: 59:56:12:41:b1:9f:1e:cc:85:3c:0a:76:4e:99:b9:4c:28:04: 07:71:4b:46:7f:65:fc:84:4c:c4:26:63:2f:fd:51:f5:a1:44: bb:fa:20:40:1b:75:00:0a:7d:f0:a1:a3:5f:bf:85:f8:cf:d9: 55:4e:ae:07 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICG94wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNDAzMTMw MTIzMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlFQzlCNDk2REJCRkQ5 MzAyMThEM0Q1QUVBMkJCNjU2RThFRTIyQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCj+4a+ypkkWuP3XXZ8c8K2hH317wX/WW733QN8kWzPmcegDjwU dToMyMVQ05SW/3pWA3XFSTznrA9v9XZ8zZky2Sq8Kt4wJA/FpTCMD7YL+iSSlwYM CZDonagB7KcfXkNXT4+Cck0OowmPP27Ixltiz4XS/Wcay6SXw5jgVYczpePDyybs F3OxH2Z5lAW6lCOPxNnJJk3hoyQgkGftmqkjVqKzppc12q73QC93Up580HB/U5tf oCPgA2f+lM4GGzb6EaF+4Vz5EUFvGXXdbKnRnHJk/wlwwCoevmmAHdANLq29XLET zbupdFGImr39H07vwGtgUfcsYMSIK84RSYyjAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUnsm0ltu/2TAhjT1a6iu2VujuIrUwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4 OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvbnNtMGx0dV8yVEFo alQxYTZpdTJWdWp1SXJVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQGM0AwDQYJKoZIhvcNAQELBQADggEBAAEQaEJRi0vUVl6gy3d5hf1xiGN9 gWKQj2dy5OyZ2Pg0ic8l55TMj0evMDqXSnCkUkzveZmHB3pGYkhe9FMK9IzA+lfI oDEd2VVXsH45C+1Dfq3A6jX5J2KXIztmEiq1kSb59dLWOrhB3VvOPLqG2K23SNmE +b8Lj1Iqz2PzjtqkrY6MEirS5XWqLzJrgJeXsdmNJg8IrY9rl3Ej6UexrtexHatj KAruokwFKblJX2x03RdxPQnCcGK80cvjQ7U2y1uU3xnDqFlWEkGxnx7MhTwKdk6Z uUwoBAdxS0Z/ZfyETMQmYy/9UfWhRLv6IEAbdQAKffCho1+/hfjP2VVOrgc= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:10 2024 by rpki-client on console-fra.rpki-client.org