$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3040/oGa0HoluT1NXOGQPl96JNA2VfW4.roa File: oGa0HoluT1NXOGQPl96JNA2VfW4.roa (raw, json) Hash identifier: 8PQWcXOpCl0HV0nyd0eiWDeJojTx8xLfRnbWf5cA7IY= Subject key identifier: A0:66:B4:1E:89:6E:4F:53:57:38:64:0F:97:DE:89:34:0D:95:7D:6E Certificate issuer: /CN=03F075D9C6F18DC09BDA62B7087EA80DC5B711C5 Certificate serial: 1979 Authority key identifier: 03:F0:75:D9:C6:F1:8D:C0:9B:DA:62:B7:08:7E:A8:0D:C5:B7:11:C5 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/oGa0HoluT1NXOGQPl96JNA2VfW4.roa Signing time: Wed 13 Mar 2024 01:23:42 +0000 ROA not before: Wed 13 Mar 2024 01:23:42 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 49544 IP address blocks: 2406:d140::/32 maxlen: 48 2406:d140:8000::/34 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/A_B12cbxjcCb2mK3CH6oDcW3EcU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/A_B12cbxjcCb2mK3CH6oDcW3EcU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6521 (0x1979) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=03F075D9C6F18DC09BDA62B7087EA80DC5B711C5 Validity Not Before: Mar 13 01:23:42 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=A066B41E896E4F535738640F97DE89340D957D6E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:d0:d6:9d:0f:83:b1:d4:93:e1:2e:0d:ab:d6: d5:cc:af:bb:e0:34:93:96:60:98:d1:c3:97:61:c0: f8:b2:cd:39:c9:7e:68:94:23:78:67:8d:df:c8:a0: 07:8e:ac:79:ee:4d:df:48:7c:31:39:02:37:06:17: a8:62:be:8a:a7:43:f6:78:45:ec:0b:f6:fd:b8:fd: 61:de:b1:73:47:10:af:05:71:69:24:1b:4f:8c:45: 24:03:36:49:06:aa:84:d2:b7:24:e4:d5:62:83:16: b3:c4:aa:d5:13:9a:a4:7f:25:e9:4d:b3:ce:cc:d1: 82:7d:e0:34:eb:fc:f2:54:38:fd:c7:33:30:68:80: d6:31:a3:1d:c5:21:21:7e:58:cd:31:3d:51:e9:34: 4d:4b:74:4f:9c:95:bd:91:ad:31:b8:c6:04:eb:ca: 2c:45:dd:9b:64:04:74:a4:6f:e4:e7:95:2f:f7:50: 11:eb:d1:4f:51:d8:b0:af:b3:c3:67:ca:d7:b6:fd: 39:3a:2d:7c:a5:10:88:d3:f7:09:c6:38:eb:c2:4d: 27:32:63:99:fb:02:c2:03:ad:dc:ee:b4:52:64:e6: 63:83:28:f2:52:82:ee:09:fb:7f:3d:60:a9:c9:23: c6:73:75:a4:c7:90:30:fa:a0:c5:ab:ab:ce:3c:39: 27:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:66:B4:1E:89:6E:4F:53:57:38:64:0F:97:DE:89:34:0D:95:7D:6E X509v3 Authority Key Identifier: keyid:03:F0:75:D9:C6:F1:8D:C0:9B:DA:62:B7:08:7E:A8:0D:C5:B7:11:C5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/A_B12cbxjcCb2mK3CH6oDcW3EcU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/oGa0HoluT1NXOGQPl96JNA2VfW4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:d140::/32 Signature Algorithm: sha256WithRSAEncryption 84:de:24:93:ae:6d:57:6a:6b:6b:cf:d8:b5:d4:2a:51:40:08: 6b:db:61:b3:51:e6:21:e0:60:30:f7:7d:42:32:39:2b:43:04: c9:f9:40:8a:62:7d:a3:08:92:ba:e3:27:7c:14:bd:30:da:83: 9f:87:a5:13:a5:aa:73:32:42:c4:e1:78:52:7e:ad:e8:b1:e4: 07:a4:14:a5:d2:bb:ed:25:22:bb:ae:b8:e9:fd:37:1b:02:8b: 2b:d9:d0:a8:68:2f:97:63:ea:06:ef:54:aa:ef:f9:5f:62:2f: 36:4c:fb:6c:eb:52:b9:0b:cc:5e:74:80:b3:36:d5:df:d9:12: b8:41:1e:1b:49:8c:47:6a:7f:b2:b8:c0:00:98:63:92:23:d0: f9:74:3e:10:f7:d5:57:40:c7:b7:37:15:81:8c:da:6c:01:e7: 72:65:4b:20:57:fa:73:d0:62:59:57:8a:94:c1:7c:02:b7:36: 8c:75:c1:54:b9:5c:ef:89:e4:60:59:c3:81:18:56:d3:67:65: 73:3c:50:34:81:36:77:9b:5b:a3:e9:71:07:96:de:c9:d6:2c: bc:ff:56:62:08:70:4d:2e:ae:b1:3b:0f:5c:9a:90:98:ac:a1: fa:74:20:95:92:c3:07:aa:0a:c8:c8:d6:db:01:7f:f8:8e:40: 5d:9c:dd:79 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICGXkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDNG MDc1RDlDNkYxOERDMDlCREE2MkI3MDg3RUE4MERDNUI3MTFDNTAeFw0yNDAzMTMw MTIzNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEwNjZCNDFFODk2RTRG NTM1NzM4NjQwRjk3REU4OTM0MEQ5NTdENkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDG0NadD4Ox1JPhLg2r1tXMr7vgNJOWYJjRw5dhwPiyzTnJfmiU I3hnjd/IoAeOrHnuTd9IfDE5AjcGF6hivoqnQ/Z4RewL9v24/WHesXNHEK8FcWkk G0+MRSQDNkkGqoTStyTk1WKDFrPEqtUTmqR/JelNs87M0YJ94DTr/PJUOP3HMzBo gNYxox3FISF+WM0xPVHpNE1LdE+clb2RrTG4xgTryixF3ZtkBHSkb+TnlS/3UBHr 0U9R2LCvs8Nnyte2/Tk6LXylEIjT9wnGOOvCTScyY5n7AsIDrdzutFJk5mODKPJS gu4J+389YKnJI8ZzdaTHkDD6oMWrq848OSfvAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUoGa0HoluT1NXOGQPl96JNA2VfW4wHwYDVR0jBBgwFoAUA/B12cbxjcCb2mK3 CH6oDcW3EcUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 MC9BX0IxMmNieGpjQ2IybUszQ0g2b0RjVzNFY1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FfQjEyY2J4amNDYjJtSzNDSDZvRGNXM0VjVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDAvb0dhMEhvbHVUMU5Y T0dRUGw5NkpOQTJWZlc0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQG0UAwDQYJKoZIhvcNAQELBQADggEBAITeJJOubVdqa2vP2LXUKlFACGvb YbNR5iHgYDD3fUIyOStDBMn5QIpifaMIkrrjJ3wUvTDag5+HpROlqnMyQsTheFJ+ reix5AekFKXSu+0lIruuuOn9NxsCiyvZ0KhoL5dj6gbvVKrv+V9iLzZM+2zrUrkL zF50gLM21d/ZErhBHhtJjEdqf7K4wACYY5Ij0Pl0PhD31VdAx7c3FYGM2mwB53Jl SyBX+nPQYllXipTBfAK3Nox1wVS5XO+J5GBZw4EYVtNnZXM8UDSBNnebW6PpcQeW 3snWLLz/VmIIcE0urrE7D1yakJisofp0IJWSwweqCsjI1tsBf/iOQF2c3Xk= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:44 2024 by rpki-client on console-ams.rpki-client.org