$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/ZmEWKrApxwhbs9uIg95rGWiGRJc.roa File: ZmEWKrApxwhbs9uIg95rGWiGRJc.roa (raw, json) Hash identifier: v/LFesTtQM+jwrZMfXUG7ie6WrkNMgQYjStQEcd0YP8= Subject key identifier: 66:61:16:2A:B0:29:C7:08:5B:B3:DB:88:83:DE:6B:19:68:86:44:97 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1924 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/ZmEWKrApxwhbs9uIg95rGWiGRJc.roa Signing time: Mon 08 Jul 2024 01:57:18 +0000 ROA not before: Mon 08 Jul 2024 01:57:18 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 4811 IP address blocks: 2406:d440:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:25:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6436 (0x1924) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jul 8 01:57:18 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=6661162AB029C7085BB3DB8883DE6B1968864497 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:cd:23:2b:21:af:0e:5d:59:b2:41:71:8b:32: 14:00:46:30:3b:0c:76:d4:91:9e:78:b9:76:63:d1: 17:d0:08:eb:1f:33:d4:90:98:14:a7:e8:d3:40:1c: e6:1b:bb:a9:a3:f1:ea:24:3a:9f:08:65:30:c5:fd: 68:f0:7e:4d:01:71:26:b2:5b:6e:5c:66:4a:8f:b6: 6c:99:e1:40:f5:70:c2:6f:b8:0c:43:7a:5c:14:06: 3f:27:a3:56:73:e0:73:9a:e5:f4:2c:20:03:ce:a5: 1c:3c:f2:07:59:a6:ce:f2:4d:62:39:92:e0:45:8b: f9:5c:a0:f4:52:63:7d:51:26:af:38:3f:0f:34:02: 66:a2:b1:3d:6f:95:df:ec:08:32:be:5b:d7:9c:83: 1f:ee:9d:7f:d2:d0:c0:24:8b:1b:3f:b6:85:89:45: 4b:6d:9d:12:20:56:6b:aa:6f:2b:f2:14:05:e6:11: ed:ac:43:ee:33:56:b6:02:64:4a:81:3c:de:d6:e8: 55:d4:81:9a:aa:03:cc:e4:22:6d:ea:5b:3e:71:2a: 15:03:b2:db:cf:f6:29:63:8c:bc:cb:ad:f3:b1:a1: d6:07:79:cb:da:80:8c:7f:5c:a2:03:3d:e0:51:c7: b6:9a:64:45:63:4f:2f:ce:a7:c0:0c:1f:e0:89:74: 97:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:61:16:2A:B0:29:C7:08:5B:B3:DB:88:83:DE:6B:19:68:86:44:97 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/ZmEWKrApxwhbs9uIg95rGWiGRJc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:d440:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 5b:a4:8f:02:6b:71:e7:49:e4:46:4e:fc:83:6a:ef:1f:c6:06: 32:f4:e8:a3:f5:a6:10:9e:76:2a:a2:2d:c8:0e:e3:8c:f4:01: e5:f5:07:1a:84:bb:91:8d:6f:33:6a:7c:58:14:79:21:bc:e7: d7:e7:23:8b:7f:15:f9:d5:cb:eb:82:e6:03:c8:a1:b4:ec:34: 05:c0:67:13:fd:f3:96:14:0b:41:78:c2:ca:51:72:28:8f:7e: 74:bc:bb:4b:e3:c8:73:66:c6:d3:15:8a:2f:b3:d5:6a:d0:9d: 71:ce:35:23:ba:ff:c0:bd:d8:38:55:e6:83:42:9e:33:19:47: 0a:d9:7e:0e:4e:8f:bb:62:9e:2f:79:8b:66:c8:dc:08:65:f8: b5:91:64:ed:d2:60:6e:b3:aa:4d:8d:65:b9:fa:60:df:37:1e: 2d:2a:90:6f:49:90:de:fe:36:13:b3:6d:36:aa:81:36:79:9f: 3a:d7:56:a0:5d:3f:69:06:75:cf:80:0d:47:aa:e2:f4:cf:e2: 80:6a:a4:b3:4f:ab:6e:81:ec:19:b6:29:4b:e3:1c:64:87:bf: 44:03:4d:03:5f:39:da:45:d6:2e:68:98:5d:fd:04:5b:95:2b: dd:f3:1e:5c:1e:8a:8a:b2:f0:fa:e9:ba:d8:01:3c:88:58:be: be:a9:43:62 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICGSQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNDA3MDgw MTU3MThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY2NjExNjJBQjAyOUM3 MDg1QkIzREI4ODgzREU2QjE5Njg4NjQ0OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQClzSMrIa8OXVmyQXGLMhQARjA7DHbUkZ54uXZj0RfQCOsfM9SQ mBSn6NNAHOYbu6mj8eokOp8IZTDF/Wjwfk0BcSayW25cZkqPtmyZ4UD1cMJvuAxD elwUBj8no1Zz4HOa5fQsIAPOpRw88gdZps7yTWI5kuBFi/lcoPRSY31RJq84Pw80 AmaisT1vld/sCDK+W9ecgx/unX/S0MAkixs/toWJRUttnRIgVmuqbyvyFAXmEe2s Q+4zVrYCZEqBPN7W6FXUgZqqA8zkIm3qWz5xKhUDstvP9iljjLzLrfOxodYHecva gIx/XKIDPeBRx7aaZEVjTy/Op8AMH+CJdJeTAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUZmEWKrApxwhbs9uIg95rGWiGRJcwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvWm1FV0tyQXB4d2hi czl1SWc5NXJHV2lHUkpjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQG1ED/ADANBgkqhkiG9w0BAQsFAAOCAQEAW6SPAmtx50nkRk78g2rvH8YG MvToo/WmEJ52KqItyA7jjPQB5fUHGoS7kY1vM2p8WBR5Ibzn1+cji38V+dXL64Lm A8ihtOw0BcBnE/3zlhQLQXjCylFyKI9+dLy7S+PIc2bG0xWKL7PVatCdcc41I7r/ wL3YOFXmg0KeMxlHCtl+Dk6Pu2KeL3mLZsjcCGX4tZFk7dJgbrOqTY1lufpg3zce LSqQb0mQ3v42E7NtNqqBNnmfOtdWoF0/aQZ1z4ANR6ri9M/igGqks0+rboHsGbYp S+McZIe/RANNA1852kXWLmiYXf0EW5Ur3fMeXB6KirLw+um62AE8iFi+vqlDYg== -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:40 2024 by rpki-client on console-ams.rpki-client.org