$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/yNBDGOVkiYsAwisAWCDVmLNs1gQ.roa File: yNBDGOVkiYsAwisAWCDVmLNs1gQ.roa (raw, json) Hash identifier: emMlJZXjdR4Q6ai98sFQXdo2DR2/iit0LIujArCR5u8= Subject key identifier: C8:D0:43:18:E5:64:89:8B:00:C2:2B:00:58:20:D5:98:B3:6C:D6:04 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 16D6 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/yNBDGOVkiYsAwisAWCDVmLNs1gQ.roa Signing time: Wed 13 Mar 2024 01:23:51 +0000 ROA not before: Wed 13 Mar 2024 01:23:51 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 137718 IP address blocks: 2406:d440::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5846 (0x16d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Mar 13 01:23:51 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=C8D04318E564898B00C22B005820D598B36CD604 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:34:08:6a:c0:00:58:4c:12:df:33:1f:5e:3b: 55:3d:53:47:af:67:97:7d:69:78:6f:07:49:a0:0f: c4:86:14:1f:ea:3a:6a:11:ab:64:2a:9d:a2:2c:3a: c7:43:03:18:48:c5:77:ec:54:3e:a0:92:bc:76:09: 76:7a:b5:2d:4e:f5:ae:6f:78:db:ab:1a:1a:8b:d5: 54:5b:9f:5a:ae:6d:8e:68:f0:a9:c0:5e:51:cf:e3: 73:40:8d:d6:ed:49:e9:45:f4:f1:ce:ed:7a:29:1b: 23:84:28:1c:c1:ba:b8:2c:cd:2e:a5:1d:ee:b1:26: c8:4c:f3:74:5a:8a:10:cd:d2:fe:bd:67:c6:8f:84: a9:08:1a:20:3b:de:9a:a6:b6:2e:1e:7a:2f:b9:3d: 10:2f:dd:26:ef:bf:3a:96:7c:ce:57:3a:25:27:23: 7d:6d:ed:1e:56:ec:04:3d:d1:fc:25:87:60:e8:2f: 7a:3a:9b:4e:46:68:d1:64:d4:e2:53:02:19:d6:8c: b8:22:16:cd:74:4e:ae:a5:32:20:f6:d8:84:76:7e: 1e:89:0e:1d:97:10:fa:7f:dd:e5:f0:d5:76:13:e8: 7e:05:48:7a:af:cd:a4:d5:96:6b:f9:11:1d:91:56: e3:85:d3:73:16:76:0d:7c:a6:b7:9f:1f:64:ef:f6: 26:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:D0:43:18:E5:64:89:8B:00:C2:2B:00:58:20:D5:98:B3:6C:D6:04 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/yNBDGOVkiYsAwisAWCDVmLNs1gQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:d440::/32 Signature Algorithm: sha256WithRSAEncryption be:ff:91:40:9b:1e:92:8b:4b:24:1d:da:9e:fc:bb:81:be:cc: a2:6b:76:3e:67:71:fd:63:e2:5a:70:33:b4:90:1d:00:76:6d: eb:90:e2:b9:54:62:ab:04:49:75:ed:99:80:9e:3f:6c:93:8f: 80:ec:0c:bd:cf:37:20:a7:63:4b:7f:9c:c5:bd:d6:34:ca:b8: 38:76:e7:e9:f8:a0:d1:75:be:ee:b3:d8:39:79:a2:82:a2:04: 2a:9a:45:6a:fa:d2:f4:68:6b:04:78:d7:a4:db:6d:e2:2d:70: 99:b7:40:4b:99:b1:c8:2d:33:8e:12:7d:65:3b:88:8c:4e:7f: 75:22:e4:66:bc:fa:b4:d3:d7:98:44:4f:8a:4c:1c:3f:2f:07: a5:09:6f:43:9d:03:33:26:be:b9:51:28:4f:c8:dd:06:f8:b1: 81:73:a6:6b:d1:16:f0:70:c7:72:ee:92:71:40:9e:d2:53:4d: 80:db:a3:14:ef:5a:a1:db:55:0d:ed:dd:28:1a:88:49:56:4e: 34:26:60:7c:a3:87:1f:f2:7d:b5:12:b9:5c:14:ab:42:31:f1: 49:d6:8c:7a:a3:12:a5:03:32:49:2c:0c:aa:69:15:4f:97:e2: 18:7d:87:3f:81:e8:be:cc:63:ee:4a:1a:9c:7b:5f:da:cc:c0: 2c:7c:f8:9b -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICFtYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNDAzMTMw MTIzNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM4RDA0MzE4RTU2NDg5 OEIwMEMyMkIwMDU4MjBENTk4QjM2Q0Q2MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCZNAhqwABYTBLfMx9eO1U9U0evZ5d9aXhvB0mgD8SGFB/qOmoR q2QqnaIsOsdDAxhIxXfsVD6gkrx2CXZ6tS1O9a5veNurGhqL1VRbn1qubY5o8KnA XlHP43NAjdbtSelF9PHO7XopGyOEKBzBurgszS6lHe6xJshM83RaihDN0v69Z8aP hKkIGiA73pqmti4eei+5PRAv3SbvvzqWfM5XOiUnI31t7R5W7AQ90fwlh2DoL3o6 m05GaNFk1OJTAhnWjLgiFs10Tq6lMiD22IR2fh6JDh2XEPp/3eXw1XYT6H4FSHqv zaTVlmv5ER2RVuOF03MWdg18prefH2Tv9iZrAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUyNBDGOVkiYsAwisAWCDVmLNs1gQwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQveU5CREdPVmtpWXNB d2lzQVdDRFZtTE5zMWdRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQG1EAwDQYJKoZIhvcNAQELBQADggEBAL7/kUCbHpKLSyQd2p78u4G+zKJr dj5ncf1j4lpwM7SQHQB2beuQ4rlUYqsESXXtmYCeP2yTj4DsDL3PNyCnY0t/nMW9 1jTKuDh25+n4oNF1vu6z2Dl5ooKiBCqaRWr60vRoawR416TbbeItcJm3QEuZscgt M44SfWU7iIxOf3Ui5Ga8+rTT15hET4pMHD8vB6UJb0OdAzMmvrlRKE/I3Qb4sYFz pmvRFvBwx3LuknFAntJTTYDboxTvWqHbVQ3t3SgaiElWTjQmYHyjhx/yfbUSuVwU q0Ix8UnWjHqjEqUDMkksDKppFU+X4hh9hz+B6L7MY+5KGpx7X9rMwCx8+Js= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:10 2024 by rpki-client on console-fra.rpki-client.org