$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/AgqTJIALin30gMGPqG9czirSYQ0.roa File: AgqTJIALin30gMGPqG9czirSYQ0.roa (raw, json) Hash identifier: HK9T73Rw1pa4DbHZX+hinWrfF87yLjo19hE4Q2d+ePw= Subject key identifier: 02:0A:93:24:80:0B:8A:7D:F4:80:C1:8F:A8:6F:5C:CE:2A:D2:61:0D Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Certificate serial: 0710 Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/AgqTJIALin30gMGPqG9czirSYQ0.roa Signing time: Tue 24 Sep 2024 00:17:53 +0000 ROA not before: Tue 24 Sep 2024 00:17:53 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 9808 IP address blocks: 2407:8f40:2::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1808 (0x710) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Validity Not Before: Sep 24 00:17:53 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=020A9324800B8A7DF480C18FA86F5CCE2AD2610D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:48:dd:ee:92:ff:14:16:53:18:74:63:6d:7c: e6:e7:13:b7:52:e3:86:13:48:69:26:61:49:77:a9: 61:13:4f:1e:0b:5e:be:bc:5f:fe:ec:de:97:a6:f6: b9:6d:87:c9:ff:1c:06:43:bf:fd:38:e7:ea:57:c4: 00:56:84:f0:c8:2d:ed:b4:54:39:01:8b:69:2a:3e: d9:68:9d:a5:86:a8:0c:54:19:ee:93:54:55:35:36: 79:97:43:cb:d7:e6:8b:ab:b3:5b:dc:50:ad:54:a9: 64:f9:66:2e:38:a3:d4:1d:4a:1f:66:23:3b:0e:ae: 2a:1b:fc:95:0a:16:8e:eb:48:2b:7a:26:71:7e:37: f4:dc:21:d5:28:d9:27:a9:b2:a1:36:46:c3:f8:93: c1:b9:8b:07:d4:ac:ee:76:e4:55:8f:78:97:91:33: 73:f5:09:38:7c:dc:37:7e:59:ab:49:df:71:db:bd: ab:13:a9:79:01:03:d1:55:5f:7c:66:27:78:fb:54: 48:ae:14:2c:2e:31:9a:76:80:33:ac:1e:e2:ce:1c: 91:df:09:16:e0:33:41:4c:ec:c9:28:81:88:f9:03: 42:ee:5e:3e:32:d9:de:cc:20:80:11:ad:ad:e6:94: 9b:e8:4c:dd:b8:d1:90:7c:90:89:ce:11:6a:21:65: 09:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:0A:93:24:80:0B:8A:7D:F4:80:C1:8F:A8:6F:5C:CE:2A:D2:61:0D X509v3 Authority Key Identifier: keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/AgqTJIALin30gMGPqG9czirSYQ0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:8f40:2::/48 Signature Algorithm: sha256WithRSAEncryption 4f:28:52:74:b3:22:bf:03:ac:e5:0a:1e:30:b5:8c:ab:12:b8: 44:73:8f:6c:2e:53:cb:cd:12:04:10:91:98:b4:8e:cc:53:d6: cb:96:9d:92:01:ad:0c:15:a5:e1:51:0c:39:79:7f:c6:26:18: ab:d4:09:1d:4a:9c:7b:8e:4e:73:d8:de:36:8f:4c:5b:82:46: 1a:c3:95:1f:9d:23:ab:ab:76:67:c2:5e:71:a9:99:a4:f5:b7: e5:d6:92:13:a4:44:6d:d1:e1:76:47:a8:18:2c:75:ad:b1:97: 4c:09:15:ff:76:b0:75:4c:b0:d5:82:cb:91:b2:df:93:c7:d1: 24:9f:4d:87:ac:21:6d:5e:df:b9:1a:5e:31:a4:83:1b:f6:38: 13:7c:fe:e4:cd:f0:b4:73:2e:42:d1:99:6a:e4:a1:fd:d0:35: a5:6a:70:09:62:ad:cb:78:ad:fc:e6:99:ee:89:55:4d:c2:fc: 27:7a:ac:4c:07:17:55:b8:dc:a9:cd:6c:79:92:76:71:fa:d6: 9e:d9:20:91:25:29:a5:4e:bb:70:d9:23:5d:eb:21:f2:be:5f: 9c:3a:ae:5f:56:7b:10:a6:61:b7:ae:ad:6e:f2:3e:42:58:af: fb:69:c9:8a:ad:4c:41:10:10:e4:2d:86:17:0c:1c:d9:6f:2f: bd:0a:26:a1 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICBxAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNDA5MjQw MDE3NTNaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDAyMEE5MzI0ODAwQjhB N0RGNDgwQzE4RkE4NkY1Q0NFMkFEMjYxMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNSN3ukv8UFlMYdGNtfObnE7dS44YTSGkmYUl3qWETTx4LXr68 X/7s3pem9rlth8n/HAZDv/045+pXxABWhPDILe20VDkBi2kqPtlonaWGqAxUGe6T VFU1NnmXQ8vX5ours1vcUK1UqWT5Zi44o9QdSh9mIzsOriob/JUKFo7rSCt6JnF+ N/TcIdUo2SepsqE2RsP4k8G5iwfUrO525FWPeJeRM3P1CTh83Dd+WatJ33HbvasT qXkBA9FVX3xmJ3j7VEiuFCwuMZp2gDOsHuLOHJHfCRbgM0FM7MkogYj5A0LuXj4y 2d7MIIARra3mlJvoTN240ZB8kInOEWohZQmfAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUAgqTJIALin30gMGPqG9czirSYQ0wHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b 3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvQWdxVEpJQUxpbjMw Z01HUHFHOWN6aXJTWVEwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQHj0AAAjANBgkqhkiG9w0BAQsFAAOCAQEATyhSdLMivwOs5QoeMLWMqxK4 RHOPbC5Ty80SBBCRmLSOzFPWy5adkgGtDBWl4VEMOXl/xiYYq9QJHUqce45Oc9je No9MW4JGGsOVH50jq6t2Z8JecamZpPW35daSE6REbdHhdkeoGCx1rbGXTAkV/3aw dUyw1YLLkbLfk8fRJJ9Nh6whbV7fuRpeMaSDG/Y4E3z+5M3wtHMuQtGZauSh/dA1 pWpwCWKty3it/OaZ7olVTcL8J3qsTAcXVbjcqc1seZJ2cfrWntkgkSUppU67cNkj Xesh8r5fnDquX1Z7EKZht66tbvI+Qliv+2nJiq1MQRAQ5C2GFwwc2W8vvQomoQ== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:10 2024 by rpki-client on console-fra.rpki-client.org