$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/awkcud5Cff30fcrE4k326V27jVA.roa File: awkcud5Cff30fcrE4k326V27jVA.roa (raw, json) Hash identifier: 4U7GnHiO2CsZRKINZDrrcnucwOJDoJn/ukXWR1ElYJ4= Subject key identifier: 6B:09:1C:B9:DE:42:7D:FD:F4:7D:CA:C4:E2:4D:F6:E9:5D:BB:8D:50 Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Certificate serial: 0715 Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/awkcud5Cff30fcrE4k326V27jVA.roa Signing time: Tue 24 Sep 2024 00:17:55 +0000 ROA not before: Tue 24 Sep 2024 00:17:55 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 37968 IP address blocks: 2407:8f40:2::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1813 (0x715) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Validity Not Before: Sep 24 00:17:55 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=6B091CB9DE427DFDF47DCAC4E24DF6E95DBB8D50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:b0:65:d5:3a:47:2a:84:f5:66:02:64:3b:2c: ff:86:0f:28:3c:27:93:aa:1f:4e:ab:0d:bb:bd:bc: b5:69:62:49:05:4b:4d:f6:0d:4b:b4:85:64:fd:59: a1:37:3a:60:9b:c9:bf:e9:de:53:5c:27:a5:79:25: 36:9f:b3:bb:57:71:46:2b:4e:53:0a:2d:93:0f:92: c4:fd:92:f1:32:b6:32:ac:4a:ce:65:76:cf:e4:d3: c6:de:d5:b5:29:2b:a8:cc:26:01:dd:c9:82:3c:7a: 5f:65:fb:b2:60:c6:3a:61:d1:51:09:92:83:83:76: 87:66:e3:11:b2:58:1a:d6:94:10:39:22:d8:6a:fb: 60:e2:01:fe:ec:ae:3e:90:07:d0:d2:30:bd:a4:b9: d8:4c:67:5f:dd:37:cc:95:3d:0e:a9:96:25:8b:b1: a6:ef:ff:02:0f:29:83:04:49:4a:d4:0c:4a:99:87: 03:2f:c0:cd:38:88:e5:a4:43:b6:1f:86:2a:8b:35: 89:62:be:d7:37:b3:f6:aa:4e:75:29:84:e0:53:b5: f3:21:bb:30:34:aa:42:bb:29:f2:a0:1f:dc:e9:03: 07:d6:f1:9b:ac:8f:75:c9:04:8b:07:8c:f7:d7:12: bb:83:16:87:00:4c:de:43:93:75:6a:9a:95:b3:85: eb:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:09:1C:B9:DE:42:7D:FD:F4:7D:CA:C4:E2:4D:F6:E9:5D:BB:8D:50 X509v3 Authority Key Identifier: keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/awkcud5Cff30fcrE4k326V27jVA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:8f40:2::/48 Signature Algorithm: sha256WithRSAEncryption a4:e9:59:5c:f5:9d:f4:53:e2:c5:1d:52:e2:f9:c4:e2:f4:ac: 95:95:80:a2:d7:87:d3:9f:30:a5:04:15:77:c2:ad:a8:e7:39: 68:c3:a4:03:e8:a0:73:dd:bf:f9:30:e1:d2:21:3d:25:6b:b2: 91:0e:26:4e:d7:69:ae:e7:a7:b3:d6:0a:d6:bd:ca:3d:56:dc: 9f:20:8a:9c:92:ba:8a:87:6e:64:27:ef:ea:9b:11:c6:1d:83: 29:67:a2:3c:1a:94:fa:35:f0:4f:07:75:09:ab:4b:28:a9:90: e6:9f:a5:c6:19:12:b0:0a:fe:e3:7b:8e:12:c5:d3:45:f2:b8: a1:cd:d7:ca:48:76:06:ae:13:f5:e9:5e:88:64:ec:2e:1e:b6: 0e:5c:ca:fc:95:59:59:e2:05:fa:f6:7e:11:71:74:6e:86:4e: bd:4e:cd:d3:18:27:73:59:3b:18:62:fb:6e:46:ed:b6:31:dc: 52:17:a3:48:d8:26:78:d1:d1:9b:6b:02:86:5b:3e:17:17:0f: 5b:f0:76:ef:03:3d:98:2a:b5:c5:31:7d:a7:c3:53:49:60:26: 1a:1d:1d:7f:ee:4e:e7:ab:f8:99:9b:94:c6:f8:1e:53:b4:49: 60:0a:5f:ce:15:cf:71:cc:79:a0:69:d9:c1:1a:90:c6:8c:71: e1:b2:64:d6 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICBxUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNDA5MjQw MDE3NTVaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDZCMDkxQ0I5REU0MjdE RkRGNDdEQ0FDNEUyNERGNkU5NURCQjhENTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4sGXVOkcqhPVmAmQ7LP+GDyg8J5OqH06rDbu9vLVpYkkFS032 DUu0hWT9WaE3OmCbyb/p3lNcJ6V5JTafs7tXcUYrTlMKLZMPksT9kvEytjKsSs5l ds/k08be1bUpK6jMJgHdyYI8el9l+7Jgxjph0VEJkoODdodm4xGyWBrWlBA5Ithq +2DiAf7srj6QB9DSML2kudhMZ1/dN8yVPQ6pliWLsabv/wIPKYMESUrUDEqZhwMv wM04iOWkQ7YfhiqLNYlivtc3s/aqTnUphOBTtfMhuzA0qkK7KfKgH9zpAwfW8Zus j3XJBIsHjPfXEruDFocATN5Dk3VqmpWzhevfAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUawkcud5Cff30fcrE4k326V27jVAwHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b 3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvYXdrY3VkNUNmZjMw ZmNyRTRrMzI2VjI3alZBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQHj0AAAjANBgkqhkiG9w0BAQsFAAOCAQEApOlZXPWd9FPixR1S4vnE4vSs lZWAoteH058wpQQVd8KtqOc5aMOkA+igc92/+TDh0iE9JWuykQ4mTtdpruens9YK 1r3KPVbcnyCKnJK6ioduZCfv6psRxh2DKWeiPBqU+jXwTwd1CatLKKmQ5p+lxhkS sAr+43uOEsXTRfK4oc3Xykh2Bq4T9eleiGTsLh62DlzK/JVZWeIF+vZ+EXF0boZO vU7N0xgnc1k7GGL7bkbttjHcUhejSNgmeNHRm2sChls+FxcPW/B27wM9mCq1xTF9 p8NTSWAmGh0df+5O56v4mZuUxvgeU7RJYApfzhXPccx5oGnZwRqQxoxx4bJk1g== -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:44 2024 by rpki-client on console-ams.rpki-client.org