$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/bGYWsnfgxhOz8srRymbDcNYC6No.roa File: bGYWsnfgxhOz8srRymbDcNYC6No.roa (raw, json) Hash identifier: 7BMlof6Kv6pCQ0dbqClF/d+SqsjKir8fsOuU4qSdpK0= Subject key identifier: 6C:66:16:B2:77:E0:C6:13:B3:F2:CA:D1:CA:66:C3:70:D6:02:E8:DA Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 16B5 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/bGYWsnfgxhOz8srRymbDcNYC6No.roa Signing time: Tue 03 Sep 2024 08:16:44 +0000 ROA not before: Tue 03 Sep 2024 08:16:44 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 146845 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:20:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5813 (0x16b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Sep 3 08:16:44 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=6C6616B277E0C613B3F2CAD1CA66C370D602E8DA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:6b:c9:d0:87:78:75:ee:41:ed:df:25:52:47: dc:df:36:65:c9:07:f6:75:8a:5c:e0:5c:a3:ff:d3: 0c:7e:4b:81:05:d3:bb:70:bb:60:94:01:34:71:b3: bd:39:a9:9c:f6:7c:6a:f7:30:d6:03:9d:72:af:12: a2:d9:51:71:c4:1b:db:ec:0e:61:82:d8:c8:bd:d3: 47:34:ce:e4:ca:09:ab:1f:77:51:3c:fc:42:a4:e7: a7:01:98:28:33:b2:3b:60:19:27:d4:50:da:26:f6: 31:90:ff:0e:2f:d6:6a:3e:72:9f:f6:d7:c4:3c:f3: 0c:38:df:cb:5a:7f:6e:9c:07:b1:14:67:0b:cc:9d: a6:54:01:9a:bb:45:82:55:5c:69:19:94:70:20:fd: 81:9c:03:a3:e0:c3:4a:35:65:9d:53:a3:89:f2:dd: 04:84:ee:9d:d1:a7:22:f5:69:97:a3:e8:86:53:19: 32:07:c0:a8:0c:ba:c8:25:d3:c5:e2:37:38:3c:8b: 9c:98:a9:d4:14:de:79:84:b7:aa:eb:be:9c:35:83: ea:70:8a:fa:d7:30:7e:ed:17:00:aa:4e:51:af:b0: 16:36:b8:4f:31:d8:77:28:2a:79:9c:9d:95:b1:1f: 58:45:ef:a5:14:2c:38:79:38:68:b4:4f:b9:e1:68: 1d:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:66:16:B2:77:E0:C6:13:B3:F2:CA:D1:CA:66:C3:70:D6:02:E8:DA X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/bGYWsnfgxhOz8srRymbDcNYC6No.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 60:48:c9:14:3c:7e:9a:be:70:31:95:d8:3e:f6:5c:ad:12:61: f5:f1:c5:90:be:bc:8a:49:ee:fa:be:cb:f0:4b:78:68:5d:63: 18:51:02:41:a1:6d:9c:1c:eb:a7:80:02:28:75:4b:ca:4f:fb: 38:25:6b:c4:a1:31:d1:38:89:69:84:04:e1:75:86:9f:58:cc: a4:1a:6d:f2:26:7b:71:a6:a0:bb:e4:0c:2b:c8:20:5a:7a:7e: 38:1d:4a:a0:aa:71:54:ea:5b:7b:2b:aa:d7:ac:6b:91:97:12: 69:4f:9e:25:1f:ff:55:74:79:3e:28:95:a9:55:4d:fa:0f:8b: 5b:e7:f5:56:9b:e2:ff:f9:86:52:ca:10:e8:cb:5b:da:73:bc: e7:18:9f:d5:b2:56:9d:ed:8e:bd:39:1f:57:c2:5d:db:32:c5: 85:4a:dc:80:44:34:e8:c5:18:b9:23:e6:e5:89:94:2a:05:b5: 38:c0:be:26:89:95:c0:a3:24:ed:f6:db:9e:16:79:57:c6:d7: 21:18:c3:c0:ac:1f:56:73:68:6d:db:53:de:e8:89:24:3f:89: b3:76:10:2f:44:8f:34:54:5f:89:47:af:43:b1:f9:ad:de:83: 6f:8c:8e:54:df:04:c7:cf:2f:13:ad:15:07:e7:88:ca:49:88: 11:b2:16:60 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICFrUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNDA5MDMw ODE2NDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZDNjYxNkIyNzdFMEM2 MTNCM0YyQ0FEMUNBNjZDMzcwRDYwMkU4REEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCva8nQh3h17kHt3yVSR9zfNmXJB/Z1ilzgXKP/0wx+S4EF07tw u2CUATRxs705qZz2fGr3MNYDnXKvEqLZUXHEG9vsDmGC2Mi900c0zuTKCasfd1E8 /EKk56cBmCgzsjtgGSfUUNom9jGQ/w4v1mo+cp/218Q88ww438taf26cB7EUZwvM naZUAZq7RYJVXGkZlHAg/YGcA6Pgw0o1ZZ1To4ny3QSE7p3RpyL1aZej6IZTGTIH wKgMusgl08XiNzg8i5yYqdQU3nmEt6rrvpw1g+pwivrXMH7tFwCqTlGvsBY2uE8x 2HcoKnmcnZWxH1hF76UULDh5OGi0T7nhaB2tAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUbGYWsnfgxhOz8srRymbDcNYC6NowHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvYkdZV3NuZmd4aE96 OHNyUnltYkRjTllDNk5vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAGBIyRQ8fpq+cDGV2D72XK0SYfXx xZC+vIpJ7vq+y/BLeGhdYxhRAkGhbZwc66eAAih1S8pP+zgla8ShMdE4iWmEBOF1 hp9YzKQabfIme3GmoLvkDCvIIFp6fjgdSqCqcVTqW3srqtesa5GXEmlPniUf/1V0 eT4olalVTfoPi1vn9Vab4v/5hlLKEOjLW9pzvOcYn9WyVp3tjr05H1fCXdsyxYVK 3IBENOjFGLkj5uWJlCoFtTjAviaJlcCjJO32254WeVfG1yEYw8CsH1ZzaG3bU97o iSQ/ibN2EC9EjzRUX4lHr0Ox+a3eg2+MjlTfBMfPLxOtFQfniMpJiBGyFmA= -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:41 2024 by rpki-client on console-ams.rpki-client.org