$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/dTMFnNYS9LqVMpJIioge2ooc5gE.roa File: dTMFnNYS9LqVMpJIioge2ooc5gE.roa (raw, json) Hash identifier: pCXNC0r3wfXitDNymXsPE77AREO+Pz310OZK4OIzz2Q= Subject key identifier: 75:33:05:9C:D6:12:F4:BA:95:32:92:48:8A:88:1E:DA:8A:1C:E6:01 Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Certificate serial: 0B Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/dTMFnNYS9LqVMpJIioge2ooc5gE.roa Signing time: Mon 24 Jun 2024 07:33:55 +0000 ROA not before: Mon 24 Jun 2024 07:33:55 +0000 ROA not after: Tue 24 Jun 2025 01:23:54 +0000 asID: 146761 IP address blocks: 2400:5f60::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11 (0xb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Validity Not Before: Jun 24 07:33:55 2024 GMT Not After : Jun 24 01:23:54 2025 GMT Subject: CN=7533059CD612F4BA953292488A881EDA8A1CE601 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:7e:12:76:b9:ef:6e:a5:0b:e5:0f:b5:a7:3a: c9:05:13:7d:4b:80:1c:aa:0d:93:f2:29:a7:80:74: 55:fe:8b:76:38:cc:19:4c:75:d1:bd:fb:ac:31:ee: 49:6c:e0:15:f8:65:0e:81:f4:b8:8a:66:9b:83:0c: ef:e1:62:e3:a1:ca:65:59:58:c6:c4:57:5d:44:54: 85:f8:f6:e5:3d:03:c9:38:26:d6:b4:e1:e1:8c:d9: 8a:00:99:09:35:bf:b6:7f:b7:fe:49:2a:c7:79:61: 72:47:ca:c7:8b:48:91:25:c1:a3:4e:02:e8:95:9d: 83:95:f6:3d:d2:e9:8a:4e:c7:81:dd:b7:d2:20:e9: 87:56:6e:35:10:5d:b6:e5:24:ef:2b:ab:72:0f:38: 25:e1:10:22:37:33:e8:9c:3e:c9:f4:6f:35:5e:77: 2e:cf:37:fc:a4:e9:13:a3:d2:1f:36:4f:32:e3:9f: a3:54:2b:d3:aa:62:cb:4e:07:50:c0:2b:38:78:71: c8:b5:9e:ad:d3:5a:fb:6d:cc:d5:16:52:a2:80:82: 5b:6a:9a:fc:18:73:de:67:10:3e:f0:b6:25:16:7d: 41:c3:29:9b:e2:d9:04:ab:51:5b:30:2e:8d:be:dc: 0a:39:52:d7:85:63:ce:35:46:ae:4e:07:fd:b2:6c: bd:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:33:05:9C:D6:12:F4:BA:95:32:92:48:8A:88:1E:DA:8A:1C:E6:01 X509v3 Authority Key Identifier: keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/dTMFnNYS9LqVMpJIioge2ooc5gE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:5f60::/32 Signature Algorithm: sha256WithRSAEncryption 0e:ed:7b:cd:7c:71:75:f7:43:0e:f2:4e:86:4a:73:4b:4d:3f: 69:3a:b1:80:af:12:ca:40:e4:1b:fc:99:79:34:8b:18:7f:f6: 73:bb:cd:06:be:52:b7:f6:e3:d3:af:b8:70:fa:2c:85:ed:26: d8:7e:4a:ed:c2:67:f8:78:1b:08:99:68:f7:94:22:71:01:3c: 4a:fa:4f:15:89:d5:46:e3:67:4e:db:b5:47:12:88:8b:4c:33: 77:ff:c6:5d:9a:b2:68:f0:0f:50:68:c8:99:b1:50:12:b3:47: b2:41:8e:1c:9f:ec:23:87:05:38:59:d5:77:86:c7:bf:7f:0e: 14:55:b5:35:a1:48:a4:ea:62:00:4e:f0:49:bb:4b:98:da:e6: 4f:47:59:d4:70:d6:6b:75:ae:ef:85:71:ef:3a:c1:83:f7:a9: 1b:57:06:39:69:1f:4c:44:64:2d:ae:64:e1:dc:5c:d7:9a:39: 66:2e:37:c2:86:ab:3b:69:6a:ab:20:7c:89:cb:35:1d:0f:e1: 5e:52:7b:bf:3c:d4:b0:0c:35:7a:ba:63:89:94:09:b3:c0:44: 76:e3:35:28:e2:0b:4b:ab:d4:04:a5:a6:e4:e9:e7:bf:06:ec: 36:ab:c8:51:6d:4b:82:70:2f:9a:6f:a3:ea:c2:c5:32:9f:6c: 04:3d:20:51 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgIBCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxQkM2 RDlBOUY0QTIyNkE2MUY1RkExQTkxNjM5NDFENEIzNUJBMzVCMB4XDTI0MDYyNDA3 MzM1NVoXDTI1MDYyNDAxMjM1NFowMzExMC8GA1UEAxMoNzUzMzA1OUNENjEyRjRC QTk1MzI5MjQ4OEE4ODFFREE4QTFDRTYwMTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAOF+Ena5726lC+UPtac6yQUTfUuAHKoNk/Ipp4B0Vf6LdjjMGUx1 0b37rDHuSWzgFfhlDoH0uIpmm4MM7+Fi46HKZVlYxsRXXURUhfj25T0DyTgm1rTh 4YzZigCZCTW/tn+3/kkqx3lhckfKx4tIkSXBo04C6JWdg5X2PdLpik7Hgd230iDp h1ZuNRBdtuUk7yurcg84JeEQIjcz6Jw+yfRvNV53Ls83/KTpE6PSHzZPMuOfo1Qr 06piy04HUMArOHhxyLWerdNa+23M1RZSooCCW2qa/Bhz3mcQPvC2JRZ9QcMpm+LZ BKtRWzAujb7cCjlS14VjzjVGrk4H/bJsvVcCAwEAAaOCAfQwggHwMB0GA1UdDgQW BBR1MwWc1hL0upUykkiKiB7aihzmATAfBgNVHSMEGDAWgBQbxtmp9KImph9foakW OUHUs1ujWzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMTM0 L0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvRzhiWnFmU2lKcVlmWDZHcEZqbEIxTE5ibzFzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEzNC9kVE1Gbk5ZUzlMcVZN cEpJaW9nZTJvb2M1Z0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH AwUAJABfYDANBgkqhkiG9w0BAQsFAAOCAQEADu17zXxxdfdDDvJOhkpzS00/aTqx gK8SykDkG/yZeTSLGH/2c7vNBr5St/bj06+4cPoshe0m2H5K7cJn+HgbCJlo95Qi cQE8SvpPFYnVRuNnTtu1RxKIi0wzd//GXZqyaPAPUGjImbFQErNHskGOHJ/sI4cF OFnVd4bHv38OFFW1NaFIpOpiAE7wSbtLmNrmT0dZ1HDWa3Wu74Vx7zrBg/epG1cG OWkfTERkLa5k4dxc15o5Zi43woarO2lqqyB8ics1HQ/hXlJ7vzzUsAw1erpjiZQJ s8BEduM1KOILS6vUBKWm5OnnvwbsNqvIUW1LgnAvmm+j6sLFMp9sBD0gUQ== -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:45 2024 by rpki-client on console-ams.rpki-client.org