$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/tBvcwWRGb-qYTTnVrha35aS_C6g.roa File: tBvcwWRGb-qYTTnVrha35aS_C6g.roa (raw, json) Hash identifier: l4QU1iZ1dI6f05fPWx9IBlxzwuXa1Kiezx2NFUFPfcE= Subject key identifier: B4:1B:DC:C1:64:46:6F:EA:98:4D:39:D5:AE:16:B7:E5:A4:BF:0B:A8 Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Certificate serial: 1731 Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/tBvcwWRGb-qYTTnVrha35aS_C6g.roa Signing time: Fri 24 May 2024 02:26:44 +0000 ROA not before: Fri 24 May 2024 02:26:44 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 4808 IP address blocks: 2406:4d00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Sep 2024 23:52:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5937 (0x1731) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Validity Not Before: May 24 02:26:44 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=B41BDCC164466FEA984D39D5AE16B7E5A4BF0BA8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:22:c0:c8:ff:e5:31:45:bc:de:7f:4c:8b:57: a1:00:4d:d1:85:56:88:f4:f9:93:79:a9:c3:ff:0a: 6a:58:a6:03:3b:bc:36:64:e2:a1:b1:a5:ca:45:2f: 6f:8c:d8:ac:58:c1:45:f6:97:ec:bc:6e:b7:c1:16: c5:f0:43:7f:fb:6b:8b:13:b3:4f:ec:98:80:dc:05: 93:39:bb:b6:70:55:89:5d:c8:29:6c:02:bc:dc:e2: 9f:61:7d:d9:1b:6c:d2:42:c7:2b:7b:b9:45:d8:d3: 19:0b:32:25:36:49:4f:4f:2f:fe:97:93:0b:0f:7e: bd:ac:f8:47:81:c4:4b:41:30:d8:09:cb:ca:3c:fa: 13:0c:46:84:86:c6:22:e0:86:c8:dc:73:44:c4:ea: 9b:97:78:20:91:1d:93:c3:38:56:07:82:61:31:32: c6:15:9d:ed:40:54:78:90:0b:2b:85:5c:89:68:48: 66:1b:3e:e2:c1:cd:e0:da:16:f3:26:86:e6:b2:c8: 64:74:ec:a0:4f:1c:91:d2:da:bd:be:03:6c:70:77: bc:ce:e6:a8:0b:1e:ad:c1:fb:f3:40:bb:9a:97:16: c2:7f:ab:59:20:38:1a:8b:5d:8e:8f:29:6c:e3:83: dd:6d:e9:a6:61:8b:33:b2:e7:81:a3:07:2d:0a:ba: 2f:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:1B:DC:C1:64:46:6F:EA:98:4D:39:D5:AE:16:B7:E5:A4:BF:0B:A8 X509v3 Authority Key Identifier: keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/tBvcwWRGb-qYTTnVrha35aS_C6g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:4d00::/48 Signature Algorithm: sha256WithRSAEncryption 98:08:a2:e1:d0:71:ed:25:73:1b:f8:07:38:44:46:d8:47:18: 11:f4:58:2d:93:26:d1:ea:b3:56:34:ea:85:9b:5a:be:d0:96: 48:9b:1e:5f:42:a2:88:ef:a1:30:19:19:30:38:28:8a:7c:bb: 7c:86:ba:5b:f4:a3:c6:57:73:1c:c9:a9:32:26:f9:7b:d4:e7: 5d:4c:6c:e8:d8:da:10:78:04:31:b8:1e:71:26:ab:02:05:82: 85:d7:e7:f9:fa:b6:f8:a4:40:5d:fb:15:13:59:9b:c3:5c:c3: 74:10:47:87:fb:49:b6:cb:7a:a8:94:fa:3c:a5:02:99:7d:90: 5f:8c:ab:40:68:1a:a2:e8:76:d9:bb:ca:da:57:c1:ba:55:b9: 5e:9e:9b:dc:28:92:04:8a:0c:fa:0b:58:f0:78:2b:1b:ad:7b: 66:80:fd:27:5a:6e:20:26:6a:c2:6c:fd:61:37:b8:c4:9b:cc: 1f:13:e6:c5:68:13:c9:43:0a:68:b2:80:83:42:e2:92:54:81: 60:57:50:38:27:4a:5a:76:7a:80:e6:ef:f7:7b:35:06:4b:8a: 8f:c7:85:96:f9:71:cb:31:19:89:f4:f8:ce:76:ac:3c:a9:4a: 76:cc:40:43:57:93:57:7a:2d:40:6f:2a:c8:08:22:b6:37:2a: 3c:b0:e6:d6 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICFzEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNDA1MjQw MjI2NDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI0MUJEQ0MxNjQ0NjZG RUE5ODREMzlENUFFMTZCN0U1QTRCRjBCQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCfIsDI/+UxRbzef0yLV6EATdGFVoj0+ZN5qcP/CmpYpgM7vDZk 4qGxpcpFL2+M2KxYwUX2l+y8brfBFsXwQ3/7a4sTs0/smIDcBZM5u7ZwVYldyCls Arzc4p9hfdkbbNJCxyt7uUXY0xkLMiU2SU9PL/6XkwsPfr2s+EeBxEtBMNgJy8o8 +hMMRoSGxiLghsjcc0TE6puXeCCRHZPDOFYHgmExMsYVne1AVHiQCyuFXIloSGYb PuLBzeDaFvMmhuayyGR07KBPHJHS2r2+A2xwd7zO5qgLHq3B+/NAu5qXFsJ/q1kg OBqLXY6PKWzjg91t6aZhizOy54GjBy0Kui8rAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUtBvcwWRGb+qYTTnVrha35aS/C6gwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow 7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL3RCdmN3V1JHYi1xWVRU blZyaGEzNWFTX0M2Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD BwAkBk0AAAAwDQYJKoZIhvcNAQELBQADggEBAJgIouHQce0lcxv4BzhERthHGBH0 WC2TJtHqs1Y06oWbWr7QlkibHl9CoojvoTAZGTA4KIp8u3yGulv0o8ZXcxzJqTIm +XvU511MbOjY2hB4BDG4HnEmqwIFgoXX5/n6tvikQF37FRNZm8Ncw3QQR4f7SbbL eqiU+jylApl9kF+Mq0BoGqLodtm7ytpXwbpVuV6em9wokgSKDPoLWPB4Kxute2aA /SdabiAmasJs/WE3uMSbzB8T5sVoE8lDCmiygINC4pJUgWBXUDgnSlp2eoDm7/d7 NQZLio/HhZb5ccsxGYn0+M52rDypSnbMQENXk1d6LUBvKsgIIrY3Kjyw5tY= -----END CERTIFICATE-----Generated at Fri Sep 20 21:06:26 2024 by rpki-client on console-ams.rpki-client.org