$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/GIDWPNH8gIFzFviLLsFWzA_F8D0.roa File: GIDWPNH8gIFzFviLLsFWzA_F8D0.roa (raw, json) Hash identifier: lX7mayy9rWGDf/79uHlDk+qgzhzW01SLU0a2ns0pnN0= Subject key identifier: 18:80:D6:3C:D1:FC:80:81:73:16:F8:8B:2E:C1:56:CC:0F:C5:F0:3D Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 0CE1 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GIDWPNH8gIFzFviLLsFWzA_F8D0.roa Signing time: Wed 13 Mar 2024 01:21:59 +0000 ROA not before: Wed 13 Mar 2024 01:21:59 +0000 ROA not after: Fri 07 Jun 2024 02:16:11 +0000 asID: 50983 IP address blocks: 2403:1b80::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 01 Jun 2024 16:25:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3297 (0xce1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Mar 13 01:21:59 2024 GMT Not After : Jun 7 02:16:11 2024 GMT Subject: CN=1880D63CD1FC80817316F88B2EC156CC0FC5F03D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:e7:e3:16:13:fd:5b:0c:e6:64:2d:9e:ac:85: de:08:4f:e9:da:ec:eb:7f:b2:1f:a7:dc:7f:58:be: e7:c4:57:51:30:24:f3:2a:ca:e4:eb:4a:6f:34:b3: bd:94:3f:71:42:3f:0f:d3:b6:3a:07:31:44:91:b4: 6a:91:bc:ca:19:cc:e4:3e:b9:be:56:b4:43:df:38: 35:a4:ad:38:80:26:8f:84:e7:1d:d4:2a:ae:56:54: e6:93:b7:1d:f4:f7:a8:2e:40:18:35:82:4b:b2:b7: 27:e2:c5:b2:61:42:3b:b8:13:2f:cf:9a:58:d9:80: 89:ae:a8:69:4b:b4:07:11:b4:73:45:ac:c0:66:51: 00:18:01:79:e6:4a:e5:5c:c9:9c:8b:ac:0e:cc:67: 47:14:b9:19:1a:7c:df:45:8c:43:99:48:ef:1c:08: 91:43:b8:10:8b:c1:8f:57:2b:41:4e:e5:66:8c:b2: d7:3f:b4:e4:56:a9:30:5b:63:b5:51:7e:8d:10:c3: c8:19:02:8a:c5:c0:ed:a3:d1:9c:78:47:68:08:f6: a2:b2:7f:a2:3a:1a:5e:df:42:47:a4:6d:d8:c9:93: 56:83:23:7e:d0:d2:bd:07:9e:01:96:3a:c9:44:3b: 3e:d6:fa:8d:b6:61:34:71:91:63:65:fe:1c:77:c2: 2e:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:80:D6:3C:D1:FC:80:81:73:16:F8:8B:2E:C1:56:CC:0F:C5:F0:3D X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GIDWPNH8gIFzFviLLsFWzA_F8D0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:1b80::/32 Signature Algorithm: sha256WithRSAEncryption d0:a0:e4:84:a2:37:52:82:79:35:ef:d2:6d:ab:48:8c:e0:b2: 87:43:f3:b1:24:7e:31:f9:69:c6:07:fc:4d:92:6d:b5:82:63: a9:87:f5:db:8a:27:ef:30:42:b1:6a:57:a7:4a:cc:81:6c:0d: 9b:47:45:e2:81:2c:21:ff:53:ee:8d:36:2d:d8:e6:04:ae:49: ff:f2:2c:2c:8a:b6:fd:5b:5d:84:58:61:43:e8:f3:29:37:8b: d6:e1:c3:5c:fd:05:56:31:4f:75:07:c3:75:6e:83:ca:6a:98: 8a:1d:0c:36:51:99:42:f7:f5:d0:3f:9a:8b:cd:a8:a9:42:d4: d9:6c:ca:69:d4:e5:27:a5:3d:a1:49:18:e5:18:af:0b:54:57: 6d:07:bb:7d:8a:ee:d6:a6:8a:7b:79:0f:de:3e:59:95:0f:ec: ab:b9:38:dd:a1:24:2d:46:f2:94:7c:ca:14:7c:ab:3c:2d:2f: 00:ef:cf:aa:f4:39:ea:a9:4c:56:2f:f1:06:b8:49:10:46:2b: a4:6e:66:f7:de:6f:63:40:0e:2a:ad:94:f0:c5:93:ea:00:a2: 68:d7:1b:28:46:c0:79:0e:87:a5:28:9a:58:64:03:c9:6e:e4: 89:ec:2a:83:f2:a5:57:3d:47:3d:7b:1c:2b:73:e5:c3:aa:f4: 9e:0e:f2:8c -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICDOEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDAzMTMw MTIxNTlaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDE4ODBENjNDRDFGQzgw ODE3MzE2Rjg4QjJFQzE1NkNDMEZDNUYwM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCk5+MWE/1bDOZkLZ6shd4IT+na7Ot/sh+n3H9YvufEV1EwJPMq yuTrSm80s72UP3FCPw/TtjoHMUSRtGqRvMoZzOQ+ub5WtEPfODWkrTiAJo+E5x3U Kq5WVOaTtx3096guQBg1gkuytyfixbJhQju4Ey/PmljZgImuqGlLtAcRtHNFrMBm UQAYAXnmSuVcyZyLrA7MZ0cUuRkafN9FjEOZSO8cCJFDuBCLwY9XK0FO5WaMstc/ tORWqTBbY7VRfo0Qw8gZAorFwO2j0Zx4R2gI9qKyf6I6Gl7fQkekbdjJk1aDI37Q 0r0HngGWOslEOz7W+o22YTRxkWNl/hx3wi6xAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUGIDWPNH8gIFzFviLLsFWzA/F8D0wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0dJRFdQTkg4Z0lGekZ2 aUxMc0ZXekFfRjhEMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD BQAkAxuAMA0GCSqGSIb3DQEBCwUAA4IBAQDQoOSEojdSgnk179Jtq0iM4LKHQ/Ox JH4x+WnGB/xNkm21gmOph/XbiifvMEKxalenSsyBbA2bR0XigSwh/1PujTYt2OYE rkn/8iwsirb9W12EWGFD6PMpN4vW4cNc/QVWMU91B8N1boPKapiKHQw2UZlC9/XQ P5qLzaipQtTZbMpp1OUnpT2hSRjlGK8LVFdtB7t9iu7Wpop7eQ/ePlmVD+yruTjd oSQtRvKUfMoUfKs8LS8A78+q9DnqqUxWL/EGuEkQRiukbmb33m9jQA4qrZTwxZPq AKJo1xsoRsB5DoelKJpYZAPJbuSJ7CqD8qVXPUc9exwrc+XDqvSeDvKM -----END CERTIFICATE-----Generated at Sat Jun 1 12:23:50 2024 by rpki-client on console-ams.rpki-client.org