$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/654/Qk4wxenHbplbAEPyAo17a6StqGs.roa File: Qk4wxenHbplbAEPyAo17a6StqGs.roa (raw, json) Hash identifier: UXr3zkn63bsVxvqJjGYar8uul+wIFQszrhfjj7veZwA= Subject key identifier: 42:4E:30:C5:E9:C7:6E:99:5B:00:43:F2:02:8D:7B:6B:A4:AD:A8:6B Certificate issuer: /CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Certificate serial: 116E Authority key identifier: DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/Qk4wxenHbplbAEPyAo17a6StqGs.roa Signing time: Fri 15 Nov 2024 09:13:18 +0000 ROA not before: Fri 15 Nov 2024 09:13:18 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 63199 IP address blocks: 2400:5280:4400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4462 (0x116e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Validity Not Before: Nov 15 09:13:18 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=424E30C5E9C76E995B0043F2028D7B6BA4ADA86B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:d3:30:ef:bd:f8:a7:d0:40:b2:9d:4c:81:4e: d9:2f:2d:7b:16:b9:fd:26:41:70:ab:61:cd:0f:4a: 96:84:03:87:ea:81:40:ed:1b:2a:f5:ec:0b:92:e4: 76:39:c0:70:1d:cd:d6:7c:53:da:d5:68:95:2a:52: fc:ea:dd:f3:f5:cc:6e:8d:7a:7f:92:29:83:d9:40: f4:c1:82:cc:1f:b4:5d:00:ff:b9:73:15:df:34:de: 83:b6:9e:ba:ef:8c:6d:b9:9a:fe:4d:83:9c:79:64: f5:db:e7:2d:68:99:88:50:47:7b:70:51:36:4e:49: 71:15:8f:ed:f3:97:eb:30:4a:06:85:13:7d:f0:9c: 6a:5c:cd:e3:15:a0:03:ac:46:b3:29:da:e7:7d:43: 9a:aa:d5:d4:da:71:fa:2f:01:a0:02:b8:12:6e:5d: 6c:b3:7b:19:87:bd:a3:de:25:8c:15:6f:16:3a:e2: 75:63:d4:34:d1:7d:d5:95:aa:ec:51:34:05:51:6d: 6f:b2:73:d5:57:15:ec:e7:85:1e:8e:da:70:63:c9: 4d:bc:e5:2d:7e:8b:57:f9:a0:4b:e4:59:17:42:d9: a9:97:98:72:dd:80:c1:bb:e6:65:9c:b0:b2:53:0e: ff:a8:49:de:c9:ec:c2:f9:81:e4:03:81:35:b3:b0: 9a:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:4E:30:C5:E9:C7:6E:99:5B:00:43:F2:02:8D:7B:6B:A4:AD:A8:6B X509v3 Authority Key Identifier: keyid:DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/Qk4wxenHbplbAEPyAo17a6StqGs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:5280:4400::/38 Signature Algorithm: sha256WithRSAEncryption 59:bd:8f:90:33:94:57:8e:1e:e5:f7:8b:ab:6f:f8:48:74:04: 58:f9:93:e8:e1:49:5c:68:34:68:8e:f4:e6:ef:ce:1f:89:9b: 3d:6f:42:b8:23:38:66:03:41:ea:06:ff:2d:9f:91:7c:6f:34: 95:25:5f:f7:13:5b:85:bd:1f:18:21:ec:b3:a6:84:7a:2d:48: fa:81:4d:cb:d5:af:6f:5a:d3:63:5a:a8:32:88:c5:84:5e:7d: aa:32:3b:c2:bf:14:f6:d9:46:3c:89:ac:5f:91:1c:65:c4:5c: 65:64:1b:82:21:82:b6:02:8d:02:ed:ef:b9:b8:92:97:03:e3: b2:9f:4e:f2:40:c9:7c:0b:ed:2e:5b:32:28:10:c5:1f:27:87: 65:ac:9e:02:98:22:be:83:c8:54:f9:09:53:31:fa:ce:90:e7: 0a:ce:d7:38:d0:fa:75:04:3f:d2:67:a2:8d:5c:d4:7a:37:38: bb:cc:dc:c3:48:3f:0e:ed:a5:32:95:35:a3:ad:cc:bb:5a:87: 21:7e:e3:99:70:36:f4:91:44:ae:d8:0a:11:06:dd:ff:4b:86: ef:28:57:fa:70:ad:cc:8d:ac:40:0c:ba:24:3e:5a:a7:37:da: 70:5b:d0:d4:c1:1a:1e:17:6e:c6:49:a3:51:a0:54:2c:da:a2: fd:bf:41:18 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEW4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREE5 OTNGRTVDMDRGRjlGMjJDNTI2MjYzMEJFQzM3RjVCM0E3ODI4NTAeFw0yNDExMTUw OTEzMThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQyNEUzMEM1RTlDNzZF OTk1QjAwNDNGMjAyOEQ3QjZCQTRBREE4NkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCi0zDvvfin0ECynUyBTtkvLXsWuf0mQXCrYc0PSpaEA4fqgUDt Gyr17AuS5HY5wHAdzdZ8U9rVaJUqUvzq3fP1zG6Nen+SKYPZQPTBgswftF0A/7lz Fd803oO2nrrvjG25mv5Ng5x5ZPXb5y1omYhQR3twUTZOSXEVj+3zl+swSgaFE33w nGpczeMVoAOsRrMp2ud9Q5qq1dTacfovAaACuBJuXWyzexmHvaPeJYwVbxY64nVj 1DTRfdWVquxRNAVRbW+yc9VXFeznhR6O2nBjyU285S1+i1f5oEvkWRdC2amXmHLd gMG75mWcsLJTDv+oSd7J7ML5geQDgTWzsJpNAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUQk4wxenHbplbAEPyAo17a6StqGswHwYDVR0jBBgwFoAU2pk/5cBP+fIsUmJj C+w39bOngoUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0 LzJwa181Y0JQLWZJc1VtSmpDLXczOWJPbmdvVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMnBrXzVjQlAtZklzVW1KakMtdzM5Yk9uZ29VLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0L1FrNHd4ZW5IYnBsYkFF UHlBbzE3YTZTdHFHcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgD BgIkAFKARDANBgkqhkiG9w0BAQsFAAOCAQEAWb2PkDOUV44e5feLq2/4SHQEWPmT 6OFJXGg0aI705u/OH4mbPW9CuCM4ZgNB6gb/LZ+RfG80lSVf9xNbhb0fGCHss6aE ei1I+oFNy9Wvb1rTY1qoMojFhF59qjI7wr8U9tlGPImsX5EcZcRcZWQbgiGCtgKN Au3vubiSlwPjsp9O8kDJfAvtLlsyKBDFHyeHZayeApgivoPIVPkJUzH6zpDnCs7X OND6dQQ/0meijVzUejc4u8zcw0g/Du2lMpU1o63Mu1qHIX7jmXA29JFErtgKEQbd /0uG7yhX+nCtzI2sQAy6JD5apzfacFvQ1MEaHhduxkmjUaBULNqi/b9BGA== -----END CERTIFICATE-----Generated at Fri Nov 22 06:38:13 2024 by rpki-client on console-ams.rpki-client.org