$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/654/jW98C7HTYm_wXjqS5OtJTAjhJTY.roa File: jW98C7HTYm_wXjqS5OtJTAjhJTY.roa (raw, json) Hash identifier: G5J6kc8fmz2XUL1SW2rQqA/EVmUIlUSPvlgZKJ3/e3E= Subject key identifier: 8D:6F:7C:0B:B1:D3:62:6F:F0:5E:3A:92:E4:EB:49:4C:08:E1:25:36 Certificate issuer: /CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Certificate serial: 116D Authority key identifier: DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/jW98C7HTYm_wXjqS5OtJTAjhJTY.roa Signing time: Fri 15 Nov 2024 09:13:17 +0000 ROA not before: Fri 15 Nov 2024 09:13:17 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 63199 IP address blocks: 2400:5280:2000::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4461 (0x116d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Validity Not Before: Nov 15 09:13:17 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=8D6F7C0BB1D3626FF05E3A92E4EB494C08E12536 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:f9:29:1d:32:d8:83:10:55:48:4b:89:da:7b: 6e:2c:d1:88:8b:c1:03:e9:21:7c:54:0d:59:05:11: 83:2e:b1:03:e9:b3:77:02:d6:97:c7:07:f4:4c:fb: 6f:82:c7:72:30:00:ef:28:01:be:2b:5f:32:11:40: 53:61:29:68:df:13:dd:2a:97:e5:3b:8f:95:c3:7b: dd:a1:ff:38:b0:e0:fb:1f:75:8c:26:bf:1c:a6:a8: 76:62:a5:7e:51:5a:3c:5a:76:6d:5d:b9:13:e8:24: 8d:22:de:9a:c0:18:07:8f:b8:c1:6b:8a:98:30:73: 4b:4d:41:3d:23:f5:7a:d5:13:ce:2c:72:3d:d3:22: c3:96:ea:e3:77:40:46:45:9e:dc:bd:88:ee:d2:93: a4:b5:97:67:16:09:8c:81:75:0c:68:98:73:53:63: 9e:1d:f8:03:29:a5:b8:cd:1c:ca:6e:55:dd:df:1d: 89:76:81:de:e3:ef:d8:3e:58:fb:4e:3b:a1:6a:6d: 5b:e4:6e:2e:f1:6f:8e:2a:0f:2b:98:15:50:e2:c2: 61:f0:d8:e5:b1:8a:37:dc:62:31:7b:ca:a1:8b:72: a4:b6:e3:34:4c:0d:a2:5e:19:58:1f:33:16:4d:42: 5b:28:6c:a7:a5:11:f5:79:96:6b:e0:cd:bf:b5:6c: 4c:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:6F:7C:0B:B1:D3:62:6F:F0:5E:3A:92:E4:EB:49:4C:08:E1:25:36 X509v3 Authority Key Identifier: keyid:DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/jW98C7HTYm_wXjqS5OtJTAjhJTY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:5280:2000::/38 Signature Algorithm: sha256WithRSAEncryption 8e:dd:e4:29:85:2c:74:07:4a:e6:5e:5f:1e:96:25:72:0e:21: 0b:99:df:b5:00:bd:fa:89:1b:a6:65:2f:66:35:67:8b:57:e4: 82:47:dc:ba:29:af:39:ff:24:3e:89:f6:26:20:84:6b:6a:5a: 1e:23:ee:d6:8b:a7:51:3e:a6:12:fb:78:b6:ee:85:0d:4a:9f: b8:70:b3:0e:51:93:5f:df:87:03:c3:da:fd:66:94:c0:0a:e6: 78:d0:fb:1d:a4:a8:ed:c4:db:65:9f:de:62:24:55:a8:5a:6c: b7:77:a6:b0:85:f6:a6:fd:eb:fe:18:5a:e9:a9:e8:65:ca:6e: e2:9e:63:1e:16:a3:f7:86:bf:a0:d6:2a:1b:9d:22:8d:4c:9a: 16:c6:61:3a:3b:87:54:9a:10:68:6b:aa:89:b1:9e:c9:4c:18: f7:7d:77:1d:e4:0c:54:bc:1c:a7:d5:d5:66:72:10:4d:0b:e9: dd:f1:86:15:5e:73:21:e1:f4:1e:34:f7:43:ff:57:87:29:d0: c4:53:c2:e0:8f:0f:7f:81:dc:e8:17:34:4e:ff:69:c6:00:03: 5e:d7:fa:e8:3a:83:8f:7b:60:6f:4f:bf:bb:33:bb:8c:f8:03: 7c:a6:b8:a9:ce:dd:75:f3:5f:0c:de:58:b4:4c:7c:bc:5e:2e: 58:a1:f7:6e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEW0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREE5 OTNGRTVDMDRGRjlGMjJDNTI2MjYzMEJFQzM3RjVCM0E3ODI4NTAeFw0yNDExMTUw OTEzMTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDhENkY3QzBCQjFEMzYy NkZGMDVFM0E5MkU0RUI0OTRDMDhFMTI1MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDb+SkdMtiDEFVIS4nae24s0YiLwQPpIXxUDVkFEYMusQPps3cC 1pfHB/RM+2+Cx3IwAO8oAb4rXzIRQFNhKWjfE90ql+U7j5XDe92h/ziw4PsfdYwm vxymqHZipX5RWjxadm1duRPoJI0i3prAGAePuMFripgwc0tNQT0j9XrVE84scj3T IsOW6uN3QEZFnty9iO7Sk6S1l2cWCYyBdQxomHNTY54d+AMppbjNHMpuVd3fHYl2 gd7j79g+WPtOO6FqbVvkbi7xb44qDyuYFVDiwmHw2OWxijfcYjF7yqGLcqS24zRM DaJeGVgfMxZNQlsobKelEfV5lmvgzb+1bEy1AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUjW98C7HTYm/wXjqS5OtJTAjhJTYwHwYDVR0jBBgwFoAU2pk/5cBP+fIsUmJj C+w39bOngoUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0 LzJwa181Y0JQLWZJc1VtSmpDLXczOWJPbmdvVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMnBrXzVjQlAtZklzVW1KakMtdzM5Yk9uZ29VLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0L2pXOThDN0hUWW1fd1hq cVM1T3RKVEFqaEpUWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgD BgIkAFKAIDANBgkqhkiG9w0BAQsFAAOCAQEAjt3kKYUsdAdK5l5fHpYlcg4hC5nf tQC9+okbpmUvZjVni1fkgkfcuimvOf8kPon2JiCEa2paHiPu1ounUT6mEvt4tu6F DUqfuHCzDlGTX9+HA8Pa/WaUwArmeND7HaSo7cTbZZ/eYiRVqFpst3emsIX2pv3r /hha6anoZcpu4p5jHhaj94a/oNYqG50ijUyaFsZhOjuHVJoQaGuqibGeyUwY9313 HeQMVLwcp9XVZnIQTQvp3fGGFV5zIeH0HjT3Q/9XhynQxFPC4I8Pf4Hc6Bc0Tv9p xgADXtf66DqDj3tgb0+/uzO7jPgDfKa4qc7ddfNfDN5YtEx8vF4uWKH3bg== -----END CERTIFICATE-----Generated at Fri Nov 22 07:02:36 2024 by rpki-client on console-fra.rpki-client.org