$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/654/s_2Y_yMkepo3c3mKpue0BpcLOEI.roa File: s_2Y_yMkepo3c3mKpue0BpcLOEI.roa (raw, json) Hash identifier: CCdEmfYF1+caZyf7dDJqMzhEvKYXNEI1lkVqcwoxt4U= Subject key identifier: B3:FD:98:FF:23:24:7A:9A:37:73:79:8A:A6:E7:B4:06:97:0B:38:42 Certificate issuer: /CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Certificate serial: 1170 Authority key identifier: DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/s_2Y_yMkepo3c3mKpue0BpcLOEI.roa Signing time: Fri 15 Nov 2024 09:13:18 +0000 ROA not before: Fri 15 Nov 2024 09:13:18 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 63199 IP address blocks: 2400:5280:4000::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4464 (0x1170) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Validity Not Before: Nov 15 09:13:18 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=B3FD98FF23247A9A3773798AA6E7B406970B3842 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:9d:eb:2b:b3:50:53:74:76:f7:ea:b9:71:00: f7:c4:09:67:45:92:f8:ec:0c:b9:23:b9:55:2a:d6: bb:de:39:dd:17:12:71:01:aa:14:e1:36:e4:3e:ba: b7:8e:b5:6f:85:5d:12:5a:96:d3:8b:62:e1:6e:38: e1:69:5e:da:17:8e:81:dd:08:4e:67:5f:0d:9a:53: 78:af:72:20:45:59:65:ef:a4:a5:ee:2a:42:e2:d1: 4f:3e:24:7a:3b:e6:bb:6b:42:7b:9a:fd:4d:24:52: af:c4:c3:d2:b1:d4:93:c5:09:90:2d:7e:4c:d2:99: 8d:cb:4c:bf:46:8d:e5:5c:c6:7c:2f:10:57:9a:f9: 6e:29:ef:aa:14:50:25:4a:7f:a9:a2:4f:dd:d1:c8: a6:7a:3a:dd:99:59:46:a4:42:ca:ff:8a:77:ae:12: ad:62:18:af:0c:ea:6b:e1:63:80:b8:07:6b:57:94: d5:7a:65:67:b5:a9:dd:51:72:15:5f:a3:d5:09:f8: 70:62:f7:ef:c6:a3:78:2b:f5:5c:e5:da:22:a8:3d: 72:6a:c9:0d:d8:de:d8:5f:b0:88:12:10:77:af:7f: e7:29:78:90:cb:73:f3:a2:ba:a9:de:1e:80:29:6b: 2f:10:ae:18:b6:10:c8:f3:ad:30:6b:80:68:43:69: d9:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:FD:98:FF:23:24:7A:9A:37:73:79:8A:A6:E7:B4:06:97:0B:38:42 X509v3 Authority Key Identifier: keyid:DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/s_2Y_yMkepo3c3mKpue0BpcLOEI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:5280:4000::/38 Signature Algorithm: sha256WithRSAEncryption b9:8d:c3:70:47:c0:75:6e:69:29:26:dc:3c:e3:ce:ed:38:2a: b5:00:12:07:13:30:5c:52:d6:3d:a1:ff:2c:1c:99:93:29:fd: 92:b0:09:b2:bf:9a:75:ed:aa:ce:85:1e:ec:eb:63:5b:a5:8c: d3:29:68:79:69:04:bb:4c:78:d8:94:b6:38:41:a4:66:e4:ca: d7:ca:f8:87:09:82:a5:41:62:9f:16:44:84:15:ae:71:f6:d4: c4:a8:f7:7f:9e:05:0e:5a:6a:24:12:c4:25:1a:da:be:e0:9a: 99:2d:a9:48:08:01:fa:6a:9d:c7:12:d1:d1:3d:da:58:4e:cf: 3e:d8:c7:4f:99:ba:ee:4b:47:cd:56:94:09:37:ab:32:bc:1d: f0:d7:19:ab:0d:73:09:4b:11:97:60:73:94:a4:f6:57:e9:e2: fe:63:c8:ec:45:fa:34:c3:5d:5d:b2:cc:19:cb:56:51:82:3a: df:8e:e5:95:15:03:07:7e:f4:5b:92:66:ec:58:9f:61:36:9a: f0:7e:47:8d:e3:0c:ca:68:0c:58:7f:b8:4d:a1:be:0f:19:9b: c1:83:00:1b:d8:82:8f:a1:f5:35:9b:ec:c9:e1:4e:95:28:4d: df:1d:77:a5:fe:d1:91:39:ae:e1:7a:5c:9e:21:d2:7e:7a:ea: 40:34:7d:b1 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEXAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREE5 OTNGRTVDMDRGRjlGMjJDNTI2MjYzMEJFQzM3RjVCM0E3ODI4NTAeFw0yNDExMTUw OTEzMThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEIzRkQ5OEZGMjMyNDdB OUEzNzczNzk4QUE2RTdCNDA2OTcwQjM4NDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCznesrs1BTdHb36rlxAPfECWdFkvjsDLkjuVUq1rveOd0XEnEB qhThNuQ+ureOtW+FXRJaltOLYuFuOOFpXtoXjoHdCE5nXw2aU3ivciBFWWXvpKXu KkLi0U8+JHo75rtrQnua/U0kUq/Ew9Kx1JPFCZAtfkzSmY3LTL9GjeVcxnwvEFea +W4p76oUUCVKf6miT93RyKZ6Ot2ZWUakQsr/ineuEq1iGK8M6mvhY4C4B2tXlNV6 ZWe1qd1RchVfo9UJ+HBi9+/Go3gr9Vzl2iKoPXJqyQ3Y3thfsIgSEHevf+cpeJDL c/OiuqneHoApay8Qrhi2EMjzrTBrgGhDadnDAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUs/2Y/yMkepo3c3mKpue0BpcLOEIwHwYDVR0jBBgwFoAU2pk/5cBP+fIsUmJj C+w39bOngoUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0 LzJwa181Y0JQLWZJc1VtSmpDLXczOWJPbmdvVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMnBrXzVjQlAtZklzVW1KakMtdzM5Yk9uZ29VLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0L3NfMllfeU1rZXBvM2Mz bUtwdWUwQnBjTE9FSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgD BgIkAFKAQDANBgkqhkiG9w0BAQsFAAOCAQEAuY3DcEfAdW5pKSbcPOPO7TgqtQAS BxMwXFLWPaH/LByZkyn9krAJsr+ade2qzoUe7OtjW6WM0yloeWkEu0x42JS2OEGk ZuTK18r4hwmCpUFinxZEhBWucfbUxKj3f54FDlpqJBLEJRravuCamS2pSAgB+mqd xxLR0T3aWE7PPtjHT5m67ktHzVaUCTerMrwd8NcZqw1zCUsRl2BzlKT2V+ni/mPI 7EX6NMNdXbLMGctWUYI6347llRUDB370W5Jm7FifYTaa8H5HjeMMymgMWH+4TaG+ DxmbwYMAG9iCj6H1NZvsyeFOlShN3x13pf7RkTmu4XpcniHSfnrqQDR9sQ== -----END CERTIFICATE-----Generated at Fri Nov 22 06:38:13 2024 by rpki-client on console-ams.rpki-client.org