$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/756/O8Jtqk75sb8cZDNmU4Vj687Z-qU.roa File: O8Jtqk75sb8cZDNmU4Vj687Z-qU.roa (raw, json) Hash identifier: o89JzW4RJco5dt7AJMSD4iemloqo5DbYs8WmvhiM1Oc= Subject key identifier: 3B:C2:6D:AA:4E:F9:B1:BF:1C:64:33:66:53:85:63:EB:CE:D9:FA:A5 Certificate issuer: /CN=591C5B03C97CE0FE3EC78E23C6856F792C20D404 Certificate serial: 105A Authority key identifier: 59:1C:5B:03:C9:7C:E0:FE:3E:C7:8E:23:C6:85:6F:79:2C:20:D4:04 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/O8Jtqk75sb8cZDNmU4Vj687Z-qU.roa Signing time: Sat 14 Sep 2024 07:30:37 +0000 ROA not before: Sat 14 Sep 2024 07:30:37 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 63719 IP address blocks: 2401:2780::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/WRxbA8l84P4-x44jxoVveSwg1AQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/WRxbA8l84P4-x44jxoVveSwg1AQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4186 (0x105a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=591C5B03C97CE0FE3EC78E23C6856F792C20D404 Validity Not Before: Sep 14 07:30:37 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=3BC26DAA4EF9B1BF1C643366538563EBCED9FAA5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:8b:0c:8c:a5:38:be:7a:b6:b8:68:9d:a6:34: ef:47:e4:f6:e6:8c:5b:ad:10:ef:e7:d3:60:8f:c0: c7:73:43:f4:80:8f:58:c0:10:b6:04:f9:1a:1b:42: 3f:b2:b9:18:4e:fe:09:0c:72:48:c5:79:18:2b:13: 2f:13:24:52:2b:2c:b1:bb:93:19:f9:55:ad:94:a6: d2:a3:85:1c:80:96:ad:ec:7a:b6:8a:ae:14:96:7b: 3a:ae:af:83:ca:df:1a:5b:0f:69:4e:50:90:8e:7d: af:30:e5:9b:04:85:21:21:32:92:53:1a:44:05:6e: ce:b3:1d:fb:e8:c7:2b:5e:88:77:24:14:1f:54:27: 9c:71:81:dc:7d:ee:6a:80:47:2a:58:4f:2c:2e:c3: 18:f5:d2:80:9b:88:db:2d:91:6f:b5:99:b5:3e:a4: d7:35:98:a4:c8:2d:47:20:ff:c2:e6:f1:da:80:d3: 01:87:08:0a:91:a3:41:08:7b:1d:f6:53:22:53:e8: f7:3d:33:67:14:e5:f5:d7:1f:62:8e:ae:d6:97:5e: 04:d0:70:78:b5:ba:40:d2:53:e7:da:b4:d9:f9:9e: 6a:72:44:7e:27:b2:36:15:55:ba:d0:8b:3f:9a:5d: 13:79:c6:a1:6b:ff:ea:81:17:f8:92:18:97:47:b1: 50:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:C2:6D:AA:4E:F9:B1:BF:1C:64:33:66:53:85:63:EB:CE:D9:FA:A5 X509v3 Authority Key Identifier: keyid:59:1C:5B:03:C9:7C:E0:FE:3E:C7:8E:23:C6:85:6F:79:2C:20:D4:04 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/WRxbA8l84P4-x44jxoVveSwg1AQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/O8Jtqk75sb8cZDNmU4Vj687Z-qU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:2780::/32 Signature Algorithm: sha256WithRSAEncryption 6f:38:a8:88:55:7e:bf:51:45:96:44:34:a3:6a:e7:cd:aa:23: 3e:a0:0d:ec:30:ee:72:6d:e4:c8:f6:ed:f0:a5:08:f9:3a:32: 5b:ce:d0:eb:0b:fc:65:ee:e4:93:ed:8d:6d:0e:7e:16:a2:fb: a9:54:2e:90:e0:d3:80:b6:62:47:72:2f:44:f9:7e:9c:2e:fe: ed:56:21:9f:ca:8c:7a:b2:e7:a1:77:eb:f5:21:1a:5e:e3:87: b6:90:40:96:38:f9:a5:2c:28:da:8d:86:0d:1f:f2:94:e5:bc: fd:d4:d4:75:3d:b7:fc:88:ee:63:47:3a:91:4a:a1:e6:a7:45: 5e:cf:b8:94:3f:8f:11:14:15:f3:d5:b4:67:7e:1b:d1:43:84: 50:6d:0f:af:21:c8:52:12:3e:26:c3:ca:53:82:47:39:f7:d6: fb:d5:7f:35:78:be:88:7e:1c:d6:8a:74:d0:23:32:07:1b:6c: 42:42:d7:38:e4:5b:2b:dc:06:d9:2f:0e:30:d8:c5:5e:06:03: 13:15:0b:8c:84:46:d8:f7:45:14:86:31:e4:d1:45:77:de:83: ab:98:ff:1c:40:53:4b:d8:62:b2:c3:9f:67:da:7e:df:f5:f4: 76:83:20:25:b0:87:a8:1f:f4:89:c4:cc:4a:b3:d6:8d:c5:4a: e3:88:6f:19 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEFowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTkx QzVCMDNDOTdDRTBGRTNFQzc4RTIzQzY4NTZGNzkyQzIwRDQwNDAeFw0yNDA5MTQw NzMwMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNCQzI2REFBNEVGOUIx QkYxQzY0MzM2NjUzODU2M0VCQ0VEOUZBQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7iwyMpTi+era4aJ2mNO9H5PbmjFutEO/n02CPwMdzQ/SAj1jA ELYE+RobQj+yuRhO/gkMckjFeRgrEy8TJFIrLLG7kxn5Va2UptKjhRyAlq3seraK rhSWezqur4PK3xpbD2lOUJCOfa8w5ZsEhSEhMpJTGkQFbs6zHfvoxyteiHckFB9U J5xxgdx97mqARypYTywuwxj10oCbiNstkW+1mbU+pNc1mKTILUcg/8Lm8dqA0wGH CAqRo0EIex32UyJT6Pc9M2cU5fXXH2KOrtaXXgTQcHi1ukDSU+fatNn5nmpyRH4n sjYVVbrQiz+aXRN5xqFr/+qBF/iSGJdHsVAXAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUO8Jtqk75sb8cZDNmU4Vj687Z+qUwHwYDVR0jBBgwFoAUWRxbA8l84P4+x44j xoVveSwg1AQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzU2 L1dSeGJBOGw4NFA0LXg0NGp4b1Z2ZVN3ZzFBUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV1J4YkE4bDg0UDQteDQ0anhvVnZlU3dnMUFRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzU2L084SnRxazc1c2I4Y1pE Tm1VNFZqNjg3Wi1xVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD BQAkASeAMA0GCSqGSIb3DQEBCwUAA4IBAQBvOKiIVX6/UUWWRDSjaufNqiM+oA3s MO5ybeTI9u3wpQj5OjJbztDrC/xl7uST7Y1tDn4WovupVC6Q4NOAtmJHci9E+X6c Lv7tViGfyox6suehd+v1IRpe44e2kECWOPmlLCjajYYNH/KU5bz91NR1Pbf8iO5j RzqRSqHmp0Vez7iUP48RFBXz1bRnfhvRQ4RQbQ+vIchSEj4mw8pTgkc599b71X81 eL6IfhzWinTQIzIHG2xCQtc45Fsr3AbZLw4w2MVeBgMTFQuMhEbY90UUhjHk0UV3 3oOrmP8cQFNL2GKyw59n2n7f9fR2gyAlsIeoH/SJxMxKs9aNxUrjiG8Z -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:14 2024 by rpki-client on console-fra.rpki-client.org