$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/OJvUhpYZfiX4pTaDZBGKE2K2LEM.roa File: OJvUhpYZfiX4pTaDZBGKE2K2LEM.roa (raw, json) Hash identifier: KZDZqIOR3Ahp91uOMUOp0x6UMHayorLhoAseE163U/w= Subject key identifier: 38:9B:D4:86:96:19:7E:25:F8:A5:36:83:64:11:8A:13:62:B6:2C:43 Certificate issuer: /CN=9A5C74AE3F8CD3B679AC56C473F450378591926B Certificate serial: 19DB Authority key identifier: 9A:5C:74:AE:3F:8C:D3:B6:79:AC:56:C4:73:F4:50:37:85:91:92:6B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/OJvUhpYZfiX4pTaDZBGKE2K2LEM.roa Signing time: Tue 03 Sep 2024 19:46:43 +0000 ROA not before: Tue 03 Sep 2024 19:46:43 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 9391 IP address blocks: 2402:ae00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mlx0rj-M07Z5rFbEc_RQN4WRkms.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mlx0rj-M07Z5rFbEc_RQN4WRkms.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 15:20:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6619 (0x19db) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9A5C74AE3F8CD3B679AC56C473F450378591926B Validity Not Before: Sep 3 19:46:43 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=389BD48696197E25F8A5368364118A1362B62C43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:8f:24:c4:38:d3:4a:53:de:cb:cb:7c:4d:5c: ac:c8:a8:e3:c9:98:05:d7:65:da:c8:9f:21:d9:6f: 0c:c1:27:d0:9e:d4:8b:34:61:7e:32:1a:cf:df:06: 48:f6:b6:ae:5f:82:f6:9e:2b:09:ac:ed:bb:f5:90: 6d:dd:e5:e1:13:d8:5f:8f:24:c7:fc:ed:30:81:ac: 21:64:e9:c9:cb:c3:f8:d6:03:04:a7:b2:97:20:17: 5c:5c:c8:e7:67:b7:24:1b:29:2e:e5:16:b2:bb:46: 00:95:b9:c3:9b:03:80:49:0d:de:23:e2:5c:58:18: f8:73:91:fe:5f:c4:9f:d4:2c:01:3a:d7:e1:b6:07: 21:10:a1:73:a2:a9:25:0c:23:ba:16:18:96:15:67: 12:0d:84:48:c5:a3:a3:a1:8f:82:4d:b4:05:e2:65: b0:68:2a:48:7a:6d:f2:22:c8:b1:71:26:3d:fa:f7: 49:ea:b6:cb:9f:d7:bf:eb:8d:e8:50:ea:14:d6:97: c1:e0:83:3e:09:3c:0d:91:ca:83:53:d7:03:12:81: ac:46:90:8a:c0:ea:52:16:67:b6:c4:a9:71:71:59: 6b:fc:ae:7e:a6:33:6e:96:55:70:21:81:64:2f:55: 0e:07:a8:98:e6:98:cd:26:d1:0a:50:b0:0f:c4:e5: f2:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:9B:D4:86:96:19:7E:25:F8:A5:36:83:64:11:8A:13:62:B6:2C:43 X509v3 Authority Key Identifier: keyid:9A:5C:74:AE:3F:8C:D3:B6:79:AC:56:C4:73:F4:50:37:85:91:92:6B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mlx0rj-M07Z5rFbEc_RQN4WRkms.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/OJvUhpYZfiX4pTaDZBGKE2K2LEM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:ae00::/32 Signature Algorithm: sha256WithRSAEncryption 82:67:c8:09:b9:c7:6f:2c:21:b5:3b:d6:eb:f7:ac:32:5a:ab: fb:f1:05:c5:c9:83:e0:fa:9a:d7:0a:f2:62:e5:5c:c7:1c:49: b4:1c:88:89:8f:b5:4d:e5:36:2a:df:cc:e2:61:3f:74:0b:ce: f6:eb:2b:99:6d:01:e5:f9:ac:93:2c:dd:46:31:53:fa:9d:21: cd:e1:03:3f:c3:6a:b2:0e:10:63:30:3a:8e:e1:8d:5d:ea:c6: f7:46:d5:f9:14:66:e1:c0:8d:e4:99:07:74:8d:1a:b6:0d:0e: 7f:cf:2c:94:e2:3a:e9:0c:b7:e3:17:50:63:82:72:5c:12:72: 35:c3:99:14:8b:ed:54:de:36:55:de:0c:de:36:69:69:5e:19: e9:47:db:f4:61:cd:18:77:10:1c:80:e3:fe:1f:04:74:fb:7e: 61:5d:9a:53:6c:e6:7a:cc:ce:29:cb:12:66:c0:c4:48:e1:a7: 97:19:e6:02:81:2a:33:01:63:9f:4d:ef:40:39:d6:1a:b3:e5: 5a:eb:93:4e:91:49:1a:5a:fc:47:16:0d:c0:9e:c3:3c:d7:53: 95:d1:8f:69:1c:97:11:f5:64:b7:09:c3:39:20:50:5f:29:d6: 69:35:77:e2:75:fa:b4:47:a7:39:b2:77:84:c0:73:a9:36:05: 7c:f9:53:8e -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICGdswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUE1 Qzc0QUUzRjhDRDNCNjc5QUM1NkM0NzNGNDUwMzc4NTkxOTI2QjAeFw0yNDA5MDMx OTQ2NDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM4OUJENDg2OTYxOTdF MjVGOEE1MzY4MzY0MTE4QTEzNjJCNjJDNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDxjyTEONNKU97Ly3xNXKzIqOPJmAXXZdrInyHZbwzBJ9Ce1Is0 YX4yGs/fBkj2tq5fgvaeKwms7bv1kG3d5eET2F+PJMf87TCBrCFk6cnLw/jWAwSn spcgF1xcyOdntyQbKS7lFrK7RgCVucObA4BJDd4j4lxYGPhzkf5fxJ/ULAE61+G2 ByEQoXOiqSUMI7oWGJYVZxINhEjFo6Ohj4JNtAXiZbBoKkh6bfIiyLFxJj3690nq tsuf17/rjehQ6hTWl8Hggz4JPA2RyoNT1wMSgaxGkIrA6lIWZ7bEqXFxWWv8rn6m M26WVXAhgWQvVQ4HqJjmmM0m0QpQsA/E5fLtAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUOJvUhpYZfiX4pTaDZBGKE2K2LEMwHwYDVR0jBBgwFoAUmlx0rj+M07Z5rFbE c/RQN4WRkmswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv bWx4MHJqLU0wN1o1ckZiRWNfUlFONFdSa21zLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9tbHgwcmotTTA3WjVyRmJFY19SUU40V1JrbXMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9PSnZVaHBZWmZpWDRwVGFE WkJHS0UySzJMRU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA JAKuADANBgkqhkiG9w0BAQsFAAOCAQEAgmfICbnHbywhtTvW6/esMlqr+/EFxcmD 4Pqa1wryYuVcxxxJtByIiY+1TeU2Kt/M4mE/dAvO9usrmW0B5fmskyzdRjFT+p0h zeEDP8Nqsg4QYzA6juGNXerG90bV+RRm4cCN5JkHdI0atg0Of88slOI66Qy34xdQ Y4JyXBJyNcOZFIvtVN42Vd4M3jZpaV4Z6Ufb9GHNGHcQHIDj/h8EdPt+YV2aU2zm eszOKcsSZsDESOGnlxnmAoEqMwFjn03vQDnWGrPlWuuTTpFJGlr8RxYNwJ7DPNdT ldGPaRyXEfVktwnDOSBQXynWaTV34nX6tEenObJ3hMBzqTYFfPlTjg== -----END CERTIFICATE-----Generated at Tue Nov 26 11:14:44 2024 by rpki-client on console-fra.rpki-client.org