$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/767/2ULSEoLp8a96LQmAA7rmnL8hYtA.roa File: 2ULSEoLp8a96LQmAA7rmnL8hYtA.roa (raw, json) Hash identifier: 15ASpOMClfjZIzHR5T/oeV+I4b5dDp0wOAdcDdu+JKM= Subject key identifier: D9:42:D2:12:82:E9:F1:AF:7A:2D:09:80:03:BA:E6:9C:BF:21:62:D0 Certificate issuer: /CN=CC8CF726F2323299108744D6930BEF18D677445D Certificate serial: 128E Authority key identifier: CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/2ULSEoLp8a96LQmAA7rmnL8hYtA.roa Signing time: Tue 23 Jul 2024 05:18:49 +0000 ROA not before: Tue 23 Jul 2024 05:18:49 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 18464 IP address blocks: 2403:3d80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4750 (0x128e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CC8CF726F2323299108744D6930BEF18D677445D Validity Not Before: Jul 23 05:18:49 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=D942D21282E9F1AF7A2D098003BAE69CBF2162D0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f6:54:4e:b5:d3:8a:91:8d:eb:be:24:04:1d: 4d:68:06:0d:f3:3a:b6:5e:9c:c0:64:9e:c4:1d:8a: 10:36:a5:81:fd:e3:2b:62:28:2a:ad:5c:1b:03:46: 64:28:19:2d:a9:72:7f:24:d0:40:c9:96:eb:ae:66: 1e:02:ee:31:f2:99:23:82:50:dd:06:40:1c:ab:45: cd:28:a0:ea:50:72:1b:2d:5b:08:57:9a:f7:3e:48: b6:0d:81:55:c7:dd:13:d1:3f:5c:58:6d:11:96:b1: f2:a8:1b:d1:83:0e:21:c2:be:86:bd:38:0f:c1:51: 55:3c:25:c8:bd:af:ce:ea:e0:a8:ef:8d:82:21:e8: 26:66:f9:9f:7c:76:29:b7:cb:27:86:0f:8b:86:51: d5:fc:98:b5:f7:9e:2c:a9:c8:7d:eb:81:a3:b4:f2: 13:39:a3:3c:26:59:1d:50:46:96:49:5e:14:f1:b6: 24:40:64:54:57:1d:9a:05:57:0d:77:80:c5:f8:df: 8b:e2:5f:67:94:e8:3c:d5:e6:9e:f0:2e:44:fe:8e: 55:3f:be:52:f9:4e:58:e5:38:60:72:82:e0:0a:0e: 23:f6:ea:97:08:3b:4a:61:db:d3:d3:5e:07:dc:7b: 49:f3:b4:26:9a:f7:7a:97:cc:ac:8d:96:ec:36:15: 48:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:42:D2:12:82:E9:F1:AF:7A:2D:09:80:03:BA:E6:9C:BF:21:62:D0 X509v3 Authority Key Identifier: keyid:CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/2ULSEoLp8a96LQmAA7rmnL8hYtA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:3d80::/32 Signature Algorithm: sha256WithRSAEncryption 6d:38:72:95:ab:49:db:57:cf:e6:2a:31:d1:4d:4a:c6:40:99: 2c:5f:11:a8:e1:8e:0b:ca:76:81:96:6f:24:3e:f8:d4:30:1c: ca:7e:da:d2:31:f7:b1:c7:02:18:4d:2b:e0:ff:82:7d:47:7b: 05:d1:dd:64:c3:aa:eb:2c:44:80:ef:55:eb:49:1b:ec:24:8b: 3f:53:90:4f:b8:50:73:11:a6:93:5c:03:d2:97:fc:fd:9d:f7: df:e1:c7:02:b7:39:2d:c2:26:b7:08:5a:1d:5a:88:3e:18:df: 4b:84:60:6e:2d:75:02:ce:0a:2c:d2:d4:25:f0:38:7b:63:b3: 52:09:45:05:ea:0f:b4:a7:ec:49:2b:68:07:49:08:5a:5e:c7: 35:41:5f:73:61:86:f1:86:4d:ba:a3:04:d6:4f:ea:cf:21:d4: aa:0a:5b:50:bd:ad:2f:25:35:dc:51:06:f3:8b:ed:9d:b3:ab: a4:69:af:6c:f7:7c:c8:10:5e:44:b9:7d:68:3e:94:59:39:cf: e4:48:df:96:27:8c:a5:71:7b:b6:f7:5d:82:62:cf:34:a4:54: af:f2:4d:7c:ee:c3:ee:7c:4e:83:01:66:7d:70:12:65:71:c5: 74:9f:7a:54:9f:9a:8a:e3:34:c1:84:c9:10:9d:f1:16:bc:8a: 08:45:34:9c -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEo4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0M4 Q0Y3MjZGMjMyMzI5OTEwODc0NEQ2OTMwQkVGMThENjc3NDQ1RDAeFw0yNDA3MjMw NTE4NDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ5NDJEMjEyODJFOUYx QUY3QTJEMDk4MDAzQkFFNjlDQkYyMTYyRDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCo9lROtdOKkY3rviQEHU1oBg3zOrZenMBknsQdihA2pYH94yti KCqtXBsDRmQoGS2pcn8k0EDJluuuZh4C7jHymSOCUN0GQByrRc0ooOpQchstWwhX mvc+SLYNgVXH3RPRP1xYbRGWsfKoG9GDDiHCvoa9OA/BUVU8Jci9r87q4KjvjYIh 6CZm+Z98dim3yyeGD4uGUdX8mLX3niypyH3rgaO08hM5ozwmWR1QRpZJXhTxtiRA ZFRXHZoFVw13gMX434viX2eU6DzV5p7wLkT+jlU/vlL5TljlOGByguAKDiP26pcI O0ph29PTXgfce0nztCaa93qXzKyNluw2FUhVAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQU2ULSEoLp8a96LQmAA7rmnL8hYtAwHwYDVR0jBBgwFoAUzIz3JvIyMpkQh0TW kwvvGNZ3RF0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3 L3pJejNKdkl5TXBrUWgwVFdrd3Z2R05aM1JGMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvekl6M0p2SXlNcGtRaDBUV2t3dnZHTlozUkYwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3LzJVTFNFb0xwOGE5NkxR bUFBN3Jtbkw4aFl0QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD BQAkAz2AMA0GCSqGSIb3DQEBCwUAA4IBAQBtOHKVq0nbV8/mKjHRTUrGQJksXxGo 4Y4LynaBlm8kPvjUMBzKftrSMfexxwIYTSvg/4J9R3sF0d1kw6rrLESA71XrSRvs JIs/U5BPuFBzEaaTXAPSl/z9nfff4ccCtzktwia3CFodWog+GN9LhGBuLXUCzgos 0tQl8Dh7Y7NSCUUF6g+0p+xJK2gHSQhaXsc1QV9zYYbxhk26owTWT+rPIdSqCltQ va0vJTXcUQbzi+2ds6ukaa9s93zIEF5EuX1oPpRZOc/kSN+WJ4ylcXu2912CYs80 pFSv8k187sPufE6DAWZ9cBJlccV0n3pUn5qK4zTBhMkQnfEWvIoIRTSc -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:43 2024 by rpki-client on console-fra.rpki-client.org