$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/767/9jGT2d7EzAXpdAngni132uGATjU.roa File: 9jGT2d7EzAXpdAngni132uGATjU.roa (raw, json) Hash identifier: pt81msDdgZE+XkdqAvFtIlTwtRSIAN/Ljhrd6mp3VEQ= Subject key identifier: F6:31:93:D9:DE:C4:CC:05:E9:74:09:E0:9E:2D:77:DA:E1:80:4E:35 Certificate issuer: /CN=CC8CF726F2323299108744D6930BEF18D677445D Certificate serial: 0BEB Authority key identifier: CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/9jGT2d7EzAXpdAngni132uGATjU.roa Signing time: Mon 14 Aug 2023 04:34:26 +0000 ROA not before: Mon 14 Aug 2023 04:34:26 +0000 ROA not after: Fri 07 Jun 2024 02:16:11 +0000 asID: 48024 IP address blocks: 2403:3d80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 23:24:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3051 (0xbeb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CC8CF726F2323299108744D6930BEF18D677445D Validity Not Before: Aug 14 04:34:26 2023 GMT Not After : Jun 7 02:16:11 2024 GMT Subject: CN=F63193D9DEC4CC05E97409E09E2D77DAE1804E35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:90:55:f2:53:88:66:62:35:ba:3e:4b:fa:11: 74:25:b8:81:d9:44:bf:18:26:ac:4d:e8:39:90:af: cd:a7:8c:d0:35:dd:8d:7a:8a:b9:10:bd:66:8d:a0: 6d:ab:ca:f1:ba:4d:02:44:73:a0:1e:89:0b:3b:f7: ce:9b:72:88:7e:12:c6:61:59:dc:98:db:c6:e0:f4: 7f:08:11:78:fb:fe:98:b8:0d:9e:81:be:72:fb:c7: 50:49:30:22:d6:21:90:6f:37:7c:ec:ac:62:0f:f8: 17:a8:e8:c7:32:83:e5:51:bd:41:7f:f8:c7:c2:cf: 1b:7d:2b:0b:f3:6c:f1:33:41:12:b4:02:7e:51:cf: c5:1e:ea:2f:55:d0:45:c8:a0:46:f0:25:d5:34:41: f9:8e:39:15:63:85:f5:28:6f:7a:e4:2b:b3:f1:95: 76:3a:a4:66:ea:f0:0f:ba:26:2d:82:5a:42:b9:ce: 3e:77:9b:5c:30:19:c4:23:cf:00:11:91:be:0e:28: 77:45:38:76:15:ed:5b:06:e3:23:28:d7:41:fd:0c: 30:01:1f:ef:d4:59:5e:50:a6:3d:13:5c:93:9a:59: 71:e6:cf:38:6a:ed:b3:eb:f1:96:ed:43:48:7f:be: 19:8f:f8:e4:4f:07:6d:91:75:23:bd:af:c3:e9:75: 63:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:31:93:D9:DE:C4:CC:05:E9:74:09:E0:9E:2D:77:DA:E1:80:4E:35 X509v3 Authority Key Identifier: keyid:CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/9jGT2d7EzAXpdAngni132uGATjU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:3d80::/32 Signature Algorithm: sha256WithRSAEncryption 65:73:c3:3b:dd:a5:d1:08:10:15:66:84:b7:9b:e4:94:09:50: 99:dd:9c:56:5d:1c:1b:11:bf:fc:91:e3:0d:db:c8:20:96:ff: 8f:33:be:a0:c1:0e:06:35:32:02:f1:4e:27:42:e4:34:24:0b: 32:09:36:0a:b5:7b:d1:67:bc:8a:ce:b4:ad:9a:0a:03:7f:58: 80:8f:d3:19:b8:c5:14:53:bf:02:fd:2d:29:a6:a7:b4:b8:a9: 40:a5:bc:d1:fb:5c:5d:02:72:f5:8a:5a:41:95:fa:82:0f:13: 8e:2e:7d:78:7a:ba:0b:69:9e:31:81:32:90:11:62:3d:35:af: ab:cb:cc:b3:c1:01:d5:9e:f3:a9:4c:f1:48:e2:a0:af:f1:82: 68:84:45:be:6e:2b:cb:cd:da:f5:52:52:c6:67:67:a1:21:eb: b9:19:f1:fd:6a:da:6c:a2:28:1c:69:15:19:9e:ad:d1:61:8e: 17:9f:f3:02:a6:9b:2f:6e:90:eb:c8:d6:b5:a0:38:0f:b5:2a: a4:bd:96:49:78:7f:bb:f2:e5:e2:43:d7:2e:25:49:24:50:c8: c6:18:ac:e0:57:2b:ae:c3:3b:09:c4:6a:08:04:3d:7d:e4:10: 20:b4:71:29:9a:d5:31:64:cb:c6:be:64:40:0c:60:69:e5:1b: 53:b4:aa:f9 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICC+swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0M4 Q0Y3MjZGMjMyMzI5OTEwODc0NEQ2OTMwQkVGMThENjc3NDQ1RDAeFw0yMzA4MTQw NDM0MjZaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKEY2MzE5M0Q5REVDNEND MDVFOTc0MDlFMDlFMkQ3N0RBRTE4MDRFMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrkFXyU4hmYjW6Pkv6EXQluIHZRL8YJqxN6DmQr82njNA13Y16 irkQvWaNoG2ryvG6TQJEc6AeiQs7986bcoh+EsZhWdyY28bg9H8IEXj7/pi4DZ6B vnL7x1BJMCLWIZBvN3zsrGIP+Beo6Mcyg+VRvUF/+MfCzxt9KwvzbPEzQRK0An5R z8Ue6i9V0EXIoEbwJdU0QfmOORVjhfUob3rkK7PxlXY6pGbq8A+6Ji2CWkK5zj53 m1wwGcQjzwARkb4OKHdFOHYV7VsG4yMo10H9DDABH+/UWV5Qpj0TXJOaWXHmzzhq 7bPr8ZbtQ0h/vhmP+ORPB22RdSO9r8PpdWNvAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQU9jGT2d7EzAXpdAngni132uGATjUwHwYDVR0jBBgwFoAUzIz3JvIyMpkQh0TW kwvvGNZ3RF0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3 L3pJejNKdkl5TXBrUWgwVFdrd3Z2R05aM1JGMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvekl6M0p2SXlNcGtRaDBUV2t3dnZHTlozUkYwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3LzlqR1QyZDdFekFYcGRB bmduaTEzMnVHQVRqVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD BQAkAz2AMA0GCSqGSIb3DQEBCwUAA4IBAQBlc8M73aXRCBAVZoS3m+SUCVCZ3ZxW XRwbEb/8keMN28gglv+PM76gwQ4GNTIC8U4nQuQ0JAsyCTYKtXvRZ7yKzrStmgoD f1iAj9MZuMUUU78C/S0ppqe0uKlApbzR+1xdAnL1ilpBlfqCDxOOLn14eroLaZ4x gTKQEWI9Na+ry8yzwQHVnvOpTPFI4qCv8YJohEW+bivLzdr1UlLGZ2ehIeu5GfH9 atpsoigcaRUZnq3RYY4Xn/MCppsvbpDryNa1oDgPtSqkvZZJeH+78uXiQ9cuJUkk UMjGGKzgVyuuwzsJxGoIBD195BAgtHEpmtUxZMvGvmRADGBp5RtTtKr5 -----END CERTIFICATE-----Generated at Mon May 6 22:50:55 2024 by rpki-client on console-ams.rpki-client.org