$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/IfCOZ9JdW2uzSt64Qiykk8CtwfA.roa File: IfCOZ9JdW2uzSt64Qiykk8CtwfA.roa (raw, json) Hash identifier: 1o3jTGd6o/QJYKZ7aFuI+GrKdTVtAKWJSz70apIWZtY= Subject key identifier: 21:F0:8E:67:D2:5D:5B:6B:B3:4A:DE:B8:42:2C:A4:93:C0:AD:C1:F0 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 16FA Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/IfCOZ9JdW2uzSt64Qiykk8CtwfA.roa Signing time: Wed 13 Mar 2024 01:21:50 +0000 ROA not before: Wed 13 Mar 2024 01:21:50 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 4811 IP address blocks: 2401:3480:2000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5882 (0x16fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Mar 13 01:21:50 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=21F08E67D25D5B6BB34ADEB8422CA493C0ADC1F0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:4f:bb:0d:be:93:09:22:1f:f2:cc:70:bb:15: ce:82:94:8e:68:7f:ae:86:b5:20:8e:51:d1:30:5a: cc:45:4f:57:47:89:e8:65:29:81:ed:ea:8c:dc:9b: 9c:f6:3f:4b:e5:18:a3:63:ac:2f:b1:b8:0b:f8:c7: f5:24:17:de:99:fb:73:2f:c8:cd:1c:13:5a:21:19: 7d:57:82:d6:3e:0f:0e:df:79:24:79:48:75:ad:e6: 62:a1:99:21:22:46:00:f4:e7:cd:c4:67:99:a4:98: a1:cb:4a:b0:4a:e4:62:a2:2c:bc:f2:81:04:7b:37: ce:3c:62:83:43:d5:2a:f9:12:ae:85:5f:51:70:71: 16:51:49:71:d2:70:1b:32:d7:0b:23:7c:dd:69:39: 7a:06:91:67:97:0c:2a:4e:56:b7:d7:e6:ad:d3:9b: f0:da:d9:36:69:39:ce:97:d7:fd:b7:48:11:20:f8: 92:7d:e3:df:b4:df:01:8b:9c:f2:ce:e7:2d:a5:dd: 2d:ca:46:b6:55:f9:90:12:98:d2:ac:bf:68:01:4d: 02:a7:e5:e5:1e:53:6c:48:da:ed:b1:85:9e:3b:9a: 45:64:8d:ca:e4:d8:76:f6:01:77:02:47:f4:5b:05: 7f:24:1a:78:48:1d:48:03:40:48:66:1d:7c:2a:98: b5:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:F0:8E:67:D2:5D:5B:6B:B3:4A:DE:B8:42:2C:A4:93:C0:AD:C1:F0 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/IfCOZ9JdW2uzSt64Qiykk8CtwfA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:3480:2000::/48 Signature Algorithm: sha256WithRSAEncryption 44:d2:c5:c4:75:de:21:3f:ad:07:1e:aa:12:0c:11:de:69:7c: 13:80:dd:ec:22:9e:9d:3d:1e:6d:cd:d3:b0:84:02:ab:7f:e0: 4e:90:99:e5:1f:9d:c5:49:56:7b:33:cb:14:cc:cf:ff:83:45: 02:94:60:9a:29:34:42:1a:0e:4c:4e:10:eb:10:f2:58:b0:a8: e1:20:b9:9d:f3:6c:74:6b:f4:84:9d:49:6d:89:1c:8a:73:76: 80:21:16:6f:e4:4e:54:39:ae:36:d9:17:88:3e:8d:70:8d:6e: b1:9e:66:ab:69:2f:e5:a1:e2:7f:cc:14:3c:02:dc:f3:3e:2e: ee:f6:c5:80:f8:dc:74:59:25:f2:41:6f:22:df:7d:e6:4a:bd: 4d:eb:a7:0c:52:ba:ca:9e:94:35:26:e9:bb:c2:e7:32:b4:2f: e2:2e:95:9f:b4:98:d4:3d:98:b5:cb:5b:c8:ef:7c:13:79:72: f9:9a:42:76:4e:15:18:8b:18:ed:51:98:06:70:1c:ee:6e:f4: 0c:8a:7d:7c:fe:4c:7f:45:8d:34:e5:2f:c2:df:a4:39:df:3e: 4a:3d:e2:bb:33:93:75:ba:86:5e:61:1f:04:49:e8:48:55:40: dd:01:bd:ad:26:e0:ea:15:9e:ef:5c:39:90:b8:c3:c8:41:d5: 20:12:2c:a1 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICFvowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNDAzMTMw MTIxNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIxRjA4RTY3RDI1RDVC NkJCMzRBREVCODQyMkNBNDkzQzBBREMxRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+T7sNvpMJIh/yzHC7Fc6ClI5of66GtSCOUdEwWsxFT1dHiehl KYHt6ozcm5z2P0vlGKNjrC+xuAv4x/UkF96Z+3MvyM0cE1ohGX1XgtY+Dw7feSR5 SHWt5mKhmSEiRgD0583EZ5mkmKHLSrBK5GKiLLzygQR7N848YoND1Sr5Eq6FX1Fw cRZRSXHScBsy1wsjfN1pOXoGkWeXDCpOVrfX5q3Tm/Da2TZpOc6X1/23SBEg+JJ9 49+03wGLnPLO5y2l3S3KRrZV+ZASmNKsv2gBTQKn5eUeU2xI2u2xhZ47mkVkjcrk 2Hb2AXcCR/RbBX8kGnhIHUgDQEhmHXwqmLVRAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUIfCOZ9JdW2uzSt64Qiykk8CtwfAwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0lmQ09aOUpkVzJ1elN0 NjRRaXlrazhDdHdmQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD BwAkATSAIAAwDQYJKoZIhvcNAQELBQADggEBAETSxcR13iE/rQceqhIMEd5pfBOA 3ewinp09Hm3N07CEAqt/4E6QmeUfncVJVnszyxTMz/+DRQKUYJopNEIaDkxOEOsQ 8liwqOEguZ3zbHRr9ISdSW2JHIpzdoAhFm/kTlQ5rjbZF4g+jXCNbrGeZqtpL+Wh 4n/MFDwC3PM+Lu72xYD43HRZJfJBbyLffeZKvU3rpwxSusqelDUm6bvC5zK0L+Iu lZ+0mNQ9mLXLW8jvfBN5cvmaQnZOFRiLGO1RmAZwHO5u9AyKfXz+TH9FjTTlL8Lf pDnfPko94rszk3W6hl5hHwRJ6EhVQN0Bva0m4OoVnu9cOZC4w8hB1SASLKE= -----END CERTIFICATE-----Generated at Fri Nov 22 17:36:48 2024 by rpki-client on console-ams.rpki-client.org