$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/l-OcCesTSuBdO5IoSKzcBLmGV3I.roa File: l-OcCesTSuBdO5IoSKzcBLmGV3I.roa (raw, json) Hash identifier: V+qfdOP7fF5YPbI2fv4sNhq08smvoF+WOztOV3zR7uI= Subject key identifier: 97:E3:9C:09:EB:13:4A:E0:5D:3B:92:28:48:AC:DC:04:B9:86:57:72 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 16FB Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/l-OcCesTSuBdO5IoSKzcBLmGV3I.roa Signing time: Wed 13 Mar 2024 01:21:50 +0000 ROA not before: Wed 13 Mar 2024 01:21:50 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 23724 IP address blocks: 2401:3480::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5883 (0x16fb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Mar 13 01:21:50 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=97E39C09EB134AE05D3B922848ACDC04B9865772 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e8:09:0a:f4:1f:5f:a4:96:33:b9:bb:43:11: 05:f7:6f:cd:19:f4:19:55:04:40:21:cf:a3:90:e7: b9:77:45:e3:f9:5e:cc:a0:d1:a5:42:4b:f1:1d:8b: dd:42:7a:d3:aa:6d:f8:5c:29:ee:33:5e:c7:9f:9b: 06:bf:9c:36:4d:27:11:58:8b:32:19:7f:16:53:2a: e8:00:6c:0a:0a:fb:09:fc:da:fa:a0:41:5c:84:19: 7e:bf:f2:67:f6:93:b0:79:6a:ba:53:76:fd:62:33: e9:c8:54:1f:29:63:c3:0f:94:96:06:c6:f4:8a:62: 50:e4:c6:23:bf:66:74:aa:16:8d:54:7f:d5:cf:37: 62:70:94:1a:0e:ef:b5:25:24:cc:cb:e1:64:37:8c: 84:71:cc:18:e1:59:2e:aa:01:20:e4:38:76:57:96: 04:26:9b:fa:06:1d:a0:9f:c4:d4:99:9c:fe:87:f9: b1:d7:6b:59:b6:27:ea:88:1a:a2:4e:e7:75:29:54: 4b:e8:8a:c8:8c:8d:58:4f:1d:73:6f:5f:66:de:71: b2:3f:19:f2:50:f1:ea:f6:1f:f5:d9:3e:72:bc:22: 5a:3e:d5:95:fe:20:75:f7:88:b7:9c:aa:fb:13:1e: 78:74:ca:12:f1:b8:f1:e0:e8:86:f3:f5:b3:bc:3d: 80:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:E3:9C:09:EB:13:4A:E0:5D:3B:92:28:48:AC:DC:04:B9:86:57:72 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/l-OcCesTSuBdO5IoSKzcBLmGV3I.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:3480::/36 Signature Algorithm: sha256WithRSAEncryption 46:ca:ec:a5:f1:c0:e3:53:ca:9c:df:af:0e:e2:b9:27:9b:cf: de:6b:63:e7:38:81:be:52:fc:f5:93:17:90:d4:0a:f6:d5:cd: 64:07:7a:a6:d6:3e:70:44:94:d8:7e:c0:ce:15:61:1b:90:7b: e2:6c:64:57:e1:f5:12:36:a7:65:33:22:c6:6e:a0:65:29:32: 86:27:0d:ee:be:c6:fb:13:b4:f5:9b:63:3a:e3:04:6c:b7:e5: 7e:03:52:7c:3a:a3:39:04:bb:6b:12:0b:7d:32:6c:b8:59:ce: 0c:78:31:c4:dd:bc:dd:85:04:df:62:d7:8d:0b:05:c3:64:dd: 87:45:e0:b8:8f:01:82:cc:c1:28:25:84:bd:46:9d:17:aa:9c: 9a:d6:06:f1:55:c4:81:e8:c7:af:a6:10:d3:d7:f3:47:08:70: 3a:06:01:aa:7e:be:51:bd:a1:b3:65:f0:4b:7c:b8:e8:36:04: 5e:60:18:83:d0:9d:9b:dd:16:bd:12:1c:9c:0f:06:5b:48:86: 00:e0:e4:22:7a:70:0a:a1:30:cc:26:07:0e:af:ff:23:18:ca: 05:a3:01:ae:73:81:8b:49:62:98:44:1d:ca:64:74:69:fb:06: 6a:66:3a:9f:ed:90:c2:77:b8:a5:13:76:a4:60:2a:2e:15:d1: e6:7e:fc:92 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFvswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNDAzMTMw MTIxNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk3RTM5QzA5RUIxMzRB RTA1RDNCOTIyODQ4QUNEQzA0Qjk4NjU3NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDB6AkK9B9fpJYzubtDEQX3b80Z9BlVBEAhz6OQ57l3ReP5Xsyg 0aVCS/Edi91CetOqbfhcKe4zXsefmwa/nDZNJxFYizIZfxZTKugAbAoK+wn82vqg QVyEGX6/8mf2k7B5arpTdv1iM+nIVB8pY8MPlJYGxvSKYlDkxiO/ZnSqFo1Uf9XP N2JwlBoO77UlJMzL4WQ3jIRxzBjhWS6qASDkOHZXlgQmm/oGHaCfxNSZnP6H+bHX a1m2J+qIGqJO53UpVEvoisiMjVhPHXNvX2becbI/GfJQ8er2H/XZPnK8Ilo+1ZX+ IHX3iLecqvsTHnh0yhLxuPHg6Ibz9bO8PYClAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUl+OcCesTSuBdO5IoSKzcBLmGV3IwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L2wtT2NDZXNUU3VCZE81 SW9TS3pjQkxtR1YzSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgD BgQkATSAADANBgkqhkiG9w0BAQsFAAOCAQEARsrspfHA41PKnN+vDuK5J5vP3mtj 5ziBvlL89ZMXkNQK9tXNZAd6ptY+cESU2H7AzhVhG5B74mxkV+H1EjanZTMixm6g ZSkyhicN7r7G+xO09ZtjOuMEbLflfgNSfDqjOQS7axILfTJsuFnODHgxxN283YUE 32LXjQsFw2Tdh0XguI8BgszBKCWEvUadF6qcmtYG8VXEgejHr6YQ09fzRwhwOgYB qn6+Ub2hs2XwS3y46DYEXmAYg9Cdm90WvRIcnA8GW0iGAODkInpwCqEwzCYHDq// IxjKBaMBrnOBi0limEQdymR0afsGamY6n+2Qwne4pRN2pGAqLhXR5n78kg== -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:44 2024 by rpki-client on console-fra.rpki-client.org