$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/848/2sXsVY7_2Ij-UFBaTCDkxAjTHQI.roa File: 2sXsVY7_2Ij-UFBaTCDkxAjTHQI.roa (raw, json) Hash identifier: n2pOELU8tQSAxmbcXnybdckj6tPykjWnvA6eNWU3+iI= Subject key identifier: DA:C5:EC:55:8E:FF:D8:88:FE:50:50:5A:4C:20:E4:C4:08:D3:1D:02 Certificate issuer: /CN=4716CB5B4481EC13AEDD40B2C302C50F601AF77D Certificate serial: 17FA Authority key identifier: 47:16:CB:5B:44:81:EC:13:AE:DD:40:B2:C3:02:C5:0F:60:1A:F7:7D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RxbLW0SB7BOu3UCywwLFD2Aa930.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/2sXsVY7_2Ij-UFBaTCDkxAjTHQI.roa Signing time: Wed 13 Mar 2024 01:21:22 +0000 ROA not before: Wed 13 Mar 2024 01:21:22 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 31216 IP address blocks: 2401:5180::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/RxbLW0SB7BOu3UCywwLFD2Aa930.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/RxbLW0SB7BOu3UCywwLFD2Aa930.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RxbLW0SB7BOu3UCywwLFD2Aa930.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 01 Jun 2024 21:27:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6138 (0x17fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4716CB5B4481EC13AEDD40B2C302C50F601AF77D Validity Not Before: Mar 13 01:21:22 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=DAC5EC558EFFD888FE50505A4C20E4C408D31D02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:3f:52:20:8d:41:97:df:9e:3a:ca:e5:f2:59: c5:81:72:77:4b:7b:b0:5d:67:fa:53:6a:ef:46:44: fa:6f:04:84:8f:3d:ca:c7:71:04:00:5a:0f:30:dd: 80:13:81:b4:04:28:6b:bd:bb:79:9f:aa:db:aa:6c: 01:bf:6f:7c:0b:2e:67:95:c6:91:4f:7a:3c:98:27: cc:33:c7:40:05:fe:3b:00:2e:28:b0:a5:48:ea:d3: 8c:af:e5:b6:54:e0:2a:58:2e:10:e3:c9:15:bd:7c: 37:58:27:74:aa:00:c6:13:8d:e3:37:70:e5:03:52: 05:5f:27:34:4d:25:a6:03:58:a9:56:90:55:54:16: f0:ca:03:a8:15:d9:92:34:33:17:61:d3:03:1d:b7: 35:ef:cf:0c:12:11:0b:5b:a9:c0:3c:47:a7:b2:02: fd:7c:a2:bd:02:a1:85:d8:e8:d4:07:c6:88:03:9c: e8:78:79:a0:39:9f:20:d9:fc:cd:95:d7:1e:fa:24: 24:7b:25:d8:f0:1f:9a:a4:4c:ce:7b:7c:d4:ef:83: 8d:de:29:01:87:65:cd:bc:e6:24:5c:d0:62:cd:5f: 1d:72:cd:37:1f:dc:0f:1f:fd:66:67:45:af:cc:b7: 1e:fe:9b:1a:46:cf:38:07:b3:7c:9e:60:7d:79:1c: 5c:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:C5:EC:55:8E:FF:D8:88:FE:50:50:5A:4C:20:E4:C4:08:D3:1D:02 X509v3 Authority Key Identifier: keyid:47:16:CB:5B:44:81:EC:13:AE:DD:40:B2:C3:02:C5:0F:60:1A:F7:7D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/RxbLW0SB7BOu3UCywwLFD2Aa930.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RxbLW0SB7BOu3UCywwLFD2Aa930.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/2sXsVY7_2Ij-UFBaTCDkxAjTHQI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:5180::/32 Signature Algorithm: sha256WithRSAEncryption 21:78:4f:a1:ee:7b:09:8b:81:ef:04:36:24:06:b9:d4:d0:32: 82:64:f2:e5:22:3e:7a:bc:5f:2c:87:f4:17:b3:4c:0b:85:93: e1:d3:d6:10:db:6d:f1:59:65:67:a5:46:f5:c7:e7:28:4e:33: 3e:ab:1e:14:25:45:cb:0e:89:15:54:13:4b:e1:7f:5c:d3:e2: 98:47:9f:28:dd:9a:37:05:4c:db:f7:17:79:30:32:74:de:a1: fd:9d:b1:a5:2a:30:00:f1:e6:24:82:36:c7:92:a8:57:a1:89: c8:72:96:5f:eb:30:e9:9d:78:a5:ca:98:79:98:5f:a4:0f:d5: e8:8c:53:74:a5:82:fa:96:b4:eb:50:5c:d8:58:b7:de:0a:75: a3:3d:cd:20:9f:53:24:c7:0f:a3:72:18:48:d1:94:4b:bc:d8: 44:d2:5a:0a:d4:15:cc:62:1e:c2:42:3d:ac:10:81:f8:2f:64: 0c:4b:7c:a2:64:09:b0:ff:b0:ad:70:c2:03:ca:8f:63:15:0c: c1:39:0a:a0:a2:0e:f0:72:4c:38:b9:07:e1:37:c6:88:14:52: 99:c1:09:14:d7:fa:17:4c:4f:4a:4f:91:05:3f:ab:a4:dc:b1: 66:d4:36:f9:b3:03:52:d7:00:cd:a6:7a:c0:2e:9f:55:e0:83: 76:c0:64:45 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICF/owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDcx NkNCNUI0NDgxRUMxM0FFREQ0MEIyQzMwMkM1MEY2MDFBRjc3RDAeFw0yNDAzMTMw MTIxMjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBQzVFQzU1OEVGRkQ4 ODhGRTUwNTA1QTRDMjBFNEM0MDhEMzFEMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQClP1IgjUGX3546yuXyWcWBcndLe7BdZ/pTau9GRPpvBISPPcrH cQQAWg8w3YATgbQEKGu9u3mfqtuqbAG/b3wLLmeVxpFPejyYJ8wzx0AF/jsALiiw pUjq04yv5bZU4CpYLhDjyRW9fDdYJ3SqAMYTjeM3cOUDUgVfJzRNJaYDWKlWkFVU FvDKA6gV2ZI0Mxdh0wMdtzXvzwwSEQtbqcA8R6eyAv18or0CoYXY6NQHxogDnOh4 eaA5nyDZ/M2V1x76JCR7JdjwH5qkTM57fNTvg43eKQGHZc285iRc0GLNXx1yzTcf 3A8f/WZnRa/Mtx7+mxpGzzgHs3yeYH15HFznAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQU2sXsVY7/2Ij+UFBaTCDkxAjTHQIwHwYDVR0jBBgwFoAURxbLW0SB7BOu3UCy wwLFD2Aa930wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODQ4 L1J4YkxXMFNCN0JPdTNVQ3l3d0xGRDJBYTkzMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvUnhiTFcwU0I3Qk91M1VDeXd3TEZEMkFhOTMwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODQ4LzJzWHNWWTdfMklqLVVG QmFUQ0RreEFqVEhRSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD BQAkAVGAMA0GCSqGSIb3DQEBCwUAA4IBAQAheE+h7nsJi4HvBDYkBrnU0DKCZPLl Ij56vF8sh/QXs0wLhZPh09YQ223xWWVnpUb1x+coTjM+qx4UJUXLDokVVBNL4X9c 0+KYR58o3Zo3BUzb9xd5MDJ03qH9nbGlKjAA8eYkgjbHkqhXoYnIcpZf6zDpnXil yph5mF+kD9XojFN0pYL6lrTrUFzYWLfeCnWjPc0gn1Mkxw+jchhI0ZRLvNhE0loK 1BXMYh7CQj2sEIH4L2QMS3yiZAmw/7CtcMIDyo9jFQzBOQqgog7wckw4uQfhN8aI FFKZwQkU1/oXTE9KT5EFP6uk3LFm1Db5swNS1wDNpnrALp9V4IN2wGRF -----END CERTIFICATE-----Generated at Sat Jun 1 19:58:00 2024 by rpki-client on console-ams.rpki-client.org