$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/EwjhYV-CmPQQud2H6Crvi5nsZSM.roa File: EwjhYV-CmPQQud2H6Crvi5nsZSM.roa (raw, json) Hash identifier: MQr8WPZZ5OJm434/duoDl2GetDpNQEyk5dgxTJcEf9Y= Subject key identifier: 13:08:E1:61:5F:82:98:F4:10:B9:DD:87:E8:2A:EF:8B:99:EC:65:23 Certificate issuer: /CN=49449B46CAECE75D1C558061394DB402B6D009BE Certificate serial: 1DB2 Authority key identifier: 49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/EwjhYV-CmPQQud2H6Crvi5nsZSM.roa Signing time: Wed 09 Apr 2025 06:48:21 +0000 ROA not before: Wed 09 Apr 2025 06:48:21 +0000 ROA not after: Thu 09 Apr 2026 06:41:08 +0000 asID: 132168 IP address blocks: 2402:1440::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:37:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7602 (0x1db2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=49449B46CAECE75D1C558061394DB402B6D009BE Validity Not Before: Apr 9 06:48:21 2025 GMT Not After : Apr 9 06:41:08 2026 GMT Subject: CN=1308E1615F8298F410B9DD87E82AEF8B99EC6523 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:6a:64:33:e8:18:e8:49:1c:25:03:d1:1b:0a: 13:75:87:e5:4c:b1:aa:9c:d6:7b:24:c4:7b:f5:82: 03:bd:c0:8c:0d:7c:05:40:66:f9:71:4d:f8:bd:a8: ba:db:d8:e4:1c:64:4a:86:d0:85:17:28:db:d2:96: 0d:b8:fe:d7:70:75:e0:5d:db:23:8b:21:3b:02:f0: 0e:26:33:ff:1c:d0:5a:9a:72:2d:1c:aa:47:7e:38: e9:26:53:59:34:43:bf:c6:10:ca:09:51:cb:1a:c6: 45:8a:0e:7e:57:1d:26:7f:8d:79:d4:4a:54:b4:b3: 41:bf:e4:5e:3f:2e:25:7e:09:07:ed:78:7c:e7:fd: 07:66:63:77:7a:32:38:d2:71:62:24:5d:23:ee:4a: dc:7e:2b:db:f5:bc:1b:ed:49:bb:8c:05:e9:8d:09: 98:8c:87:15:cd:1e:df:3b:6e:ae:8b:9c:d7:82:c7: 2c:9e:d9:5f:b7:df:7d:dd:33:37:2e:51:c1:64:b7: e6:5c:b4:b0:5c:46:d4:b8:69:48:ce:10:f3:04:65: 6f:a0:cc:ff:df:14:f9:ef:ec:58:f7:eb:c6:dc:9b: 2b:90:6c:72:82:82:86:14:b0:7c:c1:55:34:73:8d: a4:54:7c:b3:35:22:6d:78:81:85:e0:93:6a:51:04: 53:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:08:E1:61:5F:82:98:F4:10:B9:DD:87:E8:2A:EF:8B:99:EC:65:23 X509v3 Authority Key Identifier: keyid:49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/EwjhYV-CmPQQud2H6Crvi5nsZSM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:1440::/32 Signature Algorithm: sha256WithRSAEncryption c3:6c:1e:bc:39:49:53:e8:44:ae:35:44:2e:1b:93:c3:09:2e: 6d:a5:d6:91:0d:69:be:90:7e:f6:f6:af:24:4e:9f:45:e8:fe: 93:1b:e5:09:f2:9a:27:52:cb:22:9a:6d:4e:da:82:6f:b8:38: da:1f:40:a5:65:c7:88:66:4a:77:87:31:ad:02:50:b3:ad:30: 98:f6:41:f4:9e:96:a4:2f:1e:81:7d:dc:e5:78:48:f8:01:8f: 86:fe:a4:e6:42:ef:68:3a:04:64:45:bc:c9:7c:36:d0:7f:53: 65:7e:46:43:44:57:c2:8b:0a:82:71:2d:9b:21:cf:dc:4a:ac: 26:ab:13:b2:bd:56:0a:28:07:24:61:01:3a:63:90:6d:8e:53: 86:eb:a7:2c:ea:cc:9e:2f:56:dc:05:d7:b2:fb:86:ac:01:40: 23:40:ad:28:17:73:77:94:44:4c:32:da:79:fc:a3:9c:5c:2d: 4a:85:f3:fe:5f:0c:91:77:ae:00:cc:f2:5e:02:1a:fe:ab:b2: 9a:b6:42:4b:84:f2:f2:cc:55:82:b7:65:8c:14:f1:70:2c:c9: fe:41:c3:75:d8:04:9c:5f:38:be:8c:34:cb:4c:c7:a4:20:38: f1:80:23:d2:c8:a7:02:80:f4:7e:52:53:c3:fc:2d:a6:13:29: 36:29:0b:ca -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICHbIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDk0 NDlCNDZDQUVDRTc1RDFDNTU4MDYxMzk0REI0MDJCNkQwMDlCRTAeFw0yNTA0MDkw NjQ4MjFaFw0yNjA0MDkwNjQxMDhaMDMxMTAvBgNVBAMTKDEzMDhFMTYxNUY4Mjk4 RjQxMEI5REQ4N0U4MkFFRjhCOTlFQzY1MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDXamQz6BjoSRwlA9EbChN1h+VMsaqc1nskxHv1ggO9wIwNfAVA ZvlxTfi9qLrb2OQcZEqG0IUXKNvSlg24/tdwdeBd2yOLITsC8A4mM/8c0Fqaci0c qkd+OOkmU1k0Q7/GEMoJUcsaxkWKDn5XHSZ/jXnUSlS0s0G/5F4/LiV+CQfteHzn /QdmY3d6MjjScWIkXSPuStx+K9v1vBvtSbuMBemNCZiMhxXNHt87bq6LnNeCxyye 2V+3333dMzcuUcFkt+ZctLBcRtS4aUjOEPMEZW+gzP/fFPnv7Fj368bcmyuQbHKC goYUsHzBVTRzjaRUfLM1Im14gYXgk2pRBFNhAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUEwjhYV+CmPQQud2H6Crvi5nsZSMwHwYDVR0jBBgwFoAUSUSbRsrs510cVYBh OU20ArbQCb4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9TVVNiUnNyczUxMGNWWUJoT1UyMEFyYlFDYjQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NVU2JSc3JzNTEwY1ZZQmhPVTIwQXJiUUNiNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvRXdqaFlWLUNtUFFR dWQySDZDcnZpNW5zWlNNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQCFEAwDQYJKoZIhvcNAQELBQADggEBAMNsHrw5SVPoRK41RC4bk8MJLm2l 1pENab6Qfvb2ryROn0Xo/pMb5QnymidSyyKabU7agm+4ONofQKVlx4hmSneHMa0C ULOtMJj2QfSelqQvHoF93OV4SPgBj4b+pOZC72g6BGRFvMl8NtB/U2V+RkNEV8KL CoJxLZshz9xKrCarE7K9VgooByRhATpjkG2OU4brpyzqzJ4vVtwF17L7hqwBQCNA rSgXc3eUREwy2nn8o5xcLUqF8/5fDJF3rgDM8l4CGv6rspq2QkuE8vLMVYK3ZYwU 8XAsyf5Bw3XYBJxfOL6MNMtMx6QgOPGAI9LIpwKA9H5SU8P8LaYTKTYpC8o= -----END CERTIFICATE-----Generated at Sat Apr 26 15:25:18 2025 by rpki-client