$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/zlTbfC8OutzwAyWNWihTKaBFQHU.roa File: zlTbfC8OutzwAyWNWihTKaBFQHU.roa (raw, json) Hash identifier: CF6792H/L28ug8uEoZfWiV67r6POVtN9sNK2zJHxNEI= Subject key identifier: CE:54:DB:7C:2F:0E:BA:DC:F0:03:25:8D:5A:28:53:29:A0:45:40:75 Certificate issuer: /CN=49449B46CAECE75D1C558061394DB402B6D009BE Certificate serial: 1DB5 Authority key identifier: 49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/zlTbfC8OutzwAyWNWihTKaBFQHU.roa Signing time: Wed 09 Apr 2025 06:48:23 +0000 ROA not before: Wed 09 Apr 2025 06:48:23 +0000 ROA not after: Thu 09 Apr 2026 06:41:08 +0000 asID: 63689 IP address blocks: 2402:1440::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:37:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7605 (0x1db5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=49449B46CAECE75D1C558061394DB402B6D009BE Validity Not Before: Apr 9 06:48:23 2025 GMT Not After : Apr 9 06:41:08 2026 GMT Subject: CN=CE54DB7C2F0EBADCF003258D5A285329A0454075 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:09:cd:79:66:1d:a2:df:e3:21:fe:08:5f:8d: f9:88:4b:31:b3:60:50:1c:3e:d1:5f:07:37:aa:49: b7:e3:ec:50:c7:74:c8:e8:2b:6f:78:a7:e2:ae:ea: 19:00:0b:c2:2a:cc:5a:ea:4c:84:54:56:0a:b3:b6: 76:3e:38:27:5b:91:7c:14:97:27:f5:c9:e4:e4:37: 36:58:76:2a:99:7a:ae:eb:90:8d:c4:49:8d:74:c4: 92:67:6e:48:dd:65:ee:d6:d2:02:2f:e4:26:5e:84: 7f:d2:1e:a8:d8:fd:9e:b4:59:96:35:06:f5:f7:7c: 8b:52:c2:19:a7:9d:81:db:b7:70:eb:61:0d:a0:de: 2d:1c:b3:9e:31:ce:4c:ee:e4:c8:b6:ed:c2:4b:b1: f8:09:ff:01:a9:83:9e:ef:06:28:e6:de:86:97:0c: 35:aa:cf:e1:ba:6e:ce:30:06:ba:af:1e:9a:19:cf: 87:f2:64:76:b8:48:74:6c:e6:da:80:15:38:07:2e: fd:e8:4a:82:a2:f5:2a:08:a1:ca:55:75:96:60:0f: 74:fc:a7:7d:cf:06:6c:61:55:a1:4b:68:c9:97:34: 8f:a1:e5:75:00:86:7b:a7:6c:ed:4c:f2:91:81:91: 0c:09:0b:a9:bd:b7:8c:bf:15:9b:43:b8:4f:53:6e: 4f:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:54:DB:7C:2F:0E:BA:DC:F0:03:25:8D:5A:28:53:29:A0:45:40:75 X509v3 Authority Key Identifier: keyid:49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/zlTbfC8OutzwAyWNWihTKaBFQHU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:1440::/32 Signature Algorithm: sha256WithRSAEncryption 9c:51:63:ce:c2:f3:d9:42:e3:4a:16:38:3f:24:7f:9d:d9:e5: 4a:1b:f8:e4:6b:24:c5:cd:ac:44:c0:9d:73:96:81:5d:61:93: 79:e2:1e:b0:83:3c:51:68:d9:89:07:75:11:5d:bf:20:93:9f: b4:93:03:7c:e3:93:0c:57:df:cf:d7:50:b8:bf:dc:7e:20:7c: 98:7a:e9:f0:76:65:c4:f9:b7:2f:82:00:84:46:73:0c:16:d1: 55:74:70:b1:e0:ce:70:1a:b9:1f:ba:f0:ce:63:64:f8:81:69: 87:d1:54:6b:f7:ad:ac:e5:ea:8d:ef:e7:bc:36:00:6d:e2:a3: 82:b6:e5:95:c3:58:c3:37:43:b2:4e:f4:5b:ed:7c:91:1f:1a: d9:22:87:35:84:dc:e4:d0:b0:df:62:d5:1a:92:86:4f:38:7a: 26:52:87:9a:75:8d:2a:c3:b8:b0:20:7d:1c:cf:6a:c9:03:13: be:cf:0a:5d:ec:9b:11:0d:d2:23:82:72:b8:b7:b0:6f:87:b4: b8:c3:d3:cc:79:70:cc:ce:05:52:33:c7:fd:c9:9f:e7:e3:df: c1:75:fb:d9:3c:c6:b3:15:a2:aa:e6:db:3f:cb:f1:49:d0:2b: 67:d7:30:43:87:09:d2:e2:ca:fc:61:2c:2a:23:be:69:06:07: c3:43:bb:10 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICHbUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDk0 NDlCNDZDQUVDRTc1RDFDNTU4MDYxMzk0REI0MDJCNkQwMDlCRTAeFw0yNTA0MDkw NjQ4MjNaFw0yNjA0MDkwNjQxMDhaMDMxMTAvBgNVBAMTKENFNTREQjdDMkYwRUJB RENGMDAzMjU4RDVBMjg1MzI5QTA0NTQwNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFCc15Zh2i3+Mh/ghfjfmISzGzYFAcPtFfBzeqSbfj7FDHdMjo K294p+Ku6hkAC8IqzFrqTIRUVgqztnY+OCdbkXwUlyf1yeTkNzZYdiqZeq7rkI3E SY10xJJnbkjdZe7W0gIv5CZehH/SHqjY/Z60WZY1BvX3fItSwhmnnYHbt3DrYQ2g 3i0cs54xzkzu5Mi27cJLsfgJ/wGpg57vBijm3oaXDDWqz+G6bs4wBrqvHpoZz4fy ZHa4SHRs5tqAFTgHLv3oSoKi9SoIocpVdZZgD3T8p33PBmxhVaFLaMmXNI+h5XUA hnunbO1M8pGBkQwJC6m9t4y/FZtDuE9Tbk8zAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUzlTbfC8OutzwAyWNWihTKaBFQHUwHwYDVR0jBBgwFoAUSUSbRsrs510cVYBh OU20ArbQCb4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9TVVNiUnNyczUxMGNWWUJoT1UyMEFyYlFDYjQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NVU2JSc3JzNTEwY1ZZQmhPVTIwQXJiUUNiNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvemxUYmZDOE91dHp3 QXlXTldpaFRLYUJGUUhVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQCFEAwDQYJKoZIhvcNAQELBQADggEBAJxRY87C89lC40oWOD8kf53Z5Uob +ORrJMXNrETAnXOWgV1hk3niHrCDPFFo2YkHdRFdvyCTn7STA3zjkwxX38/XULi/ 3H4gfJh66fB2ZcT5ty+CAIRGcwwW0VV0cLHgznAauR+68M5jZPiBaYfRVGv3razl 6o3v57w2AG3io4K25ZXDWMM3Q7JO9FvtfJEfGtkihzWE3OTQsN9i1RqShk84eiZS h5p1jSrDuLAgfRzPaskDE77PCl3smxEN0iOCcri3sG+HtLjD08x5cMzOBVIzx/3J n+fj38F1+9k8xrMVoqrm2z/L8UnQK2fXMEOHCdLiyvxhLCojvmkGB8NDuxA= -----END CERTIFICATE-----Generated at Sat Apr 26 13:13:58 2025 by rpki-client