$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2564/YvxJMlGBtdhPwCe99e-TBRWSmno.roa File: YvxJMlGBtdhPwCe99e-TBRWSmno.roa (raw, json) Hash identifier: U4S+JHkc2/dz4XfdQdt/8ojCwq7JqsXN3uR74WyZ1Sc= Subject key identifier: 62:FC:49:32:51:81:B5:D8:4F:C0:27:BD:F5:EF:93:05:15:92:9A:7A Certificate issuer: /CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177 Certificate serial: 1D6E Authority key identifier: 6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/YvxJMlGBtdhPwCe99e-TBRWSmno.roa Signing time: Tue 08 Apr 2025 01:44:19 +0000 ROA not before: Tue 08 Apr 2025 01:44:19 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 131530 IP address blocks: 2403:fc0::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7534 (0x1d6e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177 Validity Not Before: Apr 8 01:44:19 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=62FC49325181B5D84FC027BDF5EF930515929A7A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:9a:67:dc:46:51:7e:62:e3:c5:27:65:e3:98: 2f:62:ff:62:cf:55:71:a7:bf:79:e7:23:cc:00:ab: 97:43:80:6d:6b:7d:db:84:f9:63:b2:e7:d0:2a:a4: df:b9:93:d4:db:f9:23:a3:1c:6a:c2:d0:37:09:28: 31:a8:55:49:97:3c:29:c8:14:03:94:0e:55:49:1d: fb:a5:84:9c:56:75:77:15:4d:81:11:a6:11:3e:5f: b1:29:32:f7:72:4a:72:27:9e:1c:6d:9c:5f:40:24: 12:a8:9b:81:e8:34:ef:7f:ae:47:5c:f2:e5:99:b3: d7:b4:11:d2:cc:ba:f9:4b:05:6b:1e:5a:5d:37:99: a0:59:7f:b7:1a:a1:c0:dd:44:65:f3:0a:9e:1a:5f: c8:7b:4f:a7:99:74:fe:82:8b:fc:8e:6f:71:36:55: 30:1a:cb:e4:3b:b2:6c:e1:e5:2c:b4:4e:da:c7:70: 53:62:d6:42:cf:f2:1d:55:55:27:6a:67:0b:54:56: f3:72:89:3e:0f:41:3a:e9:ae:9a:b6:2d:fc:ee:0e: aa:bc:e5:85:9f:39:60:74:18:0f:89:91:46:71:e2: e6:7d:2c:7d:5f:94:26:84:a2:c1:06:40:11:38:06: b4:01:98:aa:da:4c:6d:b8:d9:12:ae:8f:3e:4f:ff: 14:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:FC:49:32:51:81:B5:D8:4F:C0:27:BD:F5:EF:93:05:15:92:9A:7A X509v3 Authority Key Identifier: keyid:6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/YvxJMlGBtdhPwCe99e-TBRWSmno.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:fc0::/38 Signature Algorithm: sha256WithRSAEncryption 14:73:aa:1a:05:5b:eb:e3:35:ec:bb:a7:f8:e8:4c:bb:80:e1: db:2c:f9:ab:d9:52:4f:25:be:f2:0c:92:ab:ce:1e:01:cc:75: 2f:68:6a:4e:30:86:14:d8:e0:02:ff:4a:de:9f:c4:8c:97:04: dc:b9:92:67:33:90:da:ba:25:fe:a2:ce:60:4b:1c:92:1b:a7: e5:d3:b4:b5:5e:68:7b:ab:c9:1f:74:b2:22:0d:bc:22:f1:c8: f4:4d:5f:20:53:a3:20:5b:4e:0e:38:35:fc:25:63:60:a0:cd: 30:78:57:6a:cb:b8:69:95:61:41:5d:9a:82:7d:e3:e3:08:31: b2:d9:4c:fd:54:56:0e:4c:f2:2a:1a:50:1f:3c:73:11:fd:f4: 83:0e:38:0b:b8:30:79:2b:52:a3:75:3d:40:85:54:8c:35:68: b6:a5:1d:89:80:ba:94:76:5d:e6:fa:78:f8:b6:18:9b:1d:e2: f4:7f:6c:a4:0f:c6:82:79:94:33:91:80:cb:4f:1f:4a:ab:ad: b6:e9:be:1d:3a:e9:d7:45:2a:e6:39:c0:92:92:1c:f8:47:15: a6:25:33:6a:dc:2c:f8:79:d5:94:a1:45:d8:f5:b7:f0:d3:21: f9:e0:45:18:0e:2e:31:58:b6:76:a4:4f:c0:97:ea:1e:c3:55: 2a:4b:32:e6 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICHW4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkEy MUExMUFBQzRFQUUwQTYzMDY1OUIzMUEyMzBCMDhENkI1ODE3NzAeFw0yNTA0MDgw MTQ0MTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDYyRkM0OTMyNTE4MUI1 RDg0RkMwMjdCREY1RUY5MzA1MTU5MjlBN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHmmfcRlF+YuPFJ2XjmC9i/2LPVXGnv3nnI8wAq5dDgG1rfduE +WOy59AqpN+5k9Tb+SOjHGrC0DcJKDGoVUmXPCnIFAOUDlVJHfulhJxWdXcVTYER phE+X7EpMvdySnInnhxtnF9AJBKom4HoNO9/rkdc8uWZs9e0EdLMuvlLBWseWl03 maBZf7caocDdRGXzCp4aX8h7T6eZdP6Ci/yOb3E2VTAay+Q7smzh5Sy0TtrHcFNi 1kLP8h1VVSdqZwtUVvNyiT4PQTrprpq2LfzuDqq85YWfOWB0GA+JkUZx4uZ9LH1f lCaEosEGQBE4BrQBmKraTG242RKujz5P/xR7AgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQUYvxJMlGBtdhPwCe99e+TBRWSmnowHwYDVR0jBBgwFoAUaiGhGqxOrgpjBlmz GiMLCNa1gXcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU2 NC9haUdoR3F4T3JncGpCbG16R2lNTENOYTFnWGMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2FpR2hHcXhPcmdwakJsbXpHaU1MQ05hMWdYYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NjQvWXZ4Sk1sR0J0ZGhQ d0NlOTllLVRCUldTbW5vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIw CAMGAiQDD8AAMA0GCSqGSIb3DQEBCwUAA4IBAQAUc6oaBVvr4zXsu6f46Ey7gOHb LPmr2VJPJb7yDJKrzh4BzHUvaGpOMIYU2OAC/0ren8SMlwTcuZJnM5DauiX+os5g SxySG6fl07S1Xmh7q8kfdLIiDbwi8cj0TV8gU6MgW04OODX8JWNgoM0weFdqy7hp lWFBXZqCfePjCDGy2Uz9VFYOTPIqGlAfPHMR/fSDDjgLuDB5K1KjdT1AhVSMNWi2 pR2JgLqUdl3m+nj4thibHeL0f2ykD8aCeZQzkYDLTx9Kq6226b4dOunXRSrmOcCS khz4RxWmJTNq3Cz4edWUoUXY9bfw0yH54EUYDi4xWLZ2pE/Al+oew1UqSzLm -----END CERTIFICATE-----Generated at Sat Apr 26 15:28:45 2025 by rpki-client