$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/3bYx-LXO0C2Dm6c6jHZxncJG2XQ.roa File: 3bYx-LXO0C2Dm6c6jHZxncJG2XQ.roa (raw, json) Hash identifier: PTmPH+1yVZWhORXR/515kUw/3tuMxaMb8SYoCy+Avgw= Subject key identifier: DD:B6:31:F8:B5:CE:D0:2D:83:9B:A7:3A:8C:76:71:9D:C2:46:D9:74 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: D6 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/3bYx-LXO0C2Dm6c6jHZxncJG2XQ.roa Signing time: Fri 06 Jun 2025 02:34:33 +0000 ROA not before: Fri 06 Jun 2025 02:34:33 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 9808 IP address blocks: 240a:40c2:8010::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 09:43:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 214 (0xd6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:34:33 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=DDB631F8B5CED02D839BA73A8C76719DC246D974 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:a7:e8:dd:e0:16:72:20:0d:81:2f:eb:98:2b: c2:9f:68:db:01:73:b2:b1:c3:2f:eb:74:da:54:f1: 6f:93:9b:af:77:3c:bd:43:89:2f:d7:07:13:e3:f7: 77:93:89:42:45:69:ac:28:0d:32:7d:fb:15:52:1f: 6c:d0:8e:61:54:95:74:a5:13:92:82:bd:82:10:01: 86:73:cc:b8:15:af:87:18:8e:57:dc:3c:07:72:65: 7e:92:ea:ff:9c:39:5a:a8:a8:7a:63:b5:2e:98:2e: 8f:de:88:8a:c6:2a:34:72:5a:c1:f8:58:44:44:67: 25:69:fa:10:51:33:fd:22:f1:10:4f:9e:93:c1:8c: ea:4c:33:53:fc:17:0b:58:25:ff:19:cc:be:7b:51: 98:e7:39:a8:b0:ee:a0:f0:e3:77:38:a2:74:2d:01: 36:c2:43:a4:12:90:e3:4e:16:de:e5:43:5c:13:94: 48:39:a2:62:00:ef:b9:9e:5d:f5:d4:0f:4f:a5:24: 05:a6:24:01:b2:3a:2a:c6:a5:65:3f:ee:a5:e4:17: bb:da:2e:f1:68:58:87:05:ee:f2:b4:95:42:77:b6: ce:09:25:ed:ff:61:14:5a:7a:c9:3d:b6:6f:28:d8: 81:8f:2d:25:82:ed:d6:27:6a:2f:bf:73:55:eb:66: a3:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:B6:31:F8:B5:CE:D0:2D:83:9B:A7:3A:8C:76:71:9D:C2:46:D9:74 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/3bYx-LXO0C2Dm6c6jHZxncJG2XQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c2:8010::/44 Signature Algorithm: sha256WithRSAEncryption 94:20:d9:b9:df:2d:5b:1a:86:07:88:40:73:b6:41:50:d2:95: 4a:48:00:00:90:40:b4:7f:e8:35:5e:1a:cf:f5:d1:de:90:47: 04:e3:81:c2:2e:a9:d0:72:8f:a1:a8:ee:cd:83:3a:03:0e:95: 30:12:71:bd:03:45:5e:ef:ae:ee:71:8f:1c:ec:f7:51:66:da: 94:6f:4e:92:13:9e:f8:2e:f0:7b:ce:fa:ab:36:0a:e8:04:d7: 58:64:6b:b3:42:40:54:63:52:74:32:43:59:20:4e:3b:f1:92: 64:77:17:bb:02:17:c0:35:ae:13:ad:21:5a:36:e6:30:d4:1f: ec:fd:b4:fc:cb:5a:54:11:9c:72:80:55:84:1c:fd:b1:b2:b3: 13:af:eb:d0:69:3e:3e:af:af:d7:27:b5:eb:e1:5e:2e:74:74: 1c:2a:50:3b:72:d3:a2:62:ca:fb:6a:b9:83:96:a5:cf:cc:4f: e9:bf:d9:da:c4:8f:9b:7d:67:48:f3:90:a3:a4:fb:59:d6:3d: 50:89:53:65:81:07:57:2a:61:04:60:4e:1e:98:3e:57:a7:c3: eb:2c:e7:bf:5b:9f:25:a5:34:23:28:74:65:8e:ce:10:90:4a: b3:43:ee:0c:6e:3b:2c:b6:a6:d1:7a:f9:16:fb:a8:37:89:96: 84:13:01:00 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICANYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjM0MzNaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKEREQjYzMUY4QjVDRUQw MkQ4MzlCQTczQThDNzY3MTlEQzI0NkQ5NzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxp+jd4BZyIA2BL+uYK8KfaNsBc7Kxwy/rdNpU8W+Tm693PL1D iS/XBxPj93eTiUJFaawoDTJ9+xVSH2zQjmFUlXSlE5KCvYIQAYZzzLgVr4cYjlfc PAdyZX6S6v+cOVqoqHpjtS6YLo/eiIrGKjRyWsH4WEREZyVp+hBRM/0i8RBPnpPB jOpMM1P8FwtYJf8ZzL57UZjnOaiw7qDw43c4onQtATbCQ6QSkONOFt7lQ1wTlEg5 omIA77meXfXUD0+lJAWmJAGyOirGpWU/7qXkF7vaLvFoWIcF7vK0lUJ3ts4JJe3/ YRRaesk9tm8o2IGPLSWC7dYnai+/c1XrZqOTAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQU3bYx+LXO0C2Dm6c6jHZxncJG2XQwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvM2JZeC1MWE8wQzJE bTZjNmpIWnhuY0pHMlhRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMKAEDANBgkqhkiG9w0BAQsFAAOCAQEAlCDZud8tWxqGB4hAc7ZBUNKV SkgAAJBAtH/oNV4az/XR3pBHBOOBwi6p0HKPoajuzYM6Aw6VMBJxvQNFXu+u7nGP HOz3UWbalG9OkhOe+C7we876qzYK6ATXWGRrs0JAVGNSdDJDWSBOO/GSZHcXuwIX wDWuE60hWjbmMNQf7P20/MtaVBGccoBVhBz9sbKzE6/r0Gk+Pq+v1ye16+FeLnR0 HCpQO3LTomLK+2q5g5alz8xP6b/Z2sSPm31nSPOQo6T7WdY9UIlTZYEHVyphBGBO Hpg+V6fD6yznv1ufJaU0Iyh0ZY7OEJBKs0PuDG47LLam0Xr5FvuoN4mWhBMBAA== -----END CERTIFICATE-----Generated at Sun Jun 22 09:33:40 2025 by rpki-client