$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/MVjH_aAkrL-0rnyEdUJg3s5ROPY.roa File: MVjH_aAkrL-0rnyEdUJg3s5ROPY.roa (raw, json) Hash identifier: 7XQGc6sXY4XcfUnTFPFKMmLcdiDlLtEO+EdWmvPlfgQ= Subject key identifier: 31:58:C7:FD:A0:24:AC:BF:B4:AE:7C:84:75:42:60:DE:CE:51:38:F6 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: C3 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/MVjH_aAkrL-0rnyEdUJg3s5ROPY.roa Signing time: Fri 06 Jun 2025 02:29:17 +0000 ROA not before: Fri 06 Jun 2025 02:29:17 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 56047 IP address blocks: 240a:40c2:a000::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 07:16:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 195 (0xc3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:29:17 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=3158C7FDA024ACBFB4AE7C84754260DECE5138F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:ac:87:fc:c7:13:b2:8d:ec:30:ef:6b:f2:2b: 29:0e:75:91:25:c7:05:9f:1a:23:86:54:6b:6e:cc: 61:84:ff:b7:57:da:ee:f6:b2:20:75:38:23:27:42: 39:54:c1:91:a4:b7:22:e1:3c:0b:c9:4f:89:be:40: c5:c0:cb:1f:5f:56:d3:ee:90:87:8c:03:76:13:e2: 5d:20:31:69:ad:79:13:d8:5d:b6:82:07:ed:d3:19: 6a:bd:d9:ef:26:4b:f5:7a:e4:06:af:c9:72:1f:5f: 14:27:42:a8:c2:55:3c:fd:78:1a:87:f9:36:14:85: ad:57:07:40:8b:a0:f9:aa:a2:b6:71:9f:b0:b8:0d: 09:8b:52:bb:19:b4:d8:e3:f2:de:5a:37:e7:59:ef: 72:d5:c4:bf:17:2a:14:b6:a9:ac:1f:7d:3b:01:68: 17:b0:bb:17:ad:8c:e9:e7:80:da:4f:fa:11:d9:a1: a7:83:75:fb:72:56:76:30:bb:5f:96:9b:fd:20:a7: 5e:e9:0d:08:b6:af:bb:63:25:12:4a:37:55:64:bf: c6:cf:56:72:79:e1:ad:32:81:f1:e6:e5:69:f0:cf: 15:5f:13:37:de:ca:9c:03:21:5c:74:33:a7:b9:dc: fe:e6:37:8b:76:11:e2:fd:fa:51:21:ee:bf:44:8d: 5c:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:58:C7:FD:A0:24:AC:BF:B4:AE:7C:84:75:42:60:DE:CE:51:38:F6 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/MVjH_aAkrL-0rnyEdUJg3s5ROPY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c2:a000::/44 Signature Algorithm: sha256WithRSAEncryption 0f:e6:dc:2d:32:4d:06:d3:03:7f:49:75:b6:64:80:ac:39:0a: 7f:69:95:f7:09:b9:a6:2f:98:f4:9d:ce:55:5e:1c:56:2f:09: 15:35:e4:87:5d:3c:d3:b3:f3:4b:de:e4:d1:3c:d2:1d:cc:0b: e4:ec:0d:89:e6:ea:6c:29:d0:4b:7f:eb:55:96:2c:26:2a:07: 8f:bd:0d:66:e5:6a:eb:24:aa:cb:35:b8:70:fb:41:b1:9f:35: 09:58:1e:4d:11:fa:60:7a:1d:49:e4:e9:10:f5:b3:18:5e:6c: 9a:10:7f:7a:0a:a3:3a:31:a9:13:f9:72:90:91:a3:0d:f5:d0: 28:b9:1e:92:1c:a5:74:63:80:7a:4f:74:d7:cc:fa:3d:20:a1: 36:0b:f3:28:8c:26:5d:a7:f7:16:ce:db:82:04:dc:8d:55:cc: fd:25:b9:a9:69:6c:74:16:7e:91:5b:5c:0b:e3:74:59:c2:f3: d6:d2:1c:a8:d1:ac:10:03:af:cd:83:f3:b7:2c:8e:b5:c2:94: 9c:9e:87:e9:f2:b9:54:51:91:cf:45:ad:39:84:cf:6a:46:f2: 63:35:a6:93:9b:0a:53:37:58:b4:64:6c:26:84:82:0a:bf:e1: 88:74:56:83:f4:34:e6:1b:d4:19:5d:2e:cd:35:ad:30:10:2f: 43:81:49:40 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICAMMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjI5MTdaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDMxNThDN0ZEQTAyNEFD QkZCNEFFN0M4NDc1NDI2MERFQ0U1MTM4RjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDorIf8xxOyjeww72vyKykOdZElxwWfGiOGVGtuzGGE/7dX2u72 siB1OCMnQjlUwZGktyLhPAvJT4m+QMXAyx9fVtPukIeMA3YT4l0gMWmteRPYXbaC B+3TGWq92e8mS/V65AavyXIfXxQnQqjCVTz9eBqH+TYUha1XB0CLoPmqorZxn7C4 DQmLUrsZtNjj8t5aN+dZ73LVxL8XKhS2qawffTsBaBewuxetjOnngNpP+hHZoaeD dftyVnYwu1+Wm/0gp17pDQi2r7tjJRJKN1Vkv8bPVnJ54a0ygfHm5WnwzxVfEzfe ypwDIVx0M6e53P7mN4t2EeL9+lEh7r9EjVyVAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUMVjH/aAkrL+0rnyEdUJg3s5ROPYwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvTVZqSF9hQWtyTC0w cm55RWRVSmczczVST1BZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMKgADANBgkqhkiG9w0BAQsFAAOCAQEAD+bcLTJNBtMDf0l1tmSArDkK f2mV9wm5pi+Y9J3OVV4cVi8JFTXkh10807PzS97k0TzSHcwL5OwNiebqbCnQS3/r VZYsJioHj70NZuVq6ySqyzW4cPtBsZ81CVgeTRH6YHodSeTpEPWzGF5smhB/egqj OjGpE/lykJGjDfXQKLkekhyldGOAek9018z6PSChNgvzKIwmXaf3Fs7bggTcjVXM /SW5qWlsdBZ+kVtcC+N0WcLz1tIcqNGsEAOvzYPztyyOtcKUnJ6H6fK5VFGRz0Wt OYTPakbyYzWmk5sKUzdYtGRsJoSCCr/hiHRWg/Q05hvUGV0uzTWtMBAvQ4FJQA== -----END CERTIFICATE-----Generated at Fri Jun 20 05:06:38 2025 by rpki-client