$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/Sh6lZNMLW_Op4fFvfCU867fR6PY.roa File: Sh6lZNMLW_Op4fFvfCU867fR6PY.roa (raw, json) Hash identifier: UIqbDWYr3VwZ4uzLj4zIPvMK7CEMXVgX7yLHYJlmQEc= Subject key identifier: 4A:1E:A5:64:D3:0B:5B:F3:A9:E1:F1:6F:7C:25:3C:EB:B7:D1:E8:F6 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: DB Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/Sh6lZNMLW_Op4fFvfCU867fR6PY.roa Signing time: Fri 06 Jun 2025 02:36:22 +0000 ROA not before: Fri 06 Jun 2025 02:36:22 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 9808 IP address blocks: 240a:40c3:e000::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 02:41:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 219 (0xdb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:36:22 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=4A1EA564D30B5BF3A9E1F16F7C253CEBB7D1E8F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:43:5f:4a:b3:c2:3a:24:cd:6a:fc:43:02:b2: f7:af:28:37:0b:d1:bf:cf:4f:a3:12:7b:37:4c:56: d4:26:e1:85:9e:bd:c5:b3:c1:a8:a0:cd:19:a3:a1: 38:6a:4c:a1:9a:ea:3e:60:4d:be:b5:0e:43:c3:7d: 4b:5e:a9:4c:84:0e:38:55:03:88:f2:82:98:8f:3f: f3:05:c7:54:e1:7f:d2:61:75:78:49:06:26:c7:50: 62:c2:73:5d:52:16:b8:f8:dd:c8:a9:5d:92:a6:37: e0:a2:38:84:26:62:97:17:14:6c:4b:7c:ab:66:9c: f3:8c:de:5a:fe:34:f4:f8:e3:35:00:f5:34:54:4c: 78:fb:4a:10:24:e9:e5:79:df:3d:c2:53:d0:cf:2b: 7c:9f:a6:fa:3b:44:cf:d1:33:a8:c7:e4:66:6c:0c: 16:86:e0:a4:c0:a0:ed:95:61:35:f1:9b:65:10:cd: aa:15:d4:8d:f6:43:aa:d2:a7:9e:a6:74:a1:46:99: d5:1c:df:1c:05:f5:25:b7:4a:11:f7:73:7a:24:5f: 0b:1c:e6:7c:28:ef:25:f0:25:2c:a1:ac:30:8f:3e: 1b:d1:ef:25:21:a3:65:5e:d0:af:3b:9a:be:2c:1b: 9a:ea:6b:a6:95:79:cd:cf:67:74:93:e8:bb:3a:56: 4e:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:1E:A5:64:D3:0B:5B:F3:A9:E1:F1:6F:7C:25:3C:EB:B7:D1:E8:F6 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/Sh6lZNMLW_Op4fFvfCU867fR6PY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c3:e000::/44 Signature Algorithm: sha256WithRSAEncryption 96:97:74:97:ff:09:e4:78:c0:ac:a2:d1:dc:99:19:3b:7a:06: 85:63:55:ce:89:f6:82:94:35:f9:77:bb:c5:5d:fc:bc:3d:a6: 7f:a7:7c:85:29:59:14:30:13:75:8e:f7:a9:20:e6:43:a5:0c: 53:d4:4f:e6:26:a1:b1:2c:90:5e:d0:80:86:30:9f:2d:4c:6b: 69:7d:b3:08:27:2d:60:dc:cc:e0:53:f3:82:c3:b8:24:02:0d: 84:49:b1:08:45:04:43:97:52:bb:45:ac:7a:8a:5e:5d:86:f2: 89:0b:34:38:fc:7a:0f:7c:25:12:8d:e7:b5:4e:30:4e:dc:d1: 93:ce:96:9f:97:fd:38:14:44:1f:2d:6f:67:8c:03:bc:79:b2: d1:d2:bb:74:e9:54:61:42:0c:d5:27:e1:bf:f6:68:04:53:b4: 7f:20:e3:37:02:f7:8f:4c:6a:0d:74:d8:e7:d4:4a:35:95:cc: 7c:f1:39:e3:cd:9f:23:16:bc:d7:04:c1:3c:88:7a:44:c6:ac: a8:10:33:80:c5:6f:06:c6:12:eb:f4:4b:a9:7b:00:ea:17:63: b6:a8:cc:f4:93:94:0a:12:af:a7:12:a4:ed:77:fc:77:46:8e: 42:e1:26:7c:46:bb:2c:77:1c:d1:e1:e2:e3:b6:5e:d8:d4:be: 43:f3:44:24 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICANswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjM2MjJaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDRBMUVBNTY0RDMwQjVC RjNBOUUxRjE2RjdDMjUzQ0VCQjdEMUU4RjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUQ19Ks8I6JM1q/EMCsvevKDcL0b/PT6MSezdMVtQm4YWevcWz waigzRmjoThqTKGa6j5gTb61DkPDfUteqUyEDjhVA4jygpiPP/MFx1Thf9JhdXhJ BibHUGLCc11SFrj43cipXZKmN+CiOIQmYpcXFGxLfKtmnPOM3lr+NPT44zUA9TRU THj7ShAk6eV53z3CU9DPK3yfpvo7RM/RM6jH5GZsDBaG4KTAoO2VYTXxm2UQzaoV 1I32Q6rSp56mdKFGmdUc3xwF9SW3ShH3c3okXwsc5nwo7yXwJSyhrDCPPhvR7yUh o2Ve0K87mr4sG5rqa6aVec3PZ3ST6Ls6Vk6hAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUSh6lZNMLW/Op4fFvfCU867fR6PYwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvU2g2bFpOTUxXX09w NGZGdmZDVTg2N2ZSNlBZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMPgADANBgkqhkiG9w0BAQsFAAOCAQEAlpd0l/8J5HjArKLR3JkZO3oG hWNVzon2gpQ1+Xe7xV38vD2mf6d8hSlZFDATdY73qSDmQ6UMU9RP5iahsSyQXtCA hjCfLUxraX2zCCctYNzM4FPzgsO4JAINhEmxCEUEQ5dSu0WseopeXYbyiQs0OPx6 D3wlEo3ntU4wTtzRk86Wn5f9OBREHy1vZ4wDvHmy0dK7dOlUYUIM1Sfhv/ZoBFO0 fyDjNwL3j0xqDXTY59RKNZXMfPE5482fIxa81wTBPIh6RMasqBAzgMVvBsYS6/RL qXsA6hdjtqjM9JOUChKvpxKk7Xf8d0aOQuEmfEa7LHcc0eHi47Ze2NS+Q/NEJA== -----END CERTIFICATE-----Generated at Sat Jun 21 02:21:16 2025 by rpki-client