$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/dsMrDj0ZNE3QQOXaMaIP0-ot9XM.roa File: dsMrDj0ZNE3QQOXaMaIP0-ot9XM.roa (raw, json) Hash identifier: 2ginC25uo8lbBs7GEfqLESDXLqhiiKTYqhvM5O20jPg= Subject key identifier: 76:C3:2B:0E:3D:19:34:4D:D0:40:E5:DA:31:A2:0F:D3:EA:2D:F5:73 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: DA Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/dsMrDj0ZNE3QQOXaMaIP0-ot9XM.roa Signing time: Fri 06 Jun 2025 02:36:22 +0000 ROA not before: Fri 06 Jun 2025 02:36:22 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 9808 IP address blocks: 240a:40c3:8010::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 23:44:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 218 (0xda) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:36:22 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=76C32B0E3D19344DD040E5DA31A20FD3EA2DF573 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:fc:9e:65:50:6c:c5:8e:8e:0a:c0:c7:b0:2f: db:37:50:9d:60:f9:ef:3a:34:b6:a5:5e:ba:a3:9f: ea:4c:c3:36:8e:30:7e:df:b4:b4:2e:a0:7d:98:71: 26:a1:97:f5:75:4c:fc:39:dc:8a:f1:b1:4a:b5:75: 56:88:83:27:c9:1b:a0:20:1a:08:70:c7:fa:51:bd: 64:bb:72:1b:7d:e5:b1:cb:5f:75:48:dd:7f:17:1e: 21:98:c1:78:2d:59:60:09:20:a9:94:df:e8:d3:ac: 32:59:60:df:e1:c2:48:b7:51:53:71:cf:22:07:e6: 31:30:15:80:f3:85:e0:c7:52:cd:ad:71:e5:b3:b7: 1c:af:34:e9:73:ae:76:16:e1:22:0f:46:ae:69:2d: e9:05:6c:78:e5:8a:d2:17:71:fc:ee:de:b8:11:18: 4f:2b:d2:a3:d9:23:6e:20:79:30:76:7a:10:c9:f8: 0b:40:80:a8:03:7d:63:0a:c4:9d:9d:f2:d9:08:c1: b7:cc:b7:df:80:69:f7:ce:93:02:9f:6a:e2:8f:c7: dd:f1:1b:a0:73:ef:79:8a:dc:6c:4a:e8:2a:80:19: 70:80:67:0f:04:23:f1:62:d1:d1:b2:0f:c5:c8:c5: 85:4b:aa:bd:cf:a3:b5:ac:26:31:81:e3:4b:12:6e: a8:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:C3:2B:0E:3D:19:34:4D:D0:40:E5:DA:31:A2:0F:D3:EA:2D:F5:73 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/dsMrDj0ZNE3QQOXaMaIP0-ot9XM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c3:8010::/44 Signature Algorithm: sha256WithRSAEncryption 1d:90:e9:d4:e1:82:c1:b8:eb:be:da:3c:64:55:9e:9c:b1:b5: 88:4e:06:63:e7:8b:d1:32:fb:53:a5:7f:3d:e3:a2:f3:ad:6e: a1:02:0b:b9:01:61:89:5c:15:a8:1a:24:31:1b:8e:65:b7:12: 23:35:d6:7c:72:f7:fd:00:87:8c:9f:13:68:3d:ac:e7:07:4e: b7:06:db:f1:d1:cc:7d:7d:1a:8e:2a:18:31:6c:12:dd:16:c8: fd:01:18:62:f4:32:83:14:e1:cd:6b:98:de:38:76:ff:77:67: 0d:e0:a4:c2:e9:2b:d7:37:e9:2b:11:85:aa:72:2f:75:ed:e5: d1:25:bc:8c:f1:31:05:a1:5d:4f:58:d9:92:4c:cf:2d:a6:f5: 79:69:b3:64:2e:6c:ac:23:d6:ee:22:49:0f:db:82:f0:91:b2: 11:f8:76:a9:bc:cf:d3:83:9b:a2:2e:91:22:ff:ac:0a:c3:a9: 2c:a8:4c:20:a0:ae:62:1e:3d:d5:2c:6f:d1:94:b3:e5:48:d3: ea:4d:d7:93:b3:0a:79:e6:e4:fc:a8:9f:47:2e:8f:51:97:38: 7f:cd:12:36:7e:1e:53:99:7f:83:03:cd:70:c0:a0:b5:86:d5: b9:46:7f:ea:80:a7:35:7d:6c:d0:b8:2f:47:55:fe:8b:ee:47: 73:b9:1f:c6 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICANowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjM2MjJaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDc2QzMyQjBFM0QxOTM0 NEREMDQwRTVEQTMxQTIwRkQzRUEyREY1NzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDf/J5lUGzFjo4KwMewL9s3UJ1g+e86NLalXrqjn+pMwzaOMH7f tLQuoH2YcSahl/V1TPw53IrxsUq1dVaIgyfJG6AgGghwx/pRvWS7cht95bHLX3VI 3X8XHiGYwXgtWWAJIKmU3+jTrDJZYN/hwki3UVNxzyIH5jEwFYDzheDHUs2tceWz txyvNOlzrnYW4SIPRq5pLekFbHjlitIXcfzu3rgRGE8r0qPZI24geTB2ehDJ+AtA gKgDfWMKxJ2d8tkIwbfMt9+AaffOkwKfauKPx93xG6Bz73mK3GxK6CqAGXCAZw8E I/Fi0dGyD8XIxYVLqr3Po7WsJjGB40sSbqgXAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUdsMrDj0ZNE3QQOXaMaIP0+ot9XMwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvZHNNckRqMFpORTNR UU9YYU1hSVAwLW90OVhNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMOAEDANBgkqhkiG9w0BAQsFAAOCAQEAHZDp1OGCwbjrvto8ZFWenLG1 iE4GY+eL0TL7U6V/PeOi861uoQILuQFhiVwVqBokMRuOZbcSIzXWfHL3/QCHjJ8T aD2s5wdOtwbb8dHMfX0ajioYMWwS3RbI/QEYYvQygxThzWuY3jh2/3dnDeCkwukr 1zfpKxGFqnIvde3l0SW8jPExBaFdT1jZkkzPLab1eWmzZC5srCPW7iJJD9uC8JGy Efh2qbzP04Oboi6RIv+sCsOpLKhMIKCuYh491Sxv0ZSz5UjT6k3Xk7MKeebk/Kif Ry6PUZc4f80SNn4eU5l/gwPNcMCgtYbVuUZ/6oCnNX1s0LgvR1X+i+5Hc7kfxg== -----END CERTIFICATE-----Generated at Wed Jun 18 22:14:43 2025 by rpki-client