$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/erdKTbgXEyUURQ-oBu7GGm6-bLo.roa File: erdKTbgXEyUURQ-oBu7GGm6-bLo.roa (raw, json) Hash identifier: 2u+pBQByOXlB1FsjbojsSx3HWU33V9YGgdUb6QFhQM8= Subject key identifier: 7A:B7:4A:4D:B8:17:13:25:14:45:0F:A8:06:EE:C6:1A:6E:BE:6C:BA Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: BF Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/erdKTbgXEyUURQ-oBu7GGm6-bLo.roa Signing time: Fri 06 Jun 2025 02:29:17 +0000 ROA not before: Fri 06 Jun 2025 02:29:17 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 56040 IP address blocks: 240a:40c2:c000::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 14:43:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 191 (0xbf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:29:17 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=7AB74A4DB817132514450FA806EEC61A6EBE6CBA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:52:e6:01:fb:a2:52:1a:38:bc:f4:7f:f8:0a: e9:67:33:03:1d:92:77:37:bb:72:26:6a:0b:d3:01: 4b:63:dc:9c:8b:16:a5:94:a3:14:2c:02:58:0a:a5: 81:cb:d2:9a:54:ca:5f:3c:0d:33:5a:1f:e5:a2:a1: 57:de:23:fe:33:fe:a0:14:6c:5b:b2:3a:91:91:13: d2:f3:92:2c:4b:cf:b9:e6:92:85:3b:eb:69:59:90: 0b:aa:c7:b3:e3:15:af:e9:3b:a6:92:2b:e9:45:53: d4:10:c8:97:79:dd:b7:1d:0a:38:d1:08:22:d8:46: 7e:c4:02:92:f3:ce:fb:1f:67:c2:f3:cb:d8:9e:ed: 78:ed:8b:8e:66:a3:11:8f:7c:b8:cb:c4:84:05:5b: fd:b8:21:25:4f:21:cd:e2:56:d3:17:31:ad:7c:83: bc:33:b9:c5:03:0a:1d:e7:35:6c:30:05:55:1b:85: d3:38:65:15:5f:ce:a6:d5:f2:65:fa:e9:0b:bc:d7: 84:d5:fb:44:2d:4d:a4:06:18:94:fa:55:86:75:38: 11:9f:5f:7c:cd:51:e0:d4:5f:a9:80:73:78:76:6a: 01:ba:b9:51:f1:cb:e0:76:2a:10:cb:23:36:08:11: e5:32:b1:c3:7c:a4:fa:72:f3:49:b9:43:46:84:f7: 36:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:B7:4A:4D:B8:17:13:25:14:45:0F:A8:06:EE:C6:1A:6E:BE:6C:BA X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/erdKTbgXEyUURQ-oBu7GGm6-bLo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c2:c000::/44 Signature Algorithm: sha256WithRSAEncryption 9a:d7:43:ae:d9:26:83:c8:63:54:55:90:76:f7:1f:11:f5:2d: dc:16:41:77:13:c2:5e:12:f0:2f:85:e7:d9:5c:a0:19:9b:c1: db:fc:a7:e9:63:44:40:3f:16:c1:b4:25:a4:9e:a2:d6:9f:e8: 01:18:c8:f9:58:1f:55:ca:34:1f:c1:f8:f1:73:fc:b2:72:fa: 88:d0:fc:88:bf:ba:a3:ae:2b:aa:99:19:c5:78:0d:36:e7:68: bd:a7:15:43:06:0d:03:30:44:e2:88:fe:f9:29:a5:8f:51:4d: 15:54:b1:bf:47:a9:eb:bb:af:b9:57:87:7e:50:db:26:9e:e8: f6:57:b1:db:7f:b2:1a:d6:79:76:04:85:9a:2d:98:2b:29:1f: 1a:96:8f:25:a4:1f:49:75:d9:c0:f9:c8:72:83:27:b3:5e:23: 16:26:18:8a:39:23:0e:46:70:2d:6a:f3:c4:12:97:cd:2a:29: 10:84:ff:65:e1:8f:96:ef:e7:a4:2e:d8:8e:8b:93:4e:a9:ea: 28:79:d4:e9:98:95:b2:d9:0b:d5:46:6a:22:6a:64:f0:bb:13: dd:bb:40:9e:e4:f2:fd:ab:dc:d9:7f:97:55:30:76:63:90:34: fc:93:5b:09:af:55:27:f2:f7:41:57:13:1d:18:70:0a:af:1d: 6d:1f:12:54 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICAL8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjI5MTdaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDdBQjc0QTREQjgxNzEz MjUxNDQ1MEZBODA2RUVDNjFBNkVCRTZDQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpUuYB+6JSGji89H/4CulnMwMdknc3u3ImagvTAUtj3JyLFqWU oxQsAlgKpYHL0ppUyl88DTNaH+WioVfeI/4z/qAUbFuyOpGRE9LzkixLz7nmkoU7 62lZkAuqx7PjFa/pO6aSK+lFU9QQyJd53bcdCjjRCCLYRn7EApLzzvsfZ8Lzy9ie 7Xjti45moxGPfLjLxIQFW/24ISVPIc3iVtMXMa18g7wzucUDCh3nNWwwBVUbhdM4 ZRVfzqbV8mX66Qu814TV+0QtTaQGGJT6VYZ1OBGfX3zNUeDUX6mAc3h2agG6uVHx y+B2KhDLIzYIEeUyscN8pPpy80m5Q0aE9zaLAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUerdKTbgXEyUURQ+oBu7GGm6+bLowHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvZXJkS1RiZ1hFeVVV UlEtb0J1N0dHbTYtYkxvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMLAADANBgkqhkiG9w0BAQsFAAOCAQEAmtdDrtkmg8hjVFWQdvcfEfUt 3BZBdxPCXhLwL4Xn2VygGZvB2/yn6WNEQD8WwbQlpJ6i1p/oARjI+VgfVco0H8H4 8XP8snL6iND8iL+6o64rqpkZxXgNNudovacVQwYNAzBE4oj++Smlj1FNFVSxv0ep 67uvuVeHflDbJp7o9lex23+yGtZ5dgSFmi2YKykfGpaPJaQfSXXZwPnIcoMns14j FiYYijkjDkZwLWrzxBKXzSopEIT/ZeGPlu/npC7YjouTTqnqKHnU6ZiVstkL1UZq Impk8LsT3btAnuTy/avc2X+XVTB2Y5A0/JNbCa9VJ/L3QVcTHRhwCq8dbR8SVA== -----END CERTIFICATE-----Generated at Sat Jun 21 13:54:41 2025 by rpki-client