$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/io2o6QObfY7vDE5HWBoGLnVh9_M.roa File: io2o6QObfY7vDE5HWBoGLnVh9_M.roa (raw, json) Hash identifier: 7JC9mDghS2EnEri+f7RNYG9WnclDPmtAjRCOSBTXpsY= Subject key identifier: 8A:8D:A8:E9:03:9B:7D:8E:EF:0C:4E:47:58:1A:06:2E:75:61:F7:F3 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: D7 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/io2o6QObfY7vDE5HWBoGLnVh9_M.roa Signing time: Fri 06 Jun 2025 02:34:34 +0000 ROA not before: Fri 06 Jun 2025 02:34:34 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 9808 IP address blocks: 240a:40c2:8000::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 19:21:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 215 (0xd7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:34:34 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=8A8DA8E9039B7D8EEF0C4E47581A062E7561F7F3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:83:c1:f4:1b:91:52:cc:f9:32:4c:38:90:ae: e9:ad:40:82:fa:34:9a:ed:1c:d1:3e:d5:54:bb:1c: f0:6b:7c:61:8c:69:98:d9:30:7f:5b:ea:9a:d1:b8: c1:52:b9:66:6c:d4:84:c8:20:e9:b1:5e:e4:74:10: 54:25:e1:10:be:0a:63:ff:dd:53:4c:88:4a:87:d3: 51:5a:ad:5d:81:0c:0c:c1:5e:7a:7e:ff:50:3b:55: 84:4d:32:a0:f4:df:00:d5:7e:74:26:b0:28:e5:1b: b7:f6:0b:d7:04:76:3c:73:a2:b4:74:9e:f5:83:4b: 41:81:29:7f:19:0f:de:5a:cb:1f:b2:2d:75:fb:dc: 76:cd:1c:27:5a:57:02:88:6d:33:75:6c:93:69:84: 31:7f:4d:6b:3a:50:79:28:20:81:dd:2e:60:5a:f3: 61:ff:89:9a:cb:45:d1:71:44:21:69:04:99:19:2b: 45:db:88:51:bf:e2:f7:7d:63:3e:54:66:0c:7a:16: f6:03:49:83:bc:7f:b6:c7:86:ba:db:de:9d:28:99: 72:f0:13:de:87:03:95:78:17:82:1d:ba:df:a1:2c: 28:1b:6a:3a:1e:ae:da:c1:39:88:00:78:b5:32:bc: 3a:4b:8e:7e:64:1d:1b:c0:10:2e:7d:33:c7:22:8d: 07:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:8D:A8:E9:03:9B:7D:8E:EF:0C:4E:47:58:1A:06:2E:75:61:F7:F3 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/io2o6QObfY7vDE5HWBoGLnVh9_M.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c2:8000::/44 Signature Algorithm: sha256WithRSAEncryption 18:82:4c:6c:98:4b:17:ca:2d:6e:0a:5b:95:28:7e:ca:79:46: c7:7a:00:04:90:c7:d8:3b:5e:1d:78:1b:c8:ce:f4:83:bf:fc: 2c:34:34:ce:cd:9f:02:46:d7:ba:e1:a1:22:d3:27:d2:84:2d: 48:0f:4e:3f:f3:84:8e:7e:f7:9b:f0:37:50:15:6c:45:ef:dd: 82:4b:23:e1:ad:dd:32:d6:67:7b:07:44:50:e9:73:ae:5c:fa: 98:4b:84:3e:2e:ad:c1:17:1c:7e:44:37:56:61:4c:8e:1b:24: b3:b8:b2:da:e3:e0:d6:b9:57:ab:37:6a:5a:67:ef:a5:47:df: af:a8:a2:6f:f9:07:03:db:56:7a:4d:41:33:4c:fc:c5:7e:10: b1:b6:32:a3:72:02:70:6e:ff:1d:8b:65:5f:2f:b8:a2:66:24: f1:7a:8f:4f:1f:6b:a8:b0:9a:6d:97:2b:0f:3e:06:21:26:14: 6f:95:e4:d0:9a:6d:d3:fc:f0:2b:73:c6:c1:27:0f:3c:42:30: 83:d8:e6:c1:e8:80:cb:8e:94:11:4b:eb:10:39:e9:bc:bb:1f: 4f:d7:ab:c6:5c:e2:8c:c6:54:f1:cb:88:4b:72:d7:95:8a:d2: 25:19:4d:f6:8a:85:5d:79:82:6c:5d:54:9c:e5:fa:37:22:a5: 5b:35:05:0b -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICANcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjM0MzRaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDhBOERBOEU5MDM5QjdE OEVFRjBDNEU0NzU4MUEwNjJFNzU2MUY3RjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCog8H0G5FSzPkyTDiQrumtQIL6NJrtHNE+1VS7HPBrfGGMaZjZ MH9b6prRuMFSuWZs1ITIIOmxXuR0EFQl4RC+CmP/3VNMiEqH01FarV2BDAzBXnp+ /1A7VYRNMqD03wDVfnQmsCjlG7f2C9cEdjxzorR0nvWDS0GBKX8ZD95ayx+yLXX7 3HbNHCdaVwKIbTN1bJNphDF/TWs6UHkoIIHdLmBa82H/iZrLRdFxRCFpBJkZK0Xb iFG/4vd9Yz5UZgx6FvYDSYO8f7bHhrrb3p0omXLwE96HA5V4F4Idut+hLCgbajoe rtrBOYgAeLUyvDpLjn5kHRvAEC59M8cijQflAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUio2o6QObfY7vDE5HWBoGLnVh9/MwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvaW8ybzZRT2JmWTd2 REU1SFdCb0dMblZoOV9NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMKAADANBgkqhkiG9w0BAQsFAAOCAQEAGIJMbJhLF8otbgpblSh+ynlG x3oABJDH2DteHXgbyM70g7/8LDQ0zs2fAkbXuuGhItMn0oQtSA9OP/OEjn73m/A3 UBVsRe/dgksj4a3dMtZnewdEUOlzrlz6mEuEPi6twRccfkQ3VmFMjhsks7iy2uPg 1rlXqzdqWmfvpUffr6iib/kHA9tWek1BM0z8xX4QsbYyo3ICcG7/HYtlXy+4omYk 8XqPTx9rqLCabZcrDz4GISYUb5Xk0Jpt0/zwK3PGwScPPEIwg9jmweiAy46UEUvr EDnpvLsfT9erxlzijMZU8cuIS3LXlYrSJRlN9oqFXXmCbF1UnOX6NyKlWzUFCw== -----END CERTIFICATE-----Generated at Thu Jun 19 18:54:22 2025 by rpki-client