$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/jTfZ3BJTe8EhMVXblY1KEvDjqZI.roa File: jTfZ3BJTe8EhMVXblY1KEvDjqZI.roa (raw, json) Hash identifier: gcZVIEUkdIlPu9tvK6OCP2bXyR7DJ+A23GvqErly3TI= Subject key identifier: 8D:37:D9:DC:12:53:7B:C1:21:31:55:DB:95:8D:4A:12:F0:E3:A9:92 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: DD Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/jTfZ3BJTe8EhMVXblY1KEvDjqZI.roa Signing time: Fri 06 Jun 2025 02:36:23 +0000 ROA not before: Fri 06 Jun 2025 02:36:23 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 9808 IP address blocks: 240a:40c3:4010::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 07:16:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 221 (0xdd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:36:23 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=8D37D9DC12537BC1213155DB958D4A12F0E3A992 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:b7:99:5e:ef:2f:e1:16:59:3e:e0:73:75:9c: b0:7b:1e:7e:d6:0b:1e:d8:53:af:b9:14:6d:aa:31: 60:75:16:3d:73:a6:82:52:3f:3b:e9:5f:7f:12:14: 2b:93:cb:ff:fd:c9:7d:97:63:6e:c4:ed:5f:5f:59: 52:85:a5:06:d0:71:94:7b:49:04:97:c9:2d:38:84: 93:40:15:1a:75:13:8b:60:fd:65:07:f2:36:97:56: 0d:e3:29:51:71:65:33:e1:fc:57:6a:1f:0d:6f:2e: 13:4a:b4:67:83:26:c5:be:f6:15:fa:dc:f8:c7:05: 12:9b:11:5e:9d:06:96:2f:f6:ba:1d:de:46:1d:b5: ce:36:c8:11:09:28:02:da:df:6b:09:4f:b1:7c:f0: c6:98:7b:d3:df:cd:8c:72:48:ea:31:8b:36:82:19: f2:b6:c5:0e:bf:60:ef:01:33:a7:dc:cf:6e:19:4d: 9a:18:7f:30:15:bd:9c:fd:21:79:4c:52:ac:3f:2e: 0e:c9:ce:f2:ad:2a:a9:02:cf:c5:a7:b7:79:8d:d2: be:34:72:2b:ec:2f:74:3e:9c:22:77:3f:b6:d7:50: 72:fe:41:81:87:55:83:cf:d6:dc:52:83:11:6f:3f: fe:91:ec:27:23:43:24:79:08:17:d5:bb:9a:f1:7f: a3:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:37:D9:DC:12:53:7B:C1:21:31:55:DB:95:8D:4A:12:F0:E3:A9:92 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/jTfZ3BJTe8EhMVXblY1KEvDjqZI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c3:4010::/44 Signature Algorithm: sha256WithRSAEncryption 79:38:3a:ba:b2:57:05:79:ee:b2:45:d5:64:21:36:00:c7:12: 9d:b6:62:bc:38:6b:64:83:96:cf:08:5a:af:df:74:64:19:f8: 09:62:44:b0:80:41:06:9d:6a:fd:37:36:88:7e:01:2c:95:e4: 5f:6e:b4:c9:d9:c0:a7:e2:9e:e5:4e:d6:4d:4e:cd:e7:7f:58: a6:1f:cc:13:62:2f:05:af:04:94:e5:50:60:ad:44:30:ec:51: 3d:27:0e:bc:eb:af:d1:5d:a0:92:e9:e1:b4:e8:35:1f:e2:2a: 62:38:16:7d:d2:df:c6:55:22:33:1c:c3:68:da:0c:c1:f6:7a: 47:81:50:eb:af:d4:e2:bf:96:4b:24:07:b5:46:5a:14:78:36: 9d:e9:cd:ff:e7:89:f0:90:a1:81:18:87:96:ad:00:a4:dd:92: 7a:cc:94:0b:37:31:be:ec:8e:0d:d8:cc:98:d0:9f:5d:23:d0: ae:e2:52:d0:3f:f0:8d:99:23:d7:ed:39:ed:15:71:5e:fa:b1: 2e:51:27:34:39:b3:1f:ef:2d:92:2a:71:c3:ca:64:c6:d3:a5: 15:e3:ee:0c:eb:c5:2e:d5:13:0c:e7:a0:94:9c:0c:99:06:5e: 71:f0:c2:e3:52:eb:dc:c0:b6:82:27:97:1f:f6:c1:04:1f:62: a2:93:22:ce -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICAN0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjM2MjNaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDhEMzdEOURDMTI1MzdC QzEyMTMxNTVEQjk1OEQ0QTEyRjBFM0E5OTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQClt5le7y/hFlk+4HN1nLB7Hn7WCx7YU6+5FG2qMWB1Fj1zpoJS PzvpX38SFCuTy//9yX2XY27E7V9fWVKFpQbQcZR7SQSXyS04hJNAFRp1E4tg/WUH 8jaXVg3jKVFxZTPh/FdqHw1vLhNKtGeDJsW+9hX63PjHBRKbEV6dBpYv9rod3kYd tc42yBEJKALa32sJT7F88MaYe9PfzYxySOoxizaCGfK2xQ6/YO8BM6fcz24ZTZoY fzAVvZz9IXlMUqw/Lg7JzvKtKqkCz8Wnt3mN0r40civsL3Q+nCJ3P7bXUHL+QYGH VYPP1txSgxFvP/6R7CcjQyR5CBfVu5rxf6MjAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUjTfZ3BJTe8EhMVXblY1KEvDjqZIwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvalRmWjNCSlRlOEVo TVZYYmxZMUtFdkRqcVpJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMNAEDANBgkqhkiG9w0BAQsFAAOCAQEAeTg6urJXBXnuskXVZCE2AMcS nbZivDhrZIOWzwhar990ZBn4CWJEsIBBBp1q/Tc2iH4BLJXkX260ydnAp+Ke5U7W TU7N539Yph/ME2IvBa8ElOVQYK1EMOxRPScOvOuv0V2gkunhtOg1H+IqYjgWfdLf xlUiMxzDaNoMwfZ6R4FQ66/U4r+WSyQHtUZaFHg2nenN/+eJ8JChgRiHlq0ApN2S esyUCzcxvuyODdjMmNCfXSPQruJS0D/wjZkj1+057RVxXvqxLlEnNDmzH+8tkipx w8pkxtOlFePuDOvFLtUTDOeglJwMmQZecfDC41Lr3MC2gieXH/bBBB9iopMizg== -----END CERTIFICATE-----Generated at Fri Jun 20 06:11:09 2025 by rpki-client