$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/l3XRoyt24O17M4XO6IhFN5TUaGA.roa File: l3XRoyt24O17M4XO6IhFN5TUaGA.roa (raw, json) Hash identifier: 7R7GjlcsRNRkrh4fMp8v7a4PVK3I/JtHBS9d7ZFSoN8= Subject key identifier: 97:75:D1:A3:2B:76:E0:ED:7B:33:85:CE:E8:88:45:37:94:D4:68:60 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: 10 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/l3XRoyt24O17M4XO6IhFN5TUaGA.roa Signing time: Tue 27 May 2025 08:11:29 +0000 ROA not before: Tue 27 May 2025 08:11:29 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 56048 IP address blocks: 240a:4090:50::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 17:11:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16 (0x10) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: May 27 08:11:29 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=9775D1A32B76E0ED7B3385CEE888453794D46860 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:44:a9:b6:36:20:2a:0d:d7:2f:9a:96:12:d9: f2:16:98:76:a1:48:61:c3:ac:75:16:9c:9d:ef:2f: 80:85:ad:02:53:e9:4b:1d:7e:fe:eb:a3:15:a7:88: 45:8d:18:9a:f3:61:7e:25:d1:84:a6:fd:45:49:92: 02:e1:dd:34:76:ff:fe:2e:f0:e5:59:02:8a:da:21: 01:3f:31:f6:75:27:c9:91:d0:47:78:73:85:88:0d: 7e:d5:96:05:13:c5:a9:9e:1f:a4:d7:28:6a:d8:98: c0:08:44:de:9e:8b:a5:93:5f:5e:b3:71:4b:02:32: f6:17:07:06:79:ca:d6:71:4a:73:e9:a0:15:c1:54: 8b:96:27:e3:8b:e7:63:81:12:68:ad:08:f4:59:b2: 26:db:d4:27:4d:61:57:0c:7d:d8:74:d3:f2:04:bb: ef:f8:5f:31:fd:f3:49:4d:00:6a:24:f7:9e:61:68: e7:bc:b8:ba:91:6c:be:46:d3:05:4f:ba:7a:0c:a3: 00:be:c6:86:e1:8b:b1:d8:aa:7b:c2:de:ba:00:65: cd:ec:ca:63:9f:ea:d3:30:e8:7a:a5:67:39:f8:4b: 5c:96:65:9c:82:f1:e8:29:1b:d8:9b:bf:17:0c:68: d3:3c:1b:fb:b2:0d:58:2b:d3:6d:7b:83:6c:04:4f: 0c:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:75:D1:A3:2B:76:E0:ED:7B:33:85:CE:E8:88:45:37:94:D4:68:60 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/l3XRoyt24O17M4XO6IhFN5TUaGA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:4090:50::/48 Signature Algorithm: sha256WithRSAEncryption 3b:aa:0f:d9:0a:3f:40:ef:c4:4b:2c:7d:df:74:c6:3d:2c:d7: f3:06:41:c5:47:cd:51:11:de:60:61:23:57:ca:04:ff:95:b5: 94:e3:e4:be:fc:7a:57:45:fe:12:c8:c2:15:2b:f8:68:33:b3: e2:ac:5f:55:da:eb:ed:9d:97:a8:32:9e:5b:d6:65:73:6b:d4: 39:ff:26:20:44:87:05:d8:c9:58:0b:29:27:f7:e3:41:4e:9e: 8f:db:a8:c4:e4:04:1d:b3:1d:25:6b:84:ca:14:e4:b7:22:75: ef:17:b9:09:2d:eb:1b:b3:4f:b2:8f:70:45:8e:83:5e:a2:ab: 99:a5:bb:f3:8e:7f:82:c2:27:5a:f0:90:60:cd:55:fd:cb:67: e8:2a:da:dd:11:47:c2:0e:dd:6d:01:09:96:9d:03:40:f5:59: ba:35:7b:67:60:ce:27:eb:9c:ae:f3:f7:b1:e4:c8:04:cb:22: 67:55:e4:15:87:48:50:58:f0:91:6a:f3:4d:f5:44:f5:f0:f9: 52:7b:39:1c:05:c3:c7:83:3e:30:8d:84:43:a3:4b:65:26:86: 47:f6:b3:db:e3:0f:4f:71:f8:a5:3b:b4:ab:e7:c5:81:29:b3: 8a:a3:70:29:ed:44:1d:15:2b:90:12:6c:56:78:49:d2:b2:38: 7a:0e:2b:5f -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIBEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4 MTEyOVoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoOTc3NUQxQTMyQjc2RTBF RDdCMzM4NUNFRTg4ODQ1Mzc5NEQ0Njg2MDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMREqbY2ICoN1y+alhLZ8haYdqFIYcOsdRacne8vgIWtAlPpSx1+ /uujFaeIRY0YmvNhfiXRhKb9RUmSAuHdNHb//i7w5VkCitohAT8x9nUnyZHQR3hz hYgNftWWBRPFqZ4fpNcoatiYwAhE3p6LpZNfXrNxSwIy9hcHBnnK1nFKc+mgFcFU i5Yn44vnY4ESaK0I9FmyJtvUJ01hVwx92HTT8gS77/hfMf3zSU0AaiT3nmFo57y4 upFsvkbTBU+6egyjAL7GhuGLsdiqe8LeugBlzezKY5/q0zDoeqVnOfhLXJZlnILx 6Ckb2Ju/Fwxo0zwb+7INWCvTbXuDbARPDK8CAwEAAaOCAfYwggHyMB0GA1UdDgQW BBSXddGjK3bg7Xszhc7oiEU3lNRoYDAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi9sM1hSb3l0MjRPMTdN NFhPNkloRk41VFVhR0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAJApAkABQMA0GCSqGSIb3DQEBCwUAA4IBAQA7qg/ZCj9A78RLLH3fdMY9LNfz BkHFR81REd5gYSNXygT/lbWU4+S+/HpXRf4SyMIVK/hoM7PirF9V2uvtnZeoMp5b 1mVza9Q5/yYgRIcF2MlYCykn9+NBTp6P26jE5AQdsx0la4TKFOS3InXvF7kJLesb s0+yj3BFjoNeoquZpbvzjn+Cwida8JBgzVX9y2foKtrdEUfCDt1tAQmWnQNA9Vm6 NXtnYM4n65yu8/ex5MgEyyJnVeQVh0hQWPCRavNN9UT18PlSezkcBcPHgz4wjYRD o0tlJoZH9rPb4w9PcfilO7Sr58WBKbOKo3Ap7UQdFSuQEmxWeEnSsjh6Ditf -----END CERTIFICATE-----Generated at Sat Jun 21 16:56:24 2025 by rpki-client