$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/nhPDWY-0b7yR0M4FRCHlz8Hxato.roa File: nhPDWY-0b7yR0M4FRCHlz8Hxato.roa (raw, json) Hash identifier: oY1WT7ERviDZuRG786YqunpYTEynmc09xU7/alPHE5E= Subject key identifier: 9E:13:C3:59:8F:B4:6F:BC:91:D0:CE:05:44:21:E5:CF:C1:F1:6A:DA Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: E0 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/nhPDWY-0b7yR0M4FRCHlz8Hxato.roa Signing time: Fri 06 Jun 2025 02:36:24 +0000 ROA not before: Fri 06 Jun 2025 02:36:24 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 9808 IP address blocks: 240a:40c3:c000::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 05:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 224 (0xe0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:36:24 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=9E13C3598FB46FBC91D0CE054421E5CFC1F16ADA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:81:45:22:37:5a:a8:6f:63:f6:ad:60:00:be: f3:19:1d:c4:83:3e:0c:c6:fb:ec:8b:64:22:30:8d: 4a:2d:4a:6b:85:82:7b:08:c2:29:5a:64:b8:c0:a6: 35:a2:ca:5e:0e:e1:cf:f5:c6:e7:17:ff:d0:99:a6: f6:00:48:9e:6f:5d:86:c0:c7:f6:3c:74:fe:76:e1: 3f:88:ca:58:33:4f:78:4e:f9:e2:01:d4:2e:ac:89: fd:72:e1:37:49:b5:33:ba:d9:ff:ee:37:f2:ec:fb: 51:e2:7b:7e:13:93:dc:33:5f:82:58:7d:56:d7:49: 43:22:13:11:7c:cc:29:c4:88:f1:2a:07:ec:d1:2b: 65:66:f4:aa:28:b9:a5:5f:69:93:db:a6:ec:84:08: 98:44:6f:f2:7f:16:6e:23:fe:d8:c4:61:42:cb:17: 8b:40:ec:4a:ce:60:45:ac:d7:2d:0c:c2:18:b8:69: 90:96:f4:07:4a:4f:d2:ec:12:4b:11:63:d1:26:56: cb:18:73:ed:04:1a:ea:ab:f8:81:4a:b9:9e:ec:79: 08:bf:35:05:45:81:ea:d7:15:e3:ac:43:d3:4b:e2: 37:50:73:4b:f6:7f:9a:93:a3:46:d8:8a:ce:db:f4: 4f:ad:b0:2b:12:df:9d:fc:6a:1d:8d:61:13:a7:3f: 16:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:13:C3:59:8F:B4:6F:BC:91:D0:CE:05:44:21:E5:CF:C1:F1:6A:DA X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/nhPDWY-0b7yR0M4FRCHlz8Hxato.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c3:c000::/44 Signature Algorithm: sha256WithRSAEncryption 90:74:c0:6c:22:93:95:81:83:d0:d8:49:f4:e5:27:f8:2a:bb: e0:46:92:06:7e:67:8b:13:8d:7e:d9:19:58:8d:15:93:d2:f3: 58:4b:c4:ad:47:b9:41:18:9a:68:52:b5:e4:ec:96:6a:15:47: 5e:f0:a0:f5:a1:20:2f:b7:1b:75:3d:61:bd:d0:36:73:fb:72: 53:67:c6:41:2a:cd:65:7e:69:b7:1b:cf:eb:19:4e:6b:f2:60: ef:80:7f:a0:e6:2a:14:62:20:09:2c:3e:56:73:c1:fd:57:fe: 06:14:a3:18:c2:9c:b7:43:12:89:e3:0b:0e:bb:9b:a1:e1:11: e3:58:d8:3c:11:7f:2b:65:7b:1e:94:82:e8:66:ee:75:01:f5: 75:f0:89:a3:91:24:ed:ec:f7:b1:c5:f2:37:60:51:f8:4f:b9: 0e:20:d9:2c:95:31:c3:8f:f9:48:c1:ee:b9:a7:d0:35:1e:ac: 29:d0:f9:e8:9f:16:da:ba:48:1b:ef:62:f6:3e:47:db:50:80: d5:36:ea:40:ba:c2:b7:cf:97:32:55:28:64:5c:a3:01:60:43: 33:93:c5:47:c1:49:50:74:97:bd:ba:b9:c7:10:0e:75:0a:d1: a4:65:a9:44:a5:37:2d:1a:0a:0f:84:2c:46:45:59:3b:89:5e: 44:cf:c5:60 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICAOAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjM2MjRaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDlFMTNDMzU5OEZCNDZG QkM5MUQwQ0UwNTQ0MjFFNUNGQzFGMTZBREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDngUUiN1qob2P2rWAAvvMZHcSDPgzG++yLZCIwjUotSmuFgnsI wilaZLjApjWiyl4O4c/1xucX/9CZpvYASJ5vXYbAx/Y8dP524T+IylgzT3hO+eIB 1C6sif1y4TdJtTO62f/uN/Ls+1Hie34Tk9wzX4JYfVbXSUMiExF8zCnEiPEqB+zR K2Vm9KoouaVfaZPbpuyECJhEb/J/Fm4j/tjEYULLF4tA7ErOYEWs1y0Mwhi4aZCW 9AdKT9LsEksRY9EmVssYc+0EGuqr+IFKuZ7seQi/NQVFgerXFeOsQ9NL4jdQc0v2 f5qTo0bYis7b9E+tsCsS3538ah2NYROnPxaPAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUnhPDWY+0b7yR0M4FRCHlz8HxatowHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvbmhQRFdZLTBiN3lS ME00RlJDSGx6OEh4YXRvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMPAADANBgkqhkiG9w0BAQsFAAOCAQEAkHTAbCKTlYGD0NhJ9OUn+Cq7 4EaSBn5nixONftkZWI0Vk9LzWEvErUe5QRiaaFK15OyWahVHXvCg9aEgL7cbdT1h vdA2c/tyU2fGQSrNZX5ptxvP6xlOa/Jg74B/oOYqFGIgCSw+VnPB/Vf+BhSjGMKc t0MSieMLDruboeER41jYPBF/K2V7HpSC6GbudQH1dfCJo5Ek7ez3scXyN2BR+E+5 DiDZLJUxw4/5SMHuuafQNR6sKdD56J8W2rpIG+9i9j5H21CA1TbqQLrCt8+XMlUo ZFyjAWBDM5PFR8FJUHSXvbq5xxAOdQrRpGWpRKU3LRoKD4QsRkVZO4leRM/FYA== -----END CERTIFICATE-----Generated at Sat Jun 21 03:57:46 2025 by rpki-client