$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/o2KG0ggSePel2dlTf_W3_LkMOig.roa File: o2KG0ggSePel2dlTf_W3_LkMOig.roa (raw, json) Hash identifier: spAFlpXFyuXsdtoUh4YCDrackHRi/iVEmWXEvDI+5Lc= Subject key identifier: A3:62:86:D2:08:12:78:F7:A5:D9:D9:53:7F:F5:B7:FC:B9:0C:3A:28 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: E7 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/o2KG0ggSePel2dlTf_W3_LkMOig.roa Signing time: Fri 06 Jun 2025 02:36:26 +0000 ROA not before: Fri 06 Jun 2025 02:36:26 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 9808 IP address blocks: 240a:40c3:e010::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 16:41:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 231 (0xe7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:36:26 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=A36286D2081278F7A5D9D9537FF5B7FCB90C3A28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:d2:ac:7a:9b:53:05:c0:e4:88:03:82:c5:90: 1e:78:dc:3a:26:ba:66:5a:b6:52:b9:a1:8f:f5:94: fa:c7:5b:5a:53:e7:84:8f:ea:a5:00:a5:9d:88:a1: 8a:a7:43:19:dd:54:3b:26:84:3f:1c:e4:42:41:9f: e3:aa:14:20:56:20:57:fd:53:80:5f:61:c0:bc:73: db:10:38:f0:ec:19:e4:2c:df:6c:ef:91:fa:7c:82: ce:12:26:13:a9:91:9c:55:61:61:35:da:c0:8b:c0: 99:0c:f1:1e:1e:90:72:a2:4f:c9:42:b2:74:5e:1e: 1f:db:bd:09:31:81:a9:fc:a3:23:71:b7:64:c3:08: 70:2c:72:f4:24:a6:f7:f9:64:34:4e:89:94:1c:33: 1c:cb:b0:c6:26:f7:8b:14:a6:e9:4a:c8:00:cb:b1: 20:ad:2c:e4:50:35:be:02:11:e3:ae:f0:11:f3:80: 32:8c:04:84:21:72:a5:22:a2:68:d0:f7:01:3e:47: 05:34:04:63:cf:1f:0b:40:70:66:9f:20:7b:71:60: 7c:cc:9d:d8:97:3a:d0:47:b5:29:19:1a:d4:62:55: a5:cf:7b:c9:96:55:3e:ac:23:f8:06:b9:f9:21:5d: 18:33:a6:8f:26:24:dd:cc:01:dc:ad:7b:41:50:b5: 64:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:62:86:D2:08:12:78:F7:A5:D9:D9:53:7F:F5:B7:FC:B9:0C:3A:28 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/o2KG0ggSePel2dlTf_W3_LkMOig.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c3:e010::/44 Signature Algorithm: sha256WithRSAEncryption 04:c1:72:77:db:86:af:c2:a4:57:b0:64:a0:96:97:0b:45:8a: 3c:78:42:e1:6e:f2:4f:cd:3a:e0:83:21:a3:22:8e:fb:3d:ab: a4:26:72:33:78:43:e9:9b:6b:f9:a2:1b:55:a9:f1:2c:d4:e3: c6:4e:35:d1:ff:de:0d:38:a3:02:d1:b8:32:aa:16:4b:8f:4c: fe:25:2e:54:27:ee:81:04:5b:55:da:8b:19:63:64:bd:4d:ac: af:71:64:80:13:cf:13:0b:60:50:ac:67:7d:11:cb:bd:bd:04: 0e:c9:b2:eb:e8:87:f6:bd:48:b4:01:9c:63:f8:e4:ca:61:e7: b7:67:fb:c2:cc:83:6d:73:0c:4b:2f:52:6d:8e:6c:a4:1f:83: e6:b5:20:25:ce:48:f9:8a:2a:af:0d:28:e7:2d:a3:0f:68:25: c7:50:f9:1f:1d:0b:23:7b:b0:87:dd:a9:8e:ef:4f:bd:b4:7e: 4a:ed:75:26:05:5a:14:0d:ef:9d:10:61:31:39:e8:61:c2:88: 88:b1:4e:dd:2b:30:0c:9b:28:d2:ed:e7:10:95:df:cf:48:16: a3:bc:d4:6f:ed:7c:56:fb:7e:86:a2:42:45:2a:2c:45:8d:89: 3c:14:42:0b:41:f3:05:3f:6c:bf:5e:ea:99:e0:4d:12:88:31: 64:26:f8:87 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICAOcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjM2MjZaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKEEzNjI4NkQyMDgxMjc4 RjdBNUQ5RDk1MzdGRjVCN0ZDQjkwQzNBMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/0qx6m1MFwOSIA4LFkB543DomumZatlK5oY/1lPrHW1pT54SP 6qUApZ2IoYqnQxndVDsmhD8c5EJBn+OqFCBWIFf9U4BfYcC8c9sQOPDsGeQs32zv kfp8gs4SJhOpkZxVYWE12sCLwJkM8R4ekHKiT8lCsnReHh/bvQkxgan8oyNxt2TD CHAscvQkpvf5ZDROiZQcMxzLsMYm94sUpulKyADLsSCtLORQNb4CEeOu8BHzgDKM BIQhcqUiomjQ9wE+RwU0BGPPHwtAcGafIHtxYHzMndiXOtBHtSkZGtRiVaXPe8mW VT6sI/gGufkhXRgzpo8mJN3MAdyte0FQtWS5AgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUo2KG0ggSePel2dlTf/W3/LkMOigwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvbzJLRzBnZ1NlUGVs MmRsVGZfVzNfTGtNT2lnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMPgEDANBgkqhkiG9w0BAQsFAAOCAQEABMFyd9uGr8KkV7BkoJaXC0WK PHhC4W7yT8064IMhoyKO+z2rpCZyM3hD6Ztr+aIbVanxLNTjxk410f/eDTijAtG4 MqoWS49M/iUuVCfugQRbVdqLGWNkvU2sr3FkgBPPEwtgUKxnfRHLvb0EDsmy6+iH 9r1ItAGcY/jkymHnt2f7wsyDbXMMSy9SbY5spB+D5rUgJc5I+Yoqrw0o5y2jD2gl x1D5Hx0LI3uwh92pju9PvbR+Su11JgVaFA3vnRBhMTnoYcKIiLFO3SswDJso0u3n EJXfz0gWo7zUb+18Vvt+hqJCRSosRY2JPBRCC0HzBT9sv17qmeBNEogxZCb4hw== -----END CERTIFICATE-----Generated at Fri Jun 20 16:39:03 2025 by rpki-client