$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/pCSKpKVCdNEiExPXsfUPAdwJB1k.roa File: pCSKpKVCdNEiExPXsfUPAdwJB1k.roa (raw, json) Hash identifier: wSPGCOHT94OaYTXSY/BiI2mXaV+97H/QlwZaC4BOr/k= Subject key identifier: A4:24:8A:A4:A5:42:74:D1:22:13:13:D7:B1:F5:0F:01:DC:09:07:59 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: 21 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/pCSKpKVCdNEiExPXsfUPAdwJB1k.roa Signing time: Tue 27 May 2025 08:19:35 +0000 ROA not before: Tue 27 May 2025 08:19:35 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 56040 IP address blocks: 240a:4090:7200::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 11:10:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: May 27 08:19:35 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=A4248AA4A54274D1221313D7B1F50F01DC090759 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:10:f0:c3:80:cf:1d:84:18:2c:9b:25:5f:2c: 2f:d5:8b:ae:26:99:47:fe:5c:b9:8d:14:7c:69:2f: 5e:73:ff:78:e6:b8:b8:23:de:32:79:28:9d:b7:ae: 8b:57:25:9e:a1:9c:73:92:e8:f1:21:df:8c:ab:c3: 93:93:89:cc:ae:63:3d:a7:6a:a1:ec:4e:97:49:e6: 3e:3e:22:02:1e:ac:4e:00:d7:42:68:21:92:a5:f1: ab:46:cd:84:21:7f:dd:5c:2c:6a:49:11:a0:91:78: 9a:8c:db:06:64:62:f0:b0:47:6e:2f:99:36:d5:59: 87:84:ea:63:65:ac:f9:56:9e:24:6d:b0:2f:d3:39: 9e:f8:9f:c3:f0:1b:9c:89:c1:61:3f:74:81:d5:f2: 75:cd:49:13:28:8e:3d:cc:ca:04:0a:83:cb:d7:23: 9e:6b:cd:01:a5:f3:a5:4a:7b:17:cc:98:8f:a3:58: 9a:bb:e4:b7:33:4b:ac:93:62:ee:fb:98:3e:4e:8a: c0:1d:76:45:8f:45:56:d7:15:bf:95:fe:97:92:94: f7:62:9b:c6:bb:48:f9:4f:16:8b:58:d1:95:e2:43: 92:e1:ec:f1:1d:79:16:18:16:b7:e7:88:3e:73:b3: 99:95:ec:0e:35:8a:1d:fc:96:29:6d:76:8c:d7:43: ad:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:24:8A:A4:A5:42:74:D1:22:13:13:D7:B1:F5:0F:01:DC:09:07:59 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/pCSKpKVCdNEiExPXsfUPAdwJB1k.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:4090:7200::/40 Signature Algorithm: sha256WithRSAEncryption 62:7b:ec:0d:15:0b:df:7a:d5:2c:78:79:0c:bc:2d:01:50:5f: da:ed:3c:e1:da:6d:fd:75:3b:60:73:77:08:7a:b2:b8:95:41: e3:98:ad:c4:00:d2:30:0b:02:f1:3a:7b:5e:32:5e:98:68:a7: b4:85:b1:5f:95:b0:ce:b1:da:5d:38:76:c6:26:a4:ac:79:29: 42:21:81:79:d6:43:20:ec:88:9d:9c:1a:38:ed:aa:33:8c:2d: eb:d5:99:8a:27:12:a5:b7:ea:fd:e1:c4:01:d2:72:9f:fa:70: d2:8f:c4:71:2e:27:41:db:d1:cc:1d:a7:37:e4:28:2c:3f:94: 8e:c7:2c:f7:dd:ea:4a:15:1b:fb:06:45:b3:57:ce:e7:33:de: 6c:b6:ec:36:2e:70:98:be:ed:d5:78:8b:55:53:a3:e5:4e:7d: e9:7f:2a:3b:34:12:96:da:ad:64:a8:5b:bf:7e:ab:d8:dd:d1: 4b:24:88:d0:11:7d:5d:74:1f:b9:b3:aa:6a:07:3e:d2:fa:9c: 4f:40:0a:8a:7e:f1:59:a1:a1:85:0c:02:a8:d6:36:3b:a7:b4: fc:d7:e4:5c:38:a1:b2:44:e0:4e:fc:f8:e2:7f:d7:33:27:56: ba:4a:bb:af:c3:a3:13:19:a8:91:d5:4f:56:d8:3a:a3:7e:7a: cb:cc:ab:1b -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgIBITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4 MTkzNVoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoQTQyNDhBQTRBNTQyNzRE MTIyMTMxM0Q3QjFGNTBGMDFEQzA5MDc1OTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAK0Q8MOAzx2EGCybJV8sL9WLriaZR/5cuY0UfGkvXnP/eOa4uCPe Mnkonbeui1clnqGcc5Lo8SHfjKvDk5OJzK5jPadqoexOl0nmPj4iAh6sTgDXQmgh kqXxq0bNhCF/3VwsakkRoJF4mozbBmRi8LBHbi+ZNtVZh4TqY2Ws+VaeJG2wL9M5 nvifw/AbnInBYT90gdXydc1JEyiOPczKBAqDy9cjnmvNAaXzpUp7F8yYj6NYmrvk tzNLrJNi7vuYPk6KwB12RY9FVtcVv5X+l5KU92KbxrtI+U8Wi1jRleJDkuHs8R15 FhgWt+eIPnOzmZXsDjWKHfyWKW12jNdDrRECAwEAAaOCAfUwggHxMB0GA1UdDgQW BBSkJIqkpUJ00SITE9ex9Q8B3AkHWTAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi9wQ1NLcEtWQ2RORWlF eFBYc2ZVUEFkd0pCMWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAI AwYAJApAkHIwDQYJKoZIhvcNAQELBQADggEBAGJ77A0VC9961Sx4eQy8LQFQX9rt POHabf11O2Bzdwh6sriVQeOYrcQA0jALAvE6e14yXphop7SFsV+VsM6x2l04dsYm pKx5KUIhgXnWQyDsiJ2cGjjtqjOMLevVmYonEqW36v3hxAHScp/6cNKPxHEuJ0Hb 0cwdpzfkKCw/lI7HLPfd6koVG/sGRbNXzucz3my27DYucJi+7dV4i1VTo+VOfel/ Kjs0EpbarWSoW79+q9jd0UskiNARfV10H7mzqmoHPtL6nE9ACop+8VmhoYUMAqjW NjuntPzX5Fw4obJE4E78+OJ/1zMnVrpKu6/DoxMZqJHVT1bYOqN+esvMqxs= -----END CERTIFICATE-----Generated at Thu Jun 19 10:14:28 2025 by rpki-client