$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/z9MRadxHSuhOy0JejndiJmQIwrM.roa File: z9MRadxHSuhOy0JejndiJmQIwrM.roa (raw, json) Hash identifier: VZ/9I+p6mFjdTi/e+VzLtAl5PM9egkEmy4qtDE/ALsQ= Subject key identifier: CF:D3:11:69:DC:47:4A:E8:4E:CB:42:5E:8E:77:62:26:64:08:C2:B3 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: 41 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/z9MRadxHSuhOy0JejndiJmQIwrM.roa Signing time: Tue 27 May 2025 08:25:31 +0000 ROA not before: Tue 27 May 2025 08:25:31 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 9808 IP address blocks: 240a:42e4::/31 maxlen: 31 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 07:11:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65 (0x41) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: May 27 08:25:31 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=CFD31169DC474AE84ECB425E8E7762266408C2B3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:d5:5e:13:6d:3e:6f:ce:0d:c4:6d:66:9b:e0: 68:58:c4:a6:e5:f4:33:91:19:db:f3:53:08:fc:c7: b3:1e:ee:7a:60:fe:53:d7:47:fc:40:a2:d5:b9:cc: 1a:57:f7:53:7f:f2:9f:c2:2b:5a:2c:7e:e7:c2:8c: b3:32:d6:10:f1:ec:2b:88:6a:03:74:f7:27:d2:85: 28:72:e7:44:92:af:5a:42:f5:7b:95:be:4b:69:2d: 06:0d:9a:77:69:43:fe:9f:16:b9:05:82:55:04:6f: d5:76:d3:c7:e4:ff:17:ad:dc:aa:d1:22:4e:43:8b: fc:81:27:09:e3:5b:da:ed:f9:aa:be:ac:05:81:c9: 11:9e:fc:17:d0:98:03:a9:7b:e1:37:d6:a5:24:82: fd:62:47:20:42:cb:7a:d8:a1:5d:e3:24:65:b7:89: bc:56:13:5f:71:ad:31:f3:67:b1:41:13:51:29:69: 1b:2c:6f:03:90:f3:51:92:92:83:67:22:ec:4a:35: fd:2f:1a:73:06:cc:28:81:41:92:aa:1a:70:9c:79: a9:0d:1b:ec:54:5f:28:61:5e:17:32:37:79:67:f4: d7:3e:70:31:26:be:04:ad:f2:67:5a:81:a3:79:44: 97:1b:af:18:19:57:7e:7a:37:69:dd:d8:cd:5d:0a: f2:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:D3:11:69:DC:47:4A:E8:4E:CB:42:5E:8E:77:62:26:64:08:C2:B3 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/z9MRadxHSuhOy0JejndiJmQIwrM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:42e4::/31 Signature Algorithm: sha256WithRSAEncryption 81:56:78:aa:0b:7b:d8:5f:fb:e9:93:b1:c7:6b:92:9c:ac:24: d9:39:8b:15:53:26:3a:01:c2:df:01:38:6b:ea:8c:5a:da:5d: ed:b7:64:ae:bc:5c:21:47:f4:de:f4:bb:b5:b0:c9:bb:fc:25: 21:96:9e:f6:ae:cc:94:bb:a1:ed:24:39:be:63:41:1c:4f:a6: 9f:a8:29:41:25:38:e5:ad:c7:6c:fb:69:19:1d:3d:35:80:1d: bf:be:eb:e4:87:29:9c:6d:f7:b5:98:0e:81:c0:e9:da:86:e4: 06:cd:00:7e:cb:b7:ee:dd:9a:d5:a0:a3:3a:10:67:51:1c:56: 93:37:7d:84:55:79:05:11:79:a8:97:5e:62:88:19:e0:9a:30: bb:ef:c8:b6:0b:c4:a7:64:b9:45:48:99:92:0e:67:f8:07:72: 4b:ba:f2:ba:44:12:33:90:14:65:f4:26:26:ae:bb:8d:b3:6a: c9:02:15:72:bb:fd:71:60:dd:97:c5:18:7b:28:25:18:e2:02: 49:59:e9:02:56:7c:52:82:e5:9c:0c:5d:4e:bd:f5:21:c5:40: ba:d2:8b:83:96:3f:15:b7:ca:f9:37:dd:d0:bb:fd:f3:3c:a4: 69:1b:e6:be:c3:89:3d:c3:0f:91:ee:77:82:26:03:aa:fd:18: da:34:7c:17 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgIBQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4 MjUzMVoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoQ0ZEMzExNjlEQzQ3NEFF ODRFQ0I0MjVFOEU3NzYyMjY2NDA4QzJCMzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKDVXhNtPm/ODcRtZpvgaFjEpuX0M5EZ2/NTCPzHsx7uemD+U9dH /ECi1bnMGlf3U3/yn8IrWix+58KMszLWEPHsK4hqA3T3J9KFKHLnRJKvWkL1e5W+ S2ktBg2ad2lD/p8WuQWCVQRv1XbTx+T/F63cqtEiTkOL/IEnCeNb2u35qr6sBYHJ EZ78F9CYA6l74TfWpSSC/WJHIELLetihXeMkZbeJvFYTX3GtMfNnsUETUSlpGyxv A5DzUZKSg2ci7Eo1/S8acwbMKIFBkqoacJx5qQ0b7FRfKGFeFzI3eWf01z5wMSa+ BK3yZ1qBo3lElxuvGBlXfno3ad3YzV0K8mcCAwEAAaOCAfQwggHwMB0GA1UdDgQW BBTP0xFp3EdK6E7LQl6Od2ImZAjCszAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi96OU1SYWR4SFN1aE95 MEplam5kaUptUUl3ck0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH AwUBJApC5DANBgkqhkiG9w0BAQsFAAOCAQEAgVZ4qgt72F/76ZOxx2uSnKwk2TmL FVMmOgHC3wE4a+qMWtpd7bdkrrxcIUf03vS7tbDJu/wlIZae9q7MlLuh7SQ5vmNB HE+mn6gpQSU45a3HbPtpGR09NYAdv77r5IcpnG33tZgOgcDp2obkBs0Afsu37t2a 1aCjOhBnURxWkzd9hFV5BRF5qJdeYogZ4Jowu+/ItgvEp2S5RUiZkg5n+AdyS7ry ukQSM5AUZfQmJq67jbNqyQIVcrv9cWDdl8UYeyglGOICSVnpAlZ8UoLlnAxdTr31 IcVAutKLg5Y/FbfK+Tfd0Lv98zykaRvmvsOJPcMPke53giYDqv0Y2jR8Fw== -----END CERTIFICATE-----Generated at Sun Jun 22 06:59:47 2025 by rpki-client