$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/z9YeP5POOkbC1-qwyBPm70J_QXA.roa File: z9YeP5POOkbC1-qwyBPm70J_QXA.roa (raw, json) Hash identifier: E5CySksCQDqyjggcedPXghdbMJxZl2uvN68TCmeJ2Vg= Subject key identifier: CF:D6:1E:3F:93:CE:3A:46:C2:D7:EA:B0:C8:13:E6:EF:42:7F:41:70 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: F1 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/z9YeP5POOkbC1-qwyBPm70J_QXA.roa Signing time: Fri 06 Jun 2025 02:52:22 +0000 ROA not before: Fri 06 Jun 2025 02:52:22 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 9808 IP address blocks: 240a:40c3:10::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 23:43:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 241 (0xf1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:52:22 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=CFD61E3F93CE3A46C2D7EAB0C813E6EF427F4170 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:75:ed:c0:d0:37:17:fc:fc:9d:03:f3:b4:fe: 07:dd:d3:30:01:57:db:e0:4d:49:3f:d5:d5:6b:0b: 1b:a0:16:79:21:23:c8:0b:5d:68:aa:64:e5:a0:83: 3b:12:0c:4c:c2:e9:44:54:3a:43:d1:91:c5:78:9c: 84:bc:77:62:d2:ab:33:ef:9d:2f:da:bb:77:9b:59: b4:08:8e:a2:1b:ed:f9:b3:8e:0c:8b:72:17:cd:cc: 08:ac:4b:e8:34:94:77:55:72:9a:bc:60:73:11:cd: bf:42:5d:66:29:d5:ad:f7:17:43:96:1f:2a:d5:4d: bb:85:87:b0:9e:09:73:6b:2f:5c:d6:16:86:b5:05: f8:36:75:5e:67:b6:e9:3b:da:ce:86:9f:4f:ca:1d: fd:78:ca:f1:e9:2d:13:76:1a:e4:4d:f4:8c:59:c5: b8:86:a3:aa:57:6e:e0:10:0a:96:ed:78:d4:f5:66: b4:0d:71:1f:db:58:74:b8:3c:91:2d:64:23:e3:ad: 2a:63:13:ae:b8:65:0f:7e:a9:6a:23:ca:42:95:f0: 53:03:c9:36:cf:91:87:c0:fc:72:59:b4:d4:54:ca: 71:81:b9:2e:b1:04:ec:ce:fa:4a:96:bc:78:5c:81: 03:7e:13:6b:b1:0b:c6:19:9f:bb:f6:dc:6d:5e:23: e3:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:D6:1E:3F:93:CE:3A:46:C2:D7:EA:B0:C8:13:E6:EF:42:7F:41:70 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/z9YeP5POOkbC1-qwyBPm70J_QXA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c3:10::/44 Signature Algorithm: sha256WithRSAEncryption 02:50:4d:27:32:59:00:7d:71:d3:1a:9b:f7:39:f0:24:c9:da: 97:0c:ae:e0:e5:a7:40:82:da:12:84:db:20:2c:2d:2d:4c:a4: 02:24:1e:5d:d5:2e:9e:fb:d4:d5:12:da:42:40:38:72:96:ef: 0b:66:26:d6:76:3c:89:76:28:df:cf:56:bb:14:4c:a7:71:b3: 4e:00:bc:59:a5:47:2e:85:fc:b4:90:3b:a9:d7:c0:5b:6c:97: f2:c6:95:8e:f8:ed:3f:31:85:cf:af:2c:25:f2:1d:5c:ba:b7: 2a:bf:1c:36:a0:42:51:b3:44:03:3f:46:5c:ba:f2:f6:ac:cd: 85:fc:7f:01:89:9c:84:fe:41:44:3b:26:17:8b:8d:c2:dc:7a: 9d:1e:bb:b1:9c:7a:b9:62:64:15:c9:7c:75:2d:b0:d6:e5:91: f9:db:15:23:20:8f:af:7f:cb:68:3c:f8:04:66:83:ee:50:42: a6:6e:13:41:58:12:61:cf:51:76:e9:c4:5c:f5:9a:9b:2e:d1: 42:a2:b7:28:fe:25:3f:a5:70:91:7f:08:86:66:6e:8d:b0:b3: ef:88:12:70:72:a0:05:29:c8:d0:21:f4:a7:1a:51:2a:79:bf: d5:17:ef:30:26:3c:ac:da:af:79:34:78:83:e1:3d:f6:79:ec: 20:b0:71:02 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICAPEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjUyMjJaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKENGRDYxRTNGOTNDRTNB NDZDMkQ3RUFCMEM4MTNFNkVGNDI3RjQxNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUde3A0DcX/PydA/O0/gfd0zABV9vgTUk/1dVrCxugFnkhI8gL XWiqZOWggzsSDEzC6URUOkPRkcV4nIS8d2LSqzPvnS/au3ebWbQIjqIb7fmzjgyL chfNzAisS+g0lHdVcpq8YHMRzb9CXWYp1a33F0OWHyrVTbuFh7CeCXNrL1zWFoa1 Bfg2dV5ntuk72s6Gn0/KHf14yvHpLRN2GuRN9IxZxbiGo6pXbuAQCpbteNT1ZrQN cR/bWHS4PJEtZCPjrSpjE664ZQ9+qWojykKV8FMDyTbPkYfA/HJZtNRUynGBuS6x BOzO+kqWvHhcgQN+E2uxC8YZn7v23G1eI+MtAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUz9YeP5POOkbC1+qwyBPm70J/QXAwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvejlZZVA1UE9Pa2JD MS1xd3lCUG03MEpfUVhBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMMAEDANBgkqhkiG9w0BAQsFAAOCAQEAAlBNJzJZAH1x0xqb9znwJMna lwyu4OWnQILaEoTbICwtLUykAiQeXdUunvvU1RLaQkA4cpbvC2Ym1nY8iXYo389W uxRMp3GzTgC8WaVHLoX8tJA7qdfAW2yX8saVjvjtPzGFz68sJfIdXLq3Kr8cNqBC UbNEAz9GXLry9qzNhfx/AYmchP5BRDsmF4uNwtx6nR67sZx6uWJkFcl8dS2w1uWR +dsVIyCPr3/LaDz4BGaD7lBCpm4TQVgSYc9RdunEXPWamy7RQqK3KP4lP6VwkX8I hmZujbCz74gScHKgBSnI0CH0pxpRKnm/1RfvMCY8rNqveTR4g+E99nnsILBxAg== -----END CERTIFICATE-----Generated at Sat Jun 21 23:31:38 2025 by rpki-client