$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3078/ub3RLNztu3cE-qwuLwdBTlpnYmg.roa File: ub3RLNztu3cE-qwuLwdBTlpnYmg.roa (raw, json) Hash identifier: YpVvPKuVTNGY4kFd2rvMktDGw0sX2hIL1b5R2KkZJWQ= Subject key identifier: B9:BD:D1:2C:DC:ED:BB:77:04:FA:AC:2E:2F:07:41:4E:5A:67:62:68 Certificate issuer: /CN=F702935F02FC1B81297D1FFB4C78CE0BA1D43785 Certificate serial: 32 Authority key identifier: F7:02:93:5F:02:FC:1B:81:29:7D:1F:FB:4C:78:CE:0B:A1:D4:37:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9wKTXwL8G4EpfR_7THjOC6HUN4U.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/ub3RLNztu3cE-qwuLwdBTlpnYmg.roa Signing time: Sat 17 May 2025 03:40:37 +0000 ROA not before: Sat 17 May 2025 03:40:37 +0000 ROA not after: Sun 10 May 2026 04:51:55 +0000 asID: 151270 IP address blocks: 110.40.34.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/9wKTXwL8G4EpfR_7THjOC6HUN4U.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/9wKTXwL8G4EpfR_7THjOC6HUN4U.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9wKTXwL8G4EpfR_7THjOC6HUN4U.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 14:43:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50 (0x32) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F702935F02FC1B81297D1FFB4C78CE0BA1D43785 Validity Not Before: May 17 03:40:37 2025 GMT Not After : May 10 04:51:55 2026 GMT Subject: CN=B9BDD12CDCEDBB7704FAAC2E2F07414E5A676268 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:0b:d0:1a:50:3b:61:80:ec:08:71:1e:a1:82: a6:14:cc:f0:b1:39:2e:55:c8:a4:2d:c3:47:d2:55: 71:af:83:ba:e2:b5:c0:e8:9a:af:a3:ff:fd:25:99: f6:b0:b2:ae:19:e2:38:e1:91:c7:2b:1a:ff:4e:78: 5b:39:8c:ac:e0:fe:20:ee:e0:96:58:f1:c6:a4:08: 31:79:7d:ce:97:98:85:cd:03:88:dc:47:0a:54:0c: 75:b9:a6:0c:a7:de:7c:22:bc:09:02:3d:be:e6:ef: 85:ed:00:86:e2:43:8f:90:a1:9a:5b:e8:52:61:b4: c5:65:c2:75:fe:97:99:46:25:26:0e:73:b9:de:a6: 47:28:e0:22:17:a2:74:7b:63:1c:8c:71:52:43:50: 48:4f:b1:26:5f:b5:e9:64:64:1f:10:36:f3:97:d2: 6b:79:ef:ea:37:26:cb:d4:e2:32:82:21:c3:21:17: 68:96:ef:ef:11:05:2e:bf:a8:80:fa:4a:83:77:46: 45:b0:7c:40:bc:4f:35:33:88:7d:b7:c8:8b:4d:91: 3a:25:3e:32:00:86:c8:04:7b:5f:62:25:b6:30:9e: ff:26:82:e4:98:65:08:bb:0e:cd:68:3a:c9:fa:e5: 2d:93:3b:d5:3d:55:4e:22:d8:50:80:97:6c:36:ab: 8a:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:BD:D1:2C:DC:ED:BB:77:04:FA:AC:2E:2F:07:41:4E:5A:67:62:68 X509v3 Authority Key Identifier: keyid:F7:02:93:5F:02:FC:1B:81:29:7D:1F:FB:4C:78:CE:0B:A1:D4:37:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/9wKTXwL8G4EpfR_7THjOC6HUN4U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9wKTXwL8G4EpfR_7THjOC6HUN4U.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/ub3RLNztu3cE-qwuLwdBTlpnYmg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.40.34.0/24 Signature Algorithm: sha256WithRSAEncryption 2d:93:c9:e6:09:20:38:ad:a9:d9:ad:9e:ff:ca:3d:7b:87:e8: 02:1c:f5:eb:d2:e8:72:10:e7:9e:7b:50:42:2d:46:fa:3b:70: f7:b4:31:df:99:93:2f:8d:db:83:75:67:fa:72:9b:30:4f:c6: cc:da:41:d5:f2:b6:6a:89:55:d6:8b:b6:2d:53:04:47:bf:30: 58:b0:d5:0c:86:bf:1a:dc:bd:36:d8:48:c9:89:12:8f:56:4d: b9:f8:76:81:28:9a:0c:25:90:1a:f3:55:0d:ee:75:82:77:c9: 26:c1:b7:65:cf:08:bc:01:ad:85:ec:a4:f8:33:0e:41:a2:0c: 5f:3a:9f:4d:6c:7c:99:c9:e9:fd:fd:70:aa:29:d9:0c:26:db: f2:2c:55:f8:71:80:95:62:7f:b7:49:e0:ab:b7:3c:d8:2a:71: d5:3a:45:48:bd:0e:f4:85:eb:80:1f:d6:6b:ba:31:66:f6:1d: 74:18:0c:18:13:1a:d2:91:ee:02:19:4a:6d:0d:1a:74:58:c2: 63:7c:21:22:ad:58:32:f0:b5:31:aa:38:f5:e8:1d:57:b2:17: 40:d0:5c:57:79:77:44:63:73:1a:a4:8f:c2:bf:ec:c4:06:b5: e3:b0:a6:ed:50:d3:87:48:c4:54:85:3d:0b:af:eb:49:b2:ae: 8e:df:b4:16 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGNzAy OTM1RjAyRkMxQjgxMjk3RDFGRkI0Qzc4Q0UwQkExRDQzNzg1MB4XDTI1MDUxNzAz NDAzN1oXDTI2MDUxMDA0NTE1NVowMzExMC8GA1UEAxMoQjlCREQxMkNEQ0VEQkI3 NzA0RkFBQzJFMkYwNzQxNEU1QTY3NjI2ODCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKwL0BpQO2GA7AhxHqGCphTM8LE5LlXIpC3DR9JVca+DuuK1wOia r6P//SWZ9rCyrhniOOGRxysa/054WzmMrOD+IO7glljxxqQIMXl9zpeYhc0DiNxH ClQMdbmmDKfefCK8CQI9vubvhe0AhuJDj5ChmlvoUmG0xWXCdf6XmUYlJg5zud6m RyjgIheidHtjHIxxUkNQSE+xJl+16WRkHxA285fSa3nv6jcmy9TiMoIhwyEXaJbv 7xEFLr+ogPpKg3dGRbB8QLxPNTOIfbfIi02ROiU+MgCGyAR7X2IltjCe/yaC5Jhl CLsOzWg6yfrlLZM71T1VTiLYUICXbDariksCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBS5vdEs3O27dwT6rC4vB0FOWmdiaDAfBgNVHSMEGDAWgBT3ApNfAvwbgSl9H/tM eM4LodQ3hTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMDc4 Lzl3S1RYd0w4RzRFcGZSXzdUSGpPQzZIVU40VS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOXdLVFh3TDhHNEVwZlJfN1RIak9DNkhVTjRVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA3OC91YjNSTE56dHUzY0Ut cXd1THdkQlRscG5ZbWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAbigiMA0GCSqGSIb3DQEBCwUAA4IBAQAtk8nmCSA4ranZrZ7/yj17h+gCHPXr 0uhyEOeee1BCLUb6O3D3tDHfmZMvjduDdWf6cpswT8bM2kHV8rZqiVXWi7YtUwRH vzBYsNUMhr8a3L022EjJiRKPVk25+HaBKJoMJZAa81UN7nWCd8kmwbdlzwi8Aa2F 7KT4Mw5BogxfOp9NbHyZyen9/XCqKdkMJtvyLFX4cYCVYn+3SeCrtzzYKnHVOkVI vQ70heuAH9ZrujFm9h10GAwYExrSke4CGUptDRp0WMJjfCEirVgy8LUxqjj16B1X shdA0FxXeXdEY3MapI/Cv+zEBrXjsKbtUNOHSMRUhT0Lr+tJsq6O37QW -----END CERTIFICATE-----Generated at Sat Jun 21 13:42:31 2025 by rpki-client