$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/332/WyTkXHEhLqcsjNd_oPHvbf674aI.roa File: WyTkXHEhLqcsjNd_oPHvbf674aI.roa (raw, json) Hash identifier: gt/t6rEu5sUWRrRf2e3Slg7FAm0I0chcu0jtaf/OGlg= Subject key identifier: 5B:24:E4:5C:71:21:2E:A7:2C:8C:D7:7F:A0:F1:EF:6D:FE:BB:E1:A2 Certificate issuer: /CN=CE0249B9E7D566E6CBEB577D763B3CCBB1B0AB2D Certificate serial: 214E Authority key identifier: CE:02:49:B9:E7:D5:66:E6:CB:EB:57:7D:76:3B:3C:CB:B1:B0:AB:2D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgJJuefVZubL61d9djs8y7Gwqy0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/WyTkXHEhLqcsjNd_oPHvbf674aI.roa Signing time: Wed 09 Apr 2025 06:47:56 +0000 ROA not before: Wed 09 Apr 2025 06:47:56 +0000 ROA not after: Thu 09 Apr 2026 06:40:24 +0000 asID: 24424 IP address blocks: 2401:3800::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/zgJJuefVZubL61d9djs8y7Gwqy0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/zgJJuefVZubL61d9djs8y7Gwqy0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgJJuefVZubL61d9djs8y7Gwqy0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8526 (0x214e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CE0249B9E7D566E6CBEB577D763B3CCBB1B0AB2D Validity Not Before: Apr 9 06:47:56 2025 GMT Not After : Apr 9 06:40:24 2026 GMT Subject: CN=5B24E45C71212EA72C8CD77FA0F1EF6DFEBBE1A2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:5d:5e:bb:85:fa:a3:b0:d3:6f:b0:14:f1:40: cd:f0:d6:0a:45:72:40:9e:b5:71:4e:11:4f:6d:2b: 7a:12:23:ad:cd:e6:07:e7:2c:6d:ac:63:87:40:a6: 68:14:52:ad:cb:19:7f:79:a8:4e:c3:78:ec:b6:b2: 2e:05:ec:ce:e6:c9:77:8a:b1:9d:25:9b:7e:36:7a: d8:f4:48:ef:78:24:74:3d:ac:6c:43:27:a2:ad:c0: 50:ef:89:48:12:48:3a:a3:11:4b:7b:59:d8:42:4f: 69:bb:27:11:56:4c:9b:a5:45:4b:c4:16:44:73:dc: 06:5e:bd:8f:d8:58:a7:9e:ac:f0:af:f1:58:38:30: 2d:b9:7b:d9:c7:f9:70:be:bc:25:f3:71:07:87:74: 1b:89:a3:72:37:94:48:3b:fc:e4:41:6c:f6:53:70: 63:1e:08:44:c4:dc:61:04:a7:33:24:f6:96:11:6c: 50:69:5c:9d:05:c2:45:86:47:c2:db:8e:7b:b2:05: 3e:07:f7:25:b2:f8:96:ad:99:c1:f5:82:c3:78:20: 08:fe:4f:24:73:53:24:58:db:a7:52:d9:03:9b:21: 26:14:32:df:3c:b2:19:f7:69:22:56:c9:c9:40:7e: 52:f1:8b:6e:2a:b8:88:7e:a4:1f:42:25:f9:a0:ec: 83:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:24:E4:5C:71:21:2E:A7:2C:8C:D7:7F:A0:F1:EF:6D:FE:BB:E1:A2 X509v3 Authority Key Identifier: keyid:CE:02:49:B9:E7:D5:66:E6:CB:EB:57:7D:76:3B:3C:CB:B1:B0:AB:2D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/zgJJuefVZubL61d9djs8y7Gwqy0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgJJuefVZubL61d9djs8y7Gwqy0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/WyTkXHEhLqcsjNd_oPHvbf674aI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:3800::/32 Signature Algorithm: sha256WithRSAEncryption 54:e2:33:45:b7:55:06:41:38:15:ec:a9:b3:0b:5f:4d:bc:88: 84:19:2f:10:d6:38:6b:ee:27:6c:0c:3e:23:45:9f:ef:66:1b: f8:01:64:76:96:2a:3a:eb:e7:7a:0f:cf:93:d0:f1:74:7c:0b: f4:5a:f0:eb:5c:ca:33:99:41:93:b3:81:22:0c:30:c2:30:26: 5b:e3:c4:4c:60:c7:d5:f6:c2:80:2e:11:7b:a3:15:37:90:75: c8:3d:22:50:5e:e1:22:ed:77:77:a7:f2:c0:48:48:0e:5b:de: 60:38:9c:88:03:d7:ff:92:9c:68:af:ee:83:a2:15:8d:ab:1d: be:25:1d:cd:0b:7f:67:c3:aa:01:7e:a3:9f:27:02:33:e6:36: b3:af:fc:c7:2f:40:39:c3:2f:d7:92:1b:05:67:26:86:a7:3e: 1b:9f:32:00:19:ce:dc:81:1a:ec:db:ff:b3:ec:64:51:03:7d: 03:79:c7:21:4c:65:7d:89:7b:5f:16:a6:5b:ac:61:7f:52:02: ef:be:43:f1:f7:63:d6:2c:1b:0f:2d:dc:85:25:64:67:d1:c0: 44:73:81:89:b1:c1:ad:f1:54:ec:0f:a0:f6:5f:ee:77:d7:8b: c3:a3:6b:35:23:f5:01:b3:12:e1:1a:28:53:9d:aa:02:63:b2: 9d:55:67:ca -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICIU4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Uw MjQ5QjlFN0Q1NjZFNkNCRUI1NzdENzYzQjNDQ0JCMUIwQUIyRDAeFw0yNTA0MDkw NjQ3NTZaFw0yNjA0MDkwNjQwMjRaMDMxMTAvBgNVBAMTKDVCMjRFNDVDNzEyMTJF QTcyQzhDRDc3RkEwRjFFRjZERkVCQkUxQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJXV67hfqjsNNvsBTxQM3w1gpFckCetXFOEU9tK3oSI63N5gfn LG2sY4dApmgUUq3LGX95qE7DeOy2si4F7M7myXeKsZ0lm342etj0SO94JHQ9rGxD J6KtwFDviUgSSDqjEUt7WdhCT2m7JxFWTJulRUvEFkRz3AZevY/YWKeerPCv8Vg4 MC25e9nH+XC+vCXzcQeHdBuJo3I3lEg7/ORBbPZTcGMeCETE3GEEpzMk9pYRbFBp XJ0FwkWGR8LbjnuyBT4H9yWy+JatmcH1gsN4IAj+TyRzUyRY26dS2QObISYUMt88 shn3aSJWyclAflLxi24quIh+pB9CJfmg7IOrAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUWyTkXHEhLqcsjNd/oPHvbf674aIwHwYDVR0jBBgwFoAUzgJJuefVZubL61d9 djs8y7Gwqy0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy L3pnSkp1ZWZWWnViTDYxZDlkanM4eTdHd3F5MC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvemdKSnVlZlZadWJMNjFkOWRqczh5N0d3cXkwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMyL1d5VGtYSEVoTHFjc2pO ZF9vUEh2YmY2NzRhSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD BQAkATgAMA0GCSqGSIb3DQEBCwUAA4IBAQBU4jNFt1UGQTgV7KmzC19NvIiEGS8Q 1jhr7idsDD4jRZ/vZhv4AWR2lio66+d6D8+T0PF0fAv0WvDrXMozmUGTs4EiDDDC MCZb48RMYMfV9sKALhF7oxU3kHXIPSJQXuEi7Xd3p/LASEgOW95gOJyIA9f/kpxo r+6DohWNqx2+JR3NC39nw6oBfqOfJwIz5jazr/zHL0A5wy/XkhsFZyaGpz4bnzIA Gc7cgRrs2/+z7GRRA30DecchTGV9iXtfFqZbrGF/UgLvvkPx92PWLBsPLdyFJWRn 0cBEc4GJscGt8VTsD6D2X+5314vDo2s1I/UBsxLhGihTnaoCY7KdVWfK -----END CERTIFICATE-----Generated at Sat Apr 26 15:35:53 2025 by rpki-client