$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/497/xhyJQ6fLIljnRE3vjXjVdtzD-60.roa File: xhyJQ6fLIljnRE3vjXjVdtzD-60.roa (raw, json) Hash identifier: pw3KaKc1CqxoWC2rbY7xD+pjw8LfXPIJcNclxnFFohI= Subject key identifier: C6:1C:89:43:A7:CB:22:58:E7:44:4D:EF:8D:78:D5:76:DC:C3:FB:AD Certificate issuer: /CN=7E40AE900100E2B97B31CE006902F31E7D1D2AF2 Certificate serial: 1D7D Authority key identifier: 7E:40:AE:90:01:00:E2:B9:7B:31:CE:00:69:02:F3:1E:7D:1D:2A:F2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/xhyJQ6fLIljnRE3vjXjVdtzD-60.roa Signing time: Wed 09 Apr 2025 06:48:01 +0000 ROA not before: Wed 09 Apr 2025 06:48:01 +0000 ROA not after: Thu 09 Apr 2026 06:40:34 +0000 asID: 56002 IP address blocks: 2405:ad00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:40:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7549 (0x1d7d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7E40AE900100E2B97B31CE006902F31E7D1D2AF2 Validity Not Before: Apr 9 06:48:01 2025 GMT Not After : Apr 9 06:40:34 2026 GMT Subject: CN=C61C8943A7CB2258E7444DEF8D78D576DCC3FBAD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:2c:f0:30:0e:f8:e0:df:5d:3e:9b:8d:6b:c3: 1e:cf:79:cc:71:ff:89:8e:df:cc:3d:b7:8a:e2:e2: ac:15:b3:ad:ad:1a:4b:57:b2:22:7f:eb:ee:59:ad: 22:7a:e3:6b:cc:50:5d:a2:cd:cd:59:c9:4e:79:11: e4:b0:2c:18:c9:20:56:21:1c:e9:91:26:a0:ad:c3: 69:13:82:68:01:a2:65:78:31:d1:82:c3:2e:0e:aa: 76:6d:c6:f6:7b:38:42:5e:92:9f:a0:25:d0:34:fb: 98:73:f3:32:36:ea:27:de:10:9c:79:0e:81:d0:04: ef:0d:25:ea:79:f5:fa:ac:46:5f:8c:8b:77:92:b9: ec:a6:3f:45:22:63:14:45:3b:16:2b:3b:49:0c:9b: 69:9b:93:e9:84:f3:3a:46:5d:41:7a:14:3a:00:32: d9:d3:e8:5a:30:08:d7:3b:93:3d:4d:bc:da:27:3a: 38:b1:24:74:cf:f1:4d:13:23:70:98:5f:77:10:2a: 5d:f6:fb:8a:23:9a:70:32:9b:21:1e:ff:cb:64:98: 6c:e1:54:bf:51:aa:43:1f:8f:d3:d3:ea:2c:81:35: 90:bd:7d:7e:07:8e:ca:ad:66:36:7c:9a:83:3f:6e: 49:fe:27:f4:69:73:2f:eb:50:ed:1c:94:e1:d8:09: 16:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:1C:89:43:A7:CB:22:58:E7:44:4D:EF:8D:78:D5:76:DC:C3:FB:AD X509v3 Authority Key Identifier: keyid:7E:40:AE:90:01:00:E2:B9:7B:31:CE:00:69:02:F3:1E:7D:1D:2A:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/xhyJQ6fLIljnRE3vjXjVdtzD-60.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2405:ad00::/32 Signature Algorithm: sha256WithRSAEncryption 1b:42:b2:38:d2:c6:07:7f:0a:c0:de:9f:7e:b6:20:cf:8a:1b: bb:8a:4e:ab:35:2e:93:5b:c6:a7:0d:5f:d0:14:8e:d3:87:3e: d1:67:75:c8:46:f9:12:7d:a4:32:0a:bc:1a:86:2b:e1:ed:e8: 17:d1:6d:fb:7a:e6:80:19:49:c6:62:7c:d4:14:08:22:ac:f8: 23:51:44:e2:eb:4e:41:7c:50:d3:30:39:f6:84:c1:fa:85:99: 9a:1e:f2:43:b0:cf:f2:50:48:1b:7a:90:49:0d:86:0e:61:68: a6:f0:4b:b4:72:80:0f:aa:12:e1:53:c2:c8:90:cd:fe:3f:a4: 9f:76:83:ed:c3:7c:6f:27:b3:ab:be:7d:14:24:50:a2:da:b0: e5:64:d0:e8:de:76:94:b3:c5:e7:87:e4:c9:77:c9:61:b1:94: 65:80:97:8c:d5:f4:c5:c1:41:91:63:ed:4b:36:6d:d7:9d:2c: a8:f1:06:1d:27:3c:9b:1e:78:e4:09:18:26:b5:72:3f:b0:0a: 4d:52:cf:28:4b:8c:bf:8f:e8:68:79:ae:1c:de:c0:7e:15:2b: 16:3b:94:66:55:7a:fc:95:5b:21:49:89:98:a7:3b:f0:cf:a4: cb:30:d4:2e:56:d5:09:f6:db:42:3a:e6:d1:8a:18:62:2a:87: 2f:5e:fc:91 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICHX0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0U0 MEFFOTAwMTAwRTJCOTdCMzFDRTAwNjkwMkYzMUU3RDFEMkFGMjAeFw0yNTA0MDkw NjQ4MDFaFw0yNjA0MDkwNjQwMzRaMDMxMTAvBgNVBAMTKEM2MUM4OTQzQTdDQjIy NThFNzQ0NERFRjhENzhENTc2RENDM0ZCQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7LPAwDvjg310+m41rwx7Pecxx/4mO38w9t4ri4qwVs62tGktX siJ/6+5ZrSJ642vMUF2izc1ZyU55EeSwLBjJIFYhHOmRJqCtw2kTgmgBomV4MdGC wy4OqnZtxvZ7OEJekp+gJdA0+5hz8zI26ifeEJx5DoHQBO8NJep59fqsRl+Mi3eS ueymP0UiYxRFOxYrO0kMm2mbk+mE8zpGXUF6FDoAMtnT6FowCNc7kz1NvNonOjix JHTP8U0TI3CYX3cQKl32+4ojmnAymyEe/8tkmGzhVL9RqkMfj9PT6iyBNZC9fX4H jsqtZjZ8moM/bkn+J/Rpcy/rUO0clOHYCRZzAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUxhyJQ6fLIljnRE3vjXjVdtzD+60wHwYDVR0jBBgwFoAUfkCukAEA4rl7Mc4A aQLzHn0dKvIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3 L2ZrQ3VrQUVBNHJsN01jNEFhUUx6SG4wZEt2SS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZmtDdWtBRUE0cmw3TWM0QWFRTHpIbjBkS3ZJLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3L3hoeUpRNmZMSWxqblJF M3ZqWGpWZHR6RC02MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD BQAkBa0AMA0GCSqGSIb3DQEBCwUAA4IBAQAbQrI40sYHfwrA3p9+tiDPihu7ik6r NS6TW8anDV/QFI7Thz7RZ3XIRvkSfaQyCrwahivh7egX0W37euaAGUnGYnzUFAgi rPgjUUTi605BfFDTMDn2hMH6hZmaHvJDsM/yUEgbepBJDYYOYWim8Eu0coAPqhLh U8LIkM3+P6SfdoPtw3xvJ7Orvn0UJFCi2rDlZNDo3naUs8Xnh+TJd8lhsZRlgJeM 1fTFwUGRY+1LNm3XnSyo8QYdJzybHnjkCRgmtXI/sApNUs8oS4y/j+hoea4c3sB+ FSsWO5RmVXr8lVshSYmYpzvwz6TLMNQuVtUJ9ttCOubRihhiKocvXvyR -----END CERTIFICATE-----Generated at Sat Apr 26 13:12:39 2025 by rpki-client