$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/kHETLM6cygeGpKKoqih1EPU7gmI.roa File: kHETLM6cygeGpKKoqih1EPU7gmI.roa (raw, json) Hash identifier: +LQA3OraGUIU6wW3F0A+ePFfIqnRqwHWcGXQxQ6FNG4= Subject key identifier: 90:71:13:2C:CE:9C:CA:07:86:A4:A2:A8:AA:28:75:10:F5:3B:82:62 Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942 Certificate serial: 04 Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kHETLM6cygeGpKKoqih1EPU7gmI.roa Signing time: Wed 09 Apr 2025 06:45:53 +0000 ROA not before: Wed 09 Apr 2025 06:45:53 +0000 ROA not after: Thu 09 Apr 2026 06:33:21 +0000 asID: 9391 IP address blocks: 2402:ae00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942 Validity Not Before: Apr 9 06:45:53 2025 GMT Not After : Apr 9 06:33:21 2026 GMT Subject: CN=9071132CCE9CCA0786A4A2A8AA287510F53B8262 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:c9:fd:3c:54:96:af:b4:a1:11:d3:d0:79:a7: db:96:3c:f1:04:6f:54:1c:62:c5:13:9b:a7:82:19: 92:17:96:f0:40:9b:2e:53:13:e7:cc:10:98:2c:78: c8:fd:36:c6:73:82:74:da:44:81:a4:7c:b7:a1:e8: 05:7c:2a:3c:c7:cb:78:90:83:5b:c0:2e:67:8e:d0: 0e:64:4e:e6:96:d6:36:47:13:6a:81:85:d9:5f:0a: 6a:ce:73:0a:3b:60:9a:60:66:f6:ec:19:8d:05:3a: 99:e1:13:a1:a1:d4:74:a4:02:b0:cc:d3:51:d9:3b: 74:0d:d5:2d:7b:90:26:eb:38:04:22:10:f1:60:c6: c9:65:24:46:25:70:4e:ba:92:a4:c2:03:e1:59:a4: c4:97:e3:65:7a:86:a0:16:50:54:aa:37:94:a5:5b: c5:4f:75:ba:f2:59:e3:e3:32:15:1a:27:4d:f7:07: fa:52:3e:ed:2e:12:a0:26:5a:aa:2e:94:b8:fc:90: a0:82:4a:25:09:12:f3:8e:ec:b9:9c:01:29:e4:0b: e7:bd:76:93:96:4b:87:71:2d:d3:f7:e0:11:c8:a3: 70:74:dc:56:20:54:23:be:12:03:3d:a9:3e:2c:95: 73:6a:00:e8:0e:ee:49:b3:9e:65:42:65:23:37:78: 97:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:71:13:2C:CE:9C:CA:07:86:A4:A2:A8:AA:28:75:10:F5:3B:82:62 X509v3 Authority Key Identifier: keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kHETLM6cygeGpKKoqih1EPU7gmI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:ae00::/32 Signature Algorithm: sha256WithRSAEncryption 17:17:20:97:72:c0:21:14:1c:70:d1:77:6f:fb:18:59:72:ba: 4b:25:32:c3:1a:8e:90:cc:8e:3f:65:7d:20:45:bf:fe:2f:12: 5b:90:58:15:a1:b1:87:3d:62:1c:dd:01:4d:83:b0:5c:6e:9b: cc:a4:ee:aa:3b:bd:32:57:8e:c2:70:02:4a:ea:86:b6:d2:6b: 15:30:93:77:09:ff:db:49:09:be:98:88:1d:7b:2d:35:7a:77: b5:87:b2:5a:7d:03:eb:a5:c0:e4:31:94:21:8a:dc:87:45:bf: c0:4c:b4:5b:ce:37:55:18:f8:8b:e0:7d:ed:86:6f:a3:ea:aa: e8:40:fe:34:e0:fc:b1:09:79:9c:6f:d7:02:0c:46:3c:6b:c5: 52:fd:56:60:74:34:24:bd:d0:db:33:91:bb:4d:f3:60:ec:e0: 64:6a:bc:0a:27:79:1a:0c:81:7c:96:da:13:a5:1b:b7:3f:e0: c1:31:00:c7:60:d7:da:dd:1d:72:b0:07:86:28:01:13:5e:c4: 89:70:0a:71:8c:2f:b4:13:6a:2e:6c:27:3a:fc:16:93:61:9e: 58:e6:03:9e:f0:69:2c:07:fd:7f:03:1b:e1:e6:b3:15:95:af: 06:10:37:50:1e:a8:85:52:fc:4e:95:52:89:a5:f7:09:64:2c: c6:33:b3:e4 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgIBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyRTI2 NkRDM0VBRDgwRUIyNUQ0OTg1OEE2NERDMUVGMUM4QTFCOTQyMB4XDTI1MDQwOTA2 NDU1M1oXDTI2MDQwOTA2MzMyMVowMzExMC8GA1UEAxMoOTA3MTEzMkNDRTlDQ0Ew Nzg2QTRBMkE4QUEyODc1MTBGNTNCODI2MjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAO3J/TxUlq+0oRHT0Hmn25Y88QRvVBxixRObp4IZkheW8ECbLlMT 58wQmCx4yP02xnOCdNpEgaR8t6HoBXwqPMfLeJCDW8AuZ47QDmRO5pbWNkcTaoGF 2V8Kas5zCjtgmmBm9uwZjQU6meEToaHUdKQCsMzTUdk7dA3VLXuQJus4BCIQ8WDG yWUkRiVwTrqSpMID4VmkxJfjZXqGoBZQVKo3lKVbxU91uvJZ4+MyFRonTfcH+lI+ 7S4SoCZaqi6UuPyQoIJKJQkS847suZwBKeQL5712k5ZLh3Et0/fgEcijcHTcViBU I74SAz2pPiyVc2oA6A7uSbOeZUJlIzd4lz8CAwEAAaOCAfAwggHsMB0GA1UdDgQW BBSQcRMszpzKB4akoqiqKHUQ9TuCYjAfBgNVHSMEGDAWgBQuJm3D6tgOsl1JhYpk 3B7xyKG5QjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO oEyGSnJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9M aVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwL0xpWnR3LXJZRHJKZFNZV0taTndlOGNpaHVVSS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzc2L2tIRVRMTTZjeWdlR3BLS29x aWgxRVBVN2dtSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5j bi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk Aq4AMA0GCSqGSIb3DQEBCwUAA4IBAQAXFyCXcsAhFBxw0Xdv+xhZcrpLJTLDGo6Q zI4/ZX0gRb/+LxJbkFgVobGHPWIc3QFNg7BcbpvMpO6qO70yV47CcAJK6oa20msV MJN3Cf/bSQm+mIgdey01ene1h7JafQPrpcDkMZQhityHRb/ATLRbzjdVGPiL4H3t hm+j6qroQP404PyxCXmcb9cCDEY8a8VS/VZgdDQkvdDbM5G7TfNg7OBkarwKJ3ka DIF8ltoTpRu3P+DBMQDHYNfa3R1ysAeGKAETXsSJcApxjC+0E2oubCc6/BaTYZ5Y 5gOe8GksB/1/Axvh5rMVla8GEDdQHqiFUvxOlVKJpfcJZCzGM7Pk -----END CERTIFICATE-----Generated at Sat Apr 26 15:36:59 2025 by rpki-client