$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/2n9wS1M7syH7x5xe_mVyu3n8ym0.roa File: 2n9wS1M7syH7x5xe_mVyu3n8ym0.roa (raw, json) Hash identifier: bjySGr8ntkqnZeQot/ZGyf/Ph80Ivr4s9McXO3XAliI= Subject key identifier: DA:7F:70:4B:53:3B:B3:21:FB:C7:9C:5E:FE:65:72:BB:79:FC:CA:6D Certificate issuer: /CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D Certificate serial: 165A Authority key identifier: DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/2n9wS1M7syH7x5xe_mVyu3n8ym0.roa Signing time: Mon 23 Jun 2025 02:18:10 +0000 ROA not before: Mon 23 Jun 2025 02:18:10 +0000 ROA not after: Thu 09 Apr 2026 06:41:24 +0000 asID: 174 IP address blocks: 114.66.128.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 01 Jul 2025 09:14:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5722 (0x165a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D Validity Not Before: Jun 23 02:18:10 2025 GMT Not After : Apr 9 06:41:24 2026 GMT Subject: CN=DA7F704B533BB321FBC79C5EFE6572BB79FCCA6D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:24:ee:9e:ab:09:7a:ea:ac:2c:29:5f:ba:3b: 2d:b7:37:5d:71:8b:d8:f6:6b:0b:81:62:ec:67:dc: 59:c4:00:4a:e2:08:3f:03:eb:fd:ab:88:5b:40:34: d9:d8:21:30:4f:a7:e3:e9:a8:0f:64:78:65:05:ea: 1b:79:c5:fe:22:f5:2a:94:ca:0a:5e:c4:df:33:f4: 0e:c4:36:f5:6c:1c:27:47:5f:66:06:c9:64:24:b9: 2b:03:df:5e:43:1c:7f:80:33:05:4b:f1:ec:5d:63: e6:6d:20:7c:ab:ca:67:d2:ba:48:ce:d7:e0:1c:30: 9e:08:76:b2:76:5c:f5:26:f6:b3:ee:95:aa:bc:c2: df:ee:b2:db:30:78:ad:db:e0:bb:57:06:7d:b8:54: cd:01:6a:ea:93:1f:6e:0d:81:bd:b5:ec:df:08:a7: 96:c3:81:a3:f7:79:ad:92:cc:4a:f3:93:9e:15:e8: 5e:3e:bf:be:76:36:59:38:2e:d1:9c:11:00:93:8f: 25:a1:74:42:5b:f0:34:1d:9a:ef:f0:79:06:e6:5a: 3a:52:c3:ef:36:bb:f6:cc:32:5c:9b:8d:97:73:0e: 53:d4:60:8e:4a:0e:c9:e1:b8:ae:da:1d:3e:b7:37: 2d:7d:49:34:5f:cc:27:a9:7e:f4:5d:4d:8f:23:75: 31:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:7F:70:4B:53:3B:B3:21:FB:C7:9C:5E:FE:65:72:BB:79:FC:CA:6D X509v3 Authority Key Identifier: keyid:DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/2n9wS1M7syH7x5xe_mVyu3n8ym0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.66.128.0/18 Signature Algorithm: sha256WithRSAEncryption 00:cb:a5:f5:d7:dd:d3:7c:f1:9d:73:16:11:d6:2a:48:79:25: 15:a3:28:8c:12:d8:60:07:17:7a:3f:1f:39:30:7b:9c:39:e1: d1:91:1a:44:ac:1d:4e:85:9e:8a:d9:39:d0:50:32:43:f1:52: 2b:3c:8f:0d:35:bb:57:57:7f:2d:b3:f1:b9:ca:f0:3a:1b:ce: 87:18:0f:d2:d0:06:57:18:d4:3a:82:6a:6d:d0:e2:cd:13:29: a4:28:e4:bc:88:27:1b:1b:30:58:2f:b3:1c:6c:39:0b:eb:c0: 99:93:f0:92:e5:97:ca:56:0f:92:cd:14:71:0a:a2:20:fb:a8: c8:80:48:cd:d6:86:03:e1:91:23:7d:ac:ba:2e:01:91:f2:1d: b7:26:53:91:cf:15:64:c7:18:16:25:f9:a1:c9:fd:83:86:a6: 0c:17:3c:ea:1c:41:55:a2:dc:aa:d6:e2:f8:e3:34:58:f5:dc: bf:eb:b5:8c:9e:e3:81:61:67:2b:35:d8:37:8f:3f:ed:e9:cc: bd:b5:ce:4a:db:3e:51:2e:2a:48:12:c5:c9:bb:d7:0e:f0:a9: 1a:27:24:c8:90:c1:3b:18:42:77:38:46:bc:24:cd:1d:95:d5: a5:b7:93:3c:58:09:93:95:2c:e6:c6:f5:b0:74:1f:a1:d1:45: 1e:37:e5:25 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFlowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREM2 ODkyRTM2MjBERDBGMUZENjI5ODJFMTE4RTI5NzU3REM4Q0IzRDAeFw0yNTA2MjMw MjE4MTBaFw0yNjA0MDkwNjQxMjRaMDMxMTAvBgNVBAMTKERBN0Y3MDRCNTMzQkIz MjFGQkM3OUM1RUZFNjU3MkJCNzlGQ0NBNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8JO6eqwl66qwsKV+6Oy23N11xi9j2awuBYuxn3FnEAEriCD8D 6/2riFtANNnYITBPp+PpqA9keGUF6ht5xf4i9SqUygpexN8z9A7ENvVsHCdHX2YG yWQkuSsD315DHH+AMwVL8exdY+ZtIHyrymfSukjO1+AcMJ4IdrJ2XPUm9rPulaq8 wt/ustsweK3b4LtXBn24VM0BauqTH24Ngb217N8Ip5bDgaP3ea2SzErzk54V6F4+ v752Nlk4LtGcEQCTjyWhdEJb8DQdmu/weQbmWjpSw+82u/bMMlybjZdzDlPUYI5K DsnhuK7aHT63Ny19STRfzCepfvRdTY8jdTEHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU2n9wS1M7syH7x5xe/mVyu3n8ym0wHwYDVR0jBBgwFoAU3GiS42IN0PH9Ypgu EY4pdX3Iyz0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw OS8zR2lTNDJJTjBQSDlZcGd1RVk0cGRYM0l5ejAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzNHaVM0MklOMFBIOVlwZ3VFWTRwZFgzSXl6MC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvMm45d1MxTTdzeUg3 eDV4ZV9tVnl1M244eW0wLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBnJCgDANBgkqhkiG9w0BAQsFAAOCAQEAAMul9dfd03zxnXMWEdYqSHklFaMo jBLYYAcXej8fOTB7nDnh0ZEaRKwdToWeitk50FAyQ/FSKzyPDTW7V1d/LbPxucrw OhvOhxgP0tAGVxjUOoJqbdDizRMppCjkvIgnGxswWC+zHGw5C+vAmZPwkuWXylYP ks0UcQqiIPuoyIBIzdaGA+GRI32sui4BkfIdtyZTkc8VZMcYFiX5ocn9g4amDBc8 6hxBVaLcqtbi+OM0WPXcv+u1jJ7jgWFnKzXYN48/7enMvbXOSts+US4qSBLFybvX DvCpGickyJDBOxhCdzhGvCTNHZXVpbeTPFgJk5Us5sb1sHQfodFFHjflJQ== -----END CERTIFICATE-----Generated at Tue Jul 1 08:18:17 2025 by rpki-client