$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/4pe_CPME7MUAuN5W62eWRxr8TkI.roa File: 4pe_CPME7MUAuN5W62eWRxr8TkI.roa (raw, json) Hash identifier: E543aEa9xmjVh33d13AijUtfpoTCP0Jm3LLZ0Mm7YAY= Subject key identifier: E2:97:BF:08:F3:04:EC:C5:00:B8:DE:56:EB:67:96:47:1A:FC:4E:42 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: BD Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/4pe_CPME7MUAuN5W62eWRxr8TkI.roa Signing time: Fri 06 Jun 2025 02:29:16 +0000 ROA not before: Fri 06 Jun 2025 02:29:16 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 56044 IP address blocks: 240a:40c1:2010::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 04:09:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 189 (0xbd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:29:16 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=E297BF08F304ECC500B8DE56EB6796471AFC4E42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:47:2c:34:10:0f:af:4f:a8:65:7f:cd:1e:43: f5:32:e3:04:01:65:ad:a7:da:3f:86:b9:41:59:85: 43:87:2d:89:e9:ca:15:f2:e5:23:34:b8:ce:ac:3f: 3d:bc:ff:e6:f7:ff:ca:70:ba:7f:8e:aa:df:b7:8d: ff:a5:a0:fd:2d:30:9e:5e:e8:19:d3:05:33:5f:eb: 0e:73:a6:84:c9:52:d0:c1:44:85:2b:7d:4e:0b:93: 1f:2d:c7:35:eb:ac:e7:d7:60:a5:ba:80:66:7d:6e: f5:f9:cf:4f:7c:14:4c:74:05:95:57:69:a9:76:51: 4d:54:bf:4e:98:90:b6:5d:c8:64:d0:72:0f:6a:6c: 3d:3d:62:f3:78:2a:f7:a0:f6:18:35:e8:34:f0:26: 03:47:4f:61:58:f9:4d:e9:00:a8:a7:30:48:f6:06: 2c:35:87:62:4b:1e:4e:bb:72:91:5d:a4:17:4a:ad: 43:5f:43:9a:e7:3c:e2:87:e5:1e:1f:46:d5:fc:6a: 77:ae:b1:33:72:e6:9a:af:b8:8e:21:64:56:cb:36: a0:16:e6:72:8c:01:1d:5f:38:46:61:dc:63:85:52: 68:29:49:ca:4c:b6:b4:18:ba:0d:4f:4d:76:50:be: 82:0a:c5:de:eb:a8:ab:bb:3c:8e:39:64:6a:d9:e6: 04:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:97:BF:08:F3:04:EC:C5:00:B8:DE:56:EB:67:96:47:1A:FC:4E:42 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/4pe_CPME7MUAuN5W62eWRxr8TkI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c1:2010::/44 Signature Algorithm: sha256WithRSAEncryption 0f:8b:51:59:0e:90:dd:27:d2:8d:a8:0b:d2:ac:99:73:fc:6a: 7a:93:13:ba:df:1c:39:74:8c:02:27:ce:b0:e0:76:e0:92:9d: 27:77:ff:72:3b:d0:34:70:e9:a2:78:a5:db:3a:10:ec:d4:dd: 36:09:68:ff:ac:fb:00:2e:f4:2b:a7:f6:44:d6:d9:1b:c5:d3: a9:4a:0b:28:e5:74:ba:41:d2:70:f1:5b:77:42:de:bf:06:db: 67:b4:d4:1c:db:18:8e:88:e5:b1:c8:2a:09:f6:57:f4:ae:b5: cd:06:ca:07:39:e7:bf:38:69:cf:72:39:e1:64:d9:a1:5f:e3: 28:31:43:67:8a:6d:ef:7d:ec:30:d1:8c:54:7b:52:09:d0:d8: 9b:d4:8e:85:f5:20:23:d5:22:63:13:30:2e:d0:d9:29:cd:31: f9:06:e0:1b:50:35:8e:52:d0:e8:32:38:76:a9:89:5b:8d:50: e5:6d:9a:a5:ca:1a:32:c4:4c:a5:c8:7e:86:ab:46:e8:02:e1: 4c:62:d5:50:e8:c5:90:35:69:8a:63:20:d7:61:a1:09:f3:c2: bf:27:c7:67:8c:35:64:75:d9:13:8c:6a:db:60:f6:58:f0:90: 8d:3f:1b:d8:4b:bc:0e:57:3c:85:5d:20:76:03:a7:a3:ec:8a: 59:55:fa:dd -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICAL0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjI5MTZaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKEUyOTdCRjA4RjMwNEVD QzUwMEI4REU1NkVCNjc5NjQ3MUFGQzRFNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrRyw0EA+vT6hlf80eQ/Uy4wQBZa2n2j+GuUFZhUOHLYnpyhXy 5SM0uM6sPz28/+b3/8pwun+Oqt+3jf+loP0tMJ5e6BnTBTNf6w5zpoTJUtDBRIUr fU4Lkx8txzXrrOfXYKW6gGZ9bvX5z098FEx0BZVXaal2UU1Uv06YkLZdyGTQcg9q bD09YvN4Kveg9hg16DTwJgNHT2FY+U3pAKinMEj2Biw1h2JLHk67cpFdpBdKrUNf Q5rnPOKH5R4fRtX8aneusTNy5pqvuI4hZFbLNqAW5nKMAR1fOEZh3GOFUmgpScpM trQYug1PTXZQvoIKxd7rqKu7PI45ZGrZ5gTDAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQU4pe/CPME7MUAuN5W62eWRxr8TkIwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvNHBlX0NQTUU3TVVB dU41VzYyZVdSeHI4VGtJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMEgEDANBgkqhkiG9w0BAQsFAAOCAQEAD4tRWQ6Q3SfSjagL0qyZc/xq epMTut8cOXSMAifOsOB24JKdJ3f/cjvQNHDponil2zoQ7NTdNglo/6z7AC70K6f2 RNbZG8XTqUoLKOV0ukHScPFbd0LevwbbZ7TUHNsYjojlscgqCfZX9K61zQbKBznn vzhpz3I54WTZoV/jKDFDZ4pt733sMNGMVHtSCdDYm9SOhfUgI9UiYxMwLtDZKc0x +QbgG1A1jlLQ6DI4dqmJW41Q5W2apcoaMsRMpch+hqtG6ALhTGLVUOjFkDVpimMg 12GhCfPCvyfHZ4w1ZHXZE4xq22D2WPCQjT8b2Eu8Dlc8hV0gdgOno+yKWVX63Q== -----END CERTIFICATE-----Generated at Tue Jun 10 02:26:53 2025 by rpki-client