$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/7WwLFCBZ41lT3N2IQ7_4-pAuc0c.roa File: 7WwLFCBZ41lT3N2IQ7_4-pAuc0c.roa (raw, json) Hash identifier: cMDel/M7Ulyx2KGwgxbqrvNvnavd5YSl72NYcwOYeLI= Subject key identifier: ED:6C:0B:14:20:59:E3:59:53:DC:DD:88:43:BF:F8:FA:90:2E:73:47 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: AA Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/7WwLFCBZ41lT3N2IQ7_4-pAuc0c.roa Signing time: Fri 06 Jun 2025 02:21:22 +0000 ROA not before: Fri 06 Jun 2025 02:21:22 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 56048 IP address blocks: 240a:40c0:8000::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 03:39:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 170 (0xaa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:21:22 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=ED6C0B142059E35953DCDD8843BFF8FA902E7347 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:86:b6:66:38:9e:3a:59:78:72:f8:55:98:15: 4e:9b:38:91:cc:0f:c0:37:79:1c:92:c3:42:1d:75: cc:31:3b:e4:f7:86:80:40:64:e0:f0:0e:e3:97:43: a0:c9:6a:4f:45:f1:19:50:42:cf:ec:61:23:1e:43: 64:cf:90:c4:7f:f8:e5:df:4b:6c:8f:f5:1c:88:a9: f6:e4:df:7d:46:e5:87:f9:ff:42:bb:3d:5d:c8:cb: f0:eb:b5:70:f9:70:4d:51:28:74:f9:d3:79:99:f6: ef:fe:5f:b9:3c:ae:1e:64:1c:09:58:87:63:44:ef: d3:de:a1:d0:f9:29:56:37:23:0e:c4:ba:9c:7f:97: f3:03:00:87:d7:9b:9a:df:fb:cf:27:9c:9d:95:8d: c5:a1:77:fd:d6:37:7b:ea:2c:d0:cf:90:1e:4f:62: 06:cc:68:68:8f:a2:26:aa:68:5d:05:81:0b:be:61: 1f:c5:75:ee:25:49:80:26:1f:a3:9a:92:1b:12:de: 9a:8f:3d:f5:58:46:0d:a5:83:91:b5:a9:b9:1e:02: 25:67:f0:2b:46:a0:2f:53:6e:b9:08:1f:df:48:94: 69:f7:13:e0:97:6f:8c:b8:2e:01:97:07:c8:67:f4: 10:54:31:a5:ac:c7:dd:bd:44:88:01:52:ea:96:6f: b0:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:6C:0B:14:20:59:E3:59:53:DC:DD:88:43:BF:F8:FA:90:2E:73:47 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/7WwLFCBZ41lT3N2IQ7_4-pAuc0c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c0:8000::/44 Signature Algorithm: sha256WithRSAEncryption 54:7e:ce:51:7c:99:9c:f4:43:29:5c:fe:56:1b:be:37:f6:f5: ce:ce:4e:4d:ff:0b:e8:04:99:19:c6:f5:cf:a6:6b:c6:02:3b: f9:7f:11:b4:21:62:c2:d6:28:2e:12:4e:0d:a0:2a:19:b4:a8: c7:b6:26:29:ab:1c:47:eb:41:5f:82:66:87:05:60:34:91:c2: 4b:c5:c0:c5:4f:2d:1a:54:25:08:47:63:52:3d:10:ef:33:79: 26:be:aa:b3:bb:a8:c0:7a:fe:e5:ba:08:b1:f8:0e:f9:d6:a3: 0a:14:d3:71:ee:72:38:06:75:c8:0f:97:1e:81:26:4e:b6:12: a5:9f:39:ef:ee:a2:eb:68:be:44:87:0a:33:21:fd:06:0d:fc: 48:cd:74:0f:13:62:68:e2:2b:72:54:fc:ac:9e:07:01:5a:dd: ef:c9:6e:d1:4c:4b:e0:87:7d:dc:6a:00:bb:ee:39:e7:a6:20: 56:6d:60:55:57:b1:9d:31:7f:3d:31:62:1f:a8:ca:4d:db:75: 6e:2c:8c:99:fd:84:17:fc:3d:1a:ee:ec:ca:11:19:04:4e:4b: 74:86:ee:8b:4c:9c:8b:42:fa:5b:18:91:bd:69:6f:84:e4:c2: 66:6b:cd:e3:53:40:39:66:bd:f1:aa:5c:1f:43:d5:90:89:85: 1f:b1:3d:d6 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICAKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjIxMjJaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKEVENkMwQjE0MjA1OUUz NTk1M0RDREQ4ODQzQkZGOEZBOTAyRTczNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCfhrZmOJ46WXhy+FWYFU6bOJHMD8A3eRySw0IddcwxO+T3hoBA ZODwDuOXQ6DJak9F8RlQQs/sYSMeQ2TPkMR/+OXfS2yP9RyIqfbk331G5Yf5/0K7 PV3Iy/DrtXD5cE1RKHT503mZ9u/+X7k8rh5kHAlYh2NE79PeodD5KVY3Iw7Eupx/ l/MDAIfXm5rf+88nnJ2VjcWhd/3WN3vqLNDPkB5PYgbMaGiPoiaqaF0FgQu+YR/F de4lSYAmH6OakhsS3pqPPfVYRg2lg5G1qbkeAiVn8CtGoC9TbrkIH99IlGn3E+CX b4y4LgGXB8hn9BBUMaWsx929RIgBUuqWb7B1AgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQU7WwLFCBZ41lT3N2IQ7/4+pAuc0cwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvN1d3TEZDQlo0MWxU M04ySVE3XzQtcEF1YzBjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMCAADANBgkqhkiG9w0BAQsFAAOCAQEAVH7OUXyZnPRDKVz+Vhu+N/b1 zs5OTf8L6ASZGcb1z6ZrxgI7+X8RtCFiwtYoLhJODaAqGbSox7YmKascR+tBX4Jm hwVgNJHCS8XAxU8tGlQlCEdjUj0Q7zN5Jr6qs7uowHr+5boIsfgO+dajChTTce5y OAZ1yA+XHoEmTrYSpZ857+6i62i+RIcKMyH9Bg38SM10DxNiaOIrclT8rJ4HAVrd 78lu0UxL4Id93GoAu+4556YgVm1gVVexnTF/PTFiH6jKTdt1biyMmf2EF/w9Gu7s yhEZBE5LdIbui0yci0L6WxiRvWlvhOTCZmvN41NAOWa98apcH0PVkImFH7E91g== -----END CERTIFICATE-----Generated at Wed Jun 11 02:06:35 2025 by rpki-client