$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/9XR1Wr3UXR5FWLyI_OgkQ4WV_aI.roa File: 9XR1Wr3UXR5FWLyI_OgkQ4WV_aI.roa (raw, json) Hash identifier: WGdpsf2yYHNz3n2IhTdI+ZHzCp3TG7Wpoi24j6ki89Q= Subject key identifier: F5:74:75:5A:BD:D4:5D:1E:45:58:BC:88:FC:E8:24:43:85:95:FD:A2 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: 03 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/9XR1Wr3UXR5FWLyI_OgkQ4WV_aI.roa Signing time: Tue 27 May 2025 07:47:49 +0000 ROA not before: Tue 27 May 2025 07:47:49 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 146788 IP address blocks: 240a:4080:8000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: May 27 07:47:49 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=F574755ABDD45D1E4558BC88FCE824438595FDA2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:47:21:d5:54:15:c5:c2:fc:e2:27:1f:ba:0e: 40:00:84:bb:85:1b:55:04:35:62:41:7d:c1:67:0e: de:32:2c:fe:4d:5d:d9:19:9c:85:aa:ac:d1:79:95: 38:9f:73:47:d9:f6:88:27:b5:93:31:42:5e:e4:61: 77:18:fa:b2:b3:25:3c:17:71:6b:25:d0:5b:42:8c: 73:fe:95:58:96:52:ea:94:96:c2:64:c2:d9:50:f6: 4f:6b:d9:cd:48:a1:05:bf:37:54:8e:af:c0:e9:c5: 6b:41:fa:f4:87:b0:3d:98:ed:f8:12:4a:ca:67:e1: 41:2d:73:36:67:30:8c:ba:3a:cd:db:04:32:72:f6: 66:9d:d6:f0:a1:c4:41:83:63:aa:ca:bc:59:dc:c4: 71:42:2a:b6:70:37:69:3e:57:2e:4d:b1:97:aa:ad: ab:4d:f7:dc:3c:e0:e2:c6:21:1c:e7:53:8d:f2:39: 31:03:1a:84:fd:ec:ec:95:e6:06:bd:38:69:15:48: 55:05:aa:3f:da:91:40:73:f1:64:2a:70:f3:54:a7: b2:91:98:c6:a5:7c:f0:1d:73:e6:3f:a9:e5:88:8e: a8:f9:da:59:33:ae:86:f9:e0:bb:9b:4e:79:3c:1e: 8e:6a:ca:d1:88:2a:3a:a2:01:66:88:24:5e:dd:cf: 46:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:74:75:5A:BD:D4:5D:1E:45:58:BC:88:FC:E8:24:43:85:95:FD:A2 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/9XR1Wr3UXR5FWLyI_OgkQ4WV_aI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:4080:8000::/48 Signature Algorithm: sha256WithRSAEncryption d7:41:73:87:cc:07:f8:0d:5a:92:f3:c5:5a:4b:76:7f:85:d5: 91:43:e5:70:ff:eb:b8:90:cf:d4:66:ac:e1:7a:71:c9:a7:96: 24:fe:0d:13:65:03:61:16:19:84:0f:39:14:26:14:da:bc:44: 66:e9:91:da:df:b3:aa:de:ca:97:78:51:35:7b:3c:2b:0f:d3: 54:df:6f:80:d8:ce:84:89:40:4c:ce:8d:70:d3:82:eb:f5:4b: d1:53:0c:e3:ee:fc:10:58:3b:40:7f:8e:ea:b3:fe:78:65:a1: 94:3d:85:1a:35:6e:f5:c9:70:66:9e:10:d0:6f:17:8f:d5:f8: 8c:86:ce:35:95:69:e2:98:43:e7:cc:fe:bb:45:a9:48:ec:78: a3:90:05:68:c5:b0:bd:74:f0:4e:10:8f:7f:dd:76:8c:2b:be: 52:f6:23:50:81:02:c5:e9:e6:62:5d:e5:5e:81:b9:e8:60:0d: be:97:d5:ed:3f:b7:f9:10:93:97:f0:8b:b4:48:07:a9:d2:23: 70:0c:63:7d:07:40:15:71:6a:35:c9:ff:b9:70:c0:39:78:c4: 21:7d:39:94:f4:9c:35:57:ac:b7:26:3a:87:fa:87:56:52:d9: 56:d9:f0:4a:47:8c:d6:7a:5c:4f:a3:08:cf:6f:95:c2:87:d1: e2:10:43:b1 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA3 NDc0OVoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoRjU3NDc1NUFCREQ0NUQx RTQ1NThCQzg4RkNFODI0NDM4NTk1RkRBMjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMdHIdVUFcXC/OInH7oOQACEu4UbVQQ1YkF9wWcO3jIs/k1d2Rmc haqs0XmVOJ9zR9n2iCe1kzFCXuRhdxj6srMlPBdxayXQW0KMc/6VWJZS6pSWwmTC 2VD2T2vZzUihBb83VI6vwOnFa0H69IewPZjt+BJKymfhQS1zNmcwjLo6zdsEMnL2 Zp3W8KHEQYNjqsq8WdzEcUIqtnA3aT5XLk2xl6qtq0333Dzg4sYhHOdTjfI5MQMa hP3s7JXmBr04aRVIVQWqP9qRQHPxZCpw81SnspGYxqV88B1z5j+p5YiOqPnaWTOu hvngu5tOeTwejmrK0YgqOqIBZogkXt3PRn8CAwEAAaOCAfYwggHyMB0GA1UdDgQW BBT1dHVavdRdHkVYvIj86CRDhZX9ojAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi85WFIxV3IzVVhSNUZX THlJX09na1E0V1ZfYUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAJApAgIAAMA0GCSqGSIb3DQEBCwUAA4IBAQDXQXOHzAf4DVqS88VaS3Z/hdWR Q+Vw/+u4kM/UZqzhenHJp5Yk/g0TZQNhFhmEDzkUJhTavERm6ZHa37Oq3sqXeFE1 ezwrD9NU32+A2M6EiUBMzo1w04Lr9UvRUwzj7vwQWDtAf47qs/54ZaGUPYUaNW71 yXBmnhDQbxeP1fiMhs41lWnimEPnzP67RalI7HijkAVoxbC9dPBOEI9/3XaMK75S 9iNQgQLF6eZiXeVegbnoYA2+l9XtP7f5EJOX8Iu0SAep0iNwDGN9B0AVcWo1yf+5 cMA5eMQhfTmU9Jw1V6y3JjqH+odWUtlW2fBKR4zWelxPowjPb5XCh9HiEEOx -----END CERTIFICATE-----Generated at Wed Jun 4 01:01:56 2025 by rpki-client