$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/CAWMmrravLcaA3DeWTC2EV6w1w0.roa File: CAWMmrravLcaA3DeWTC2EV6w1w0.roa (raw, json) Hash identifier: fAh0VgHZmALspoRDI+oMi+ZTmOLg+4YE3lCYrad+iQ8= Subject key identifier: 08:05:8C:9A:BA:DA:BC:B7:1A:03:70:DE:59:30:B6:11:5E:B0:D7:0D Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: 24 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/CAWMmrravLcaA3DeWTC2EV6w1w0.roa Signing time: Tue 27 May 2025 08:19:35 +0000 ROA not before: Tue 27 May 2025 08:19:35 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 9808 IP address blocks: 240a:42b6::/31 maxlen: 31 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36 (0x24) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: May 27 08:19:35 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=08058C9ABADABCB71A0370DE5930B6115EB0D70D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:76:d3:50:2b:9b:e3:5a:bd:0f:1a:9e:4e:f6: 01:dc:a0:62:97:74:4e:58:44:c4:cf:fc:5f:10:9f: d5:b8:3c:cc:63:e0:42:2b:97:aa:50:9d:3e:46:87: 83:1b:13:d7:31:ad:cd:d7:90:40:c6:0f:af:45:3e: b3:c9:1e:89:7b:b6:24:1b:db:0c:8d:fb:46:b4:a3: cc:59:fa:4a:c5:ea:7c:b8:f7:31:33:f9:1b:b9:c5: ec:b3:9e:58:9a:43:a5:42:f5:e9:f4:6b:d8:8c:4f: 80:65:c3:b9:54:52:96:60:cf:93:21:b6:43:df:91: e5:e3:cd:ca:24:ad:65:8a:25:e7:24:40:a3:7a:ed: a9:d6:2f:29:a3:71:c9:17:ac:c5:b6:de:c2:1d:21: bc:e8:9d:30:61:8a:23:e1:72:32:ce:a1:48:76:fa: 20:89:b8:a2:42:09:d6:6b:2d:70:5b:8a:2c:22:30: f6:42:23:91:35:d5:2b:f2:f2:1e:a9:28:de:4a:94: 36:fd:f5:ee:4f:f2:45:f0:6a:27:6a:44:7d:bd:55: be:e8:a8:27:27:df:7e:e6:60:9a:94:c1:dd:d6:2b: ce:d8:f3:63:55:61:66:d4:b7:e5:18:f7:ed:b1:df: 3c:e9:9c:04:f5:84:3a:91:f0:bd:87:22:5b:b5:c0: e1:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:05:8C:9A:BA:DA:BC:B7:1A:03:70:DE:59:30:B6:11:5E:B0:D7:0D X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/CAWMmrravLcaA3DeWTC2EV6w1w0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:42b6::/31 Signature Algorithm: sha256WithRSAEncryption da:f6:c4:ff:ed:92:70:f4:4e:a8:8d:20:28:f1:c7:ae:61:8e: d0:32:c4:f8:f0:e5:ee:44:ce:44:b5:92:4e:25:ea:4a:46:00: 52:c6:d4:ad:9b:45:04:86:68:81:09:b3:f5:c2:e3:50:e5:f2: ed:f8:4b:9a:47:26:14:d5:c0:37:53:3e:4a:a4:33:c9:43:87: f5:f0:a6:a1:88:ef:97:14:28:1b:9f:b3:03:f9:45:16:e9:87: e8:09:fa:de:14:d9:59:5d:e9:40:d8:c8:9d:5f:a2:28:3a:8a: 3f:5b:15:b5:9a:f3:e1:84:b6:92:5f:62:a0:34:96:c7:3a:42: 4b:dc:98:6a:ae:27:e4:57:01:f5:33:34:d1:db:e0:8f:df:2a: 08:7b:6d:0c:2b:4c:82:3c:a2:7a:13:18:4b:8c:59:3e:d5:18: f8:9c:7f:ad:91:82:1c:a6:89:18:51:3e:26:0e:5a:46:23:19: 87:f1:db:62:45:13:80:eb:65:f5:70:31:aa:79:f0:0b:5f:3d: 21:b4:3b:9e:4d:00:38:5d:cd:73:63:69:06:fe:70:e8:a9:2e: 13:87:79:25:97:8d:c2:f0:95:cd:94:63:f8:a4:91:32:37:b0: 34:e7:01:01:0b:fe:dc:fc:ee:05:c3:55:3b:60:d1:22:bc:7f: 2f:db:41:8d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgIBJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4 MTkzNVoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoMDgwNThDOUFCQURBQkNC NzFBMDM3MERFNTkzMEI2MTE1RUIwRDcwRDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMp201Arm+NavQ8ank72AdygYpd0TlhExM/8XxCf1bg8zGPgQiuX qlCdPkaHgxsT1zGtzdeQQMYPr0U+s8keiXu2JBvbDI37RrSjzFn6SsXqfLj3MTP5 G7nF7LOeWJpDpUL16fRr2IxPgGXDuVRSlmDPkyG2Q9+R5ePNyiStZYol5yRAo3rt qdYvKaNxyResxbbewh0hvOidMGGKI+FyMs6hSHb6IIm4okIJ1mstcFuKLCIw9kIj kTXVK/LyHqko3kqUNv317k/yRfBqJ2pEfb1VvuioJyfffuZgmpTB3dYrztjzY1Vh ZtS35Rj37bHfPOmcBPWEOpHwvYciW7XA4Q8CAwEAAaOCAfQwggHwMB0GA1UdDgQW BBQIBYyautq8txoDcN5ZMLYRXrDXDTAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi9DQVdNbXJyYXZMY2FB M0RlV1RDMkVWNncxdzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH AwUBJApCtjANBgkqhkiG9w0BAQsFAAOCAQEA2vbE/+2ScPROqI0gKPHHrmGO0DLE +PDl7kTORLWSTiXqSkYAUsbUrZtFBIZogQmz9cLjUOXy7fhLmkcmFNXAN1M+SqQz yUOH9fCmoYjvlxQoG5+zA/lFFumH6An63hTZWV3pQNjInV+iKDqKP1sVtZrz4YS2 kl9ioDSWxzpCS9yYaq4n5FcB9TM00dvgj98qCHttDCtMgjyiehMYS4xZPtUY+Jx/ rZGCHKaJGFE+Jg5aRiMZh/HbYkUTgOtl9XAxqnnwC189IbQ7nk0AOF3Nc2NpBv5w 6KkuE4d5JZeNwvCVzZRj+KSRMjewNOcBAQv+3PzuBcNVO2DRIrx/L9tBjQ== -----END CERTIFICATE-----Generated at Wed Jun 4 01:01:40 2025 by rpki-client