$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/GiQ8YW2_5gK0_UiAhrthXUrRoDY.roa File: GiQ8YW2_5gK0_UiAhrthXUrRoDY.roa (raw, json) Hash identifier: EHYSXwP68hHJH0y7kmYBlXqSD9SxlrqKFJB2LimhyF8= Subject key identifier: 1A:24:3C:61:6D:BF:E6:02:B4:FD:48:80:86:BB:61:5D:4A:D1:A0:36 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: 3B Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/GiQ8YW2_5gK0_UiAhrthXUrRoDY.roa Signing time: Tue 27 May 2025 08:25:28 +0000 ROA not before: Tue 27 May 2025 08:25:28 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 9808 IP address blocks: 240a:42d0::/31 maxlen: 31 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:39:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59 (0x3b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: May 27 08:25:28 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=1A243C616DBFE602B4FD488086BB615D4AD1A036 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:97:b1:2f:45:ec:33:5c:09:fe:61:60:9f:04: 70:16:10:98:50:ab:4f:62:a5:12:f5:92:16:70:a0: 58:02:88:23:20:ea:ec:51:09:45:fa:c0:43:88:cb: d8:fe:c6:00:e3:d9:32:10:a6:d0:4d:10:41:3d:4d: bb:cd:e0:ec:18:0b:0d:f5:11:83:77:f8:bd:96:95: fe:38:cc:bf:b6:97:51:3d:40:3b:09:92:7f:d1:1a: 15:22:49:db:6c:d8:60:dd:fa:71:0c:a0:68:bf:d9: 1e:ff:5a:a6:3f:cb:6d:28:3a:b0:0f:f8:91:ca:64: f6:7a:1a:a8:7d:d8:56:9b:ef:c9:1c:8d:56:8e:31: 11:94:4b:cc:a1:01:df:e3:bd:0b:e0:7a:18:02:bd: 1d:5a:9b:a5:7b:7d:09:7d:b7:69:ef:c9:38:0c:66: 2e:7a:ec:c4:e0:4b:7e:45:da:1c:e5:37:90:cf:66: 2e:8b:9e:6b:6c:34:32:8f:1d:77:29:1a:fb:8b:8a: 8e:77:40:f8:e7:63:5c:b0:dd:16:c8:7e:7a:cb:08: 9b:49:9b:43:85:d2:6b:86:87:39:26:f6:06:5b:f3: 37:eb:3a:50:a3:db:aa:67:56:c1:6f:53:27:40:10: 93:76:64:3d:19:7d:74:36:df:4b:09:52:08:d3:1c: 4a:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:24:3C:61:6D:BF:E6:02:B4:FD:48:80:86:BB:61:5D:4A:D1:A0:36 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/GiQ8YW2_5gK0_UiAhrthXUrRoDY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:42d0::/31 Signature Algorithm: sha256WithRSAEncryption 92:37:a3:9d:54:dd:ef:5a:c4:a8:9e:a2:87:6f:76:7c:ae:97: af:f4:ea:81:98:02:98:1d:4a:ca:46:02:5c:fd:1a:5b:bd:4d: 91:91:ac:c4:ce:81:31:ac:16:84:c4:68:7a:1d:a1:66:08:75: 3d:dc:ff:5c:72:f4:82:2b:ba:59:6a:df:e4:f7:af:69:0b:52: 5a:77:7b:23:22:2f:01:a0:39:24:96:80:e6:9e:ed:83:ad:16: a6:38:c9:b6:5b:da:ea:75:39:d6:99:d2:a8:cd:76:e0:f2:ba: 7d:94:9e:fb:e9:ac:59:cb:f1:f2:41:06:ae:d8:41:cf:a5:c3: d3:de:f7:8e:e4:1c:90:42:21:f7:2d:26:f5:27:88:eb:3e:da: da:b4:a9:50:a1:6e:99:d9:e1:30:01:8b:2d:3e:f4:d1:ac:2f: b9:7e:98:9c:bb:14:17:a8:e4:56:34:db:aa:30:cf:6e:85:c1: ea:60:84:1a:26:3a:cc:e6:81:90:b4:00:fe:c9:e1:3e:66:1d: 36:7e:a5:e7:79:be:4c:bb:a4:8b:c4:d4:6b:c7:7f:84:82:86: 49:56:bb:db:93:42:73:2e:1b:ef:9a:53:70:32:8b:1b:0c:e6: dc:51:9d:ae:89:ef:1d:58:a2:55:54:23:26:a3:cd:2d:bc:c6: 3e:77:1d:5c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgIBOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4 MjUyOFoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoMUEyNDNDNjE2REJGRTYw MkI0RkQ0ODgwODZCQjYxNUQ0QUQxQTAzNjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALqXsS9F7DNcCf5hYJ8EcBYQmFCrT2KlEvWSFnCgWAKIIyDq7FEJ RfrAQ4jL2P7GAOPZMhCm0E0QQT1Nu83g7BgLDfURg3f4vZaV/jjMv7aXUT1AOwmS f9EaFSJJ22zYYN36cQygaL/ZHv9apj/LbSg6sA/4kcpk9noaqH3YVpvvyRyNVo4x EZRLzKEB3+O9C+B6GAK9HVqbpXt9CX23ae/JOAxmLnrsxOBLfkXaHOU3kM9mLoue a2w0Mo8ddyka+4uKjndA+OdjXLDdFsh+essIm0mbQ4XSa4aHOSb2BlvzN+s6UKPb qmdWwW9TJ0AQk3ZkPRl9dDbfSwlSCNMcSkMCAwEAAaOCAfQwggHwMB0GA1UdDgQW BBQaJDxhbb/mArT9SICGu2FdStGgNjAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi9HaVE4WVcyXzVnSzBf VWlBaHJ0aFhVclJvRFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH AwUBJApC0DANBgkqhkiG9w0BAQsFAAOCAQEAkjejnVTd71rEqJ6ih292fK6Xr/Tq gZgCmB1KykYCXP0aW71NkZGsxM6BMawWhMRoeh2hZgh1Pdz/XHL0giu6WWrf5Pev aQtSWnd7IyIvAaA5JJaA5p7tg60WpjjJtlva6nU51pnSqM124PK6fZSe++msWcvx 8kEGrthBz6XD0973juQckEIh9y0m9SeI6z7a2rSpUKFumdnhMAGLLT700awvuX6Y nLsUF6jkVjTbqjDPboXB6mCEGiY6zOaBkLQA/snhPmYdNn6l53m+TLuki8TUa8d/ hIKGSVa725NCcy4b75pTcDKLGwzm3FGdronvHViiVVQjJqPNLbzGPncdXA== -----END CERTIFICATE-----Generated at Thu Jun 5 20:37:46 2025 by rpki-client