$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/HHVgUcYnzH1C6uK-oAW8jx3hKww.roa File: HHVgUcYnzH1C6uK-oAW8jx3hKww.roa (raw, json) Hash identifier: HYuvJHxteqKcW9fZYfDansTAcXmQUdEsJwmPTJ30AOE= Subject key identifier: 1C:75:60:51:C6:27:CC:7D:42:EA:E2:BE:A0:05:BC:8F:1D:E1:2B:0C Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: 3A Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/HHVgUcYnzH1C6uK-oAW8jx3hKww.roa Signing time: Tue 27 May 2025 08:25:28 +0000 ROA not before: Tue 27 May 2025 08:25:28 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 9808 IP address blocks: 240a:42ea::/31 maxlen: 31 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58 (0x3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: May 27 08:25:28 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=1C756051C627CC7D42EAE2BEA005BC8F1DE12B0C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:e8:1b:c6:63:4e:ab:41:a1:4d:05:d2:69:7a: 56:e5:35:32:7c:98:13:c6:01:9d:05:c9:06:ff:0c: 62:05:1d:25:55:ba:cf:e6:f7:3a:d5:33:29:9c:08: 22:23:95:51:90:50:ee:8d:ff:3f:19:1a:9f:c4:4f: e4:c8:e0:2f:3d:51:5c:5f:1a:84:cd:99:cf:59:6a: 1a:4a:08:ac:f3:06:7a:a9:ea:49:56:e5:bf:61:a2: 65:cc:6e:16:e9:f0:1b:6c:65:e7:31:2d:7f:67:bf: 6b:76:5a:4d:ca:01:1e:94:89:d0:fc:0d:aa:79:65: 4a:e5:5b:66:e4:2e:7a:b2:34:ce:8e:4d:4f:74:82: b7:a0:36:fd:da:25:29:5e:0d:81:5a:00:3a:1d:99: 7b:34:29:4a:99:62:44:4b:18:92:ac:52:81:2e:c4: 91:db:33:b2:39:7e:15:bf:1b:1b:f2:f9:51:13:e0: 55:f1:d5:9d:c5:43:04:5d:45:08:14:45:e7:01:17: 08:c6:53:27:92:ec:1c:e8:51:79:aa:1c:0e:65:3c: 37:43:e5:eb:21:aa:fa:09:bc:c5:51:83:68:c5:da: ea:54:db:3b:64:a4:46:f7:3e:1f:f1:e0:89:a2:f5: 57:02:e9:ee:99:1a:d9:68:97:1e:ec:b4:72:f4:e1: bc:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:75:60:51:C6:27:CC:7D:42:EA:E2:BE:A0:05:BC:8F:1D:E1:2B:0C X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/HHVgUcYnzH1C6uK-oAW8jx3hKww.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:42ea::/31 Signature Algorithm: sha256WithRSAEncryption 5c:5c:c6:3a:18:31:f5:cb:a7:77:5b:78:95:73:65:d9:71:08: 4e:bb:3b:01:d8:ff:64:62:2f:fd:22:25:32:f8:2a:80:cf:a2: cc:f5:ea:c6:3b:c4:b2:1b:1f:42:28:e8:55:21:a5:ef:ce:e3: 00:f5:40:3c:d2:83:70:8f:46:84:98:f6:48:12:d4:be:89:ab: 2e:bc:4e:95:ce:d5:dd:ac:8f:d0:18:35:d8:94:24:10:1c:27: 8e:ef:db:15:ef:e8:2c:1d:f6:42:dd:58:70:fb:e2:4f:6f:e9: 0f:7f:43:67:24:e8:a2:7f:c3:b7:8f:b8:71:05:ba:ae:1f:62: 04:bc:e7:06:21:f2:04:59:22:23:af:2c:72:32:4f:da:6c:0b: fe:9b:14:6e:f8:51:3a:f6:d1:08:fd:03:20:36:0d:5d:24:a5: cc:c8:fa:27:71:f6:26:3b:54:5d:4f:24:45:63:37:50:48:0d: 81:91:60:c8:4a:2b:64:e8:3c:8a:b8:e9:67:2d:e6:19:fe:78: 07:dc:d4:0c:c4:85:83:eb:64:3d:5c:e9:8b:8f:d5:b7:d8:55: 61:99:86:49:88:37:c1:9a:55:fc:8f:bf:6e:66:85:86:04:16: ec:77:a6:22:b1:e6:cf:a5:3d:ee:97:5f:56:2f:70:b2:f9:23: ec:0b:62:96 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgIBOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4 MjUyOFoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoMUM3NTYwNTFDNjI3Q0M3 RDQyRUFFMkJFQTAwNUJDOEYxREUxMkIwQzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANfoG8ZjTqtBoU0F0ml6VuU1MnyYE8YBnQXJBv8MYgUdJVW6z+b3 OtUzKZwIIiOVUZBQ7o3/Pxkan8RP5MjgLz1RXF8ahM2Zz1lqGkoIrPMGeqnqSVbl v2GiZcxuFunwG2xl5zEtf2e/a3ZaTcoBHpSJ0PwNqnllSuVbZuQuerI0zo5NT3SC t6A2/dolKV4NgVoAOh2ZezQpSpliREsYkqxSgS7Ekdszsjl+Fb8bG/L5URPgVfHV ncVDBF1FCBRF5wEXCMZTJ5LsHOhReaocDmU8N0Pl6yGq+gm8xVGDaMXa6lTbO2Sk Rvc+H/HgiaL1VwLp7pka2WiXHuy0cvThvFMCAwEAAaOCAfQwggHwMB0GA1UdDgQW BBQcdWBRxifMfULq4r6gBbyPHeErDDAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi9ISFZnVWNZbnpIMUM2 dUstb0FXOGp4M2hLd3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH AwUBJApC6jANBgkqhkiG9w0BAQsFAAOCAQEAXFzGOhgx9cund1t4lXNl2XEITrs7 Adj/ZGIv/SIlMvgqgM+izPXqxjvEshsfQijoVSGl787jAPVAPNKDcI9GhJj2SBLU vomrLrxOlc7V3ayP0Bg12JQkEBwnju/bFe/oLB32Qt1YcPviT2/pD39DZyToon/D t4+4cQW6rh9iBLznBiHyBFkiI68scjJP2mwL/psUbvhROvbRCP0DIDYNXSSlzMj6 J3H2JjtUXU8kRWM3UEgNgZFgyEorZOg8irjpZy3mGf54B9zUDMSFg+tkPVzpi4/V t9hVYZmGSYg3wZpV/I+/bmaFhgQW7HemIrHmz6U97pdfVi9wsvkj7Atilg== -----END CERTIFICATE-----Generated at Wed Jun 4 02:17:49 2025 by rpki-client