$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/NoSXkYq9MORIxl9mzDYIjAgS6Xg.roa File: NoSXkYq9MORIxl9mzDYIjAgS6Xg.roa (raw, json) Hash identifier: Ee7udWNpZvKUhk5snOyYCVs183AAsgQFz9UI4nY6VeI= Subject key identifier: 36:84:97:91:8A:BD:30:E4:48:C6:5F:66:CC:36:08:8C:08:12:E9:78 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: C8 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/NoSXkYq9MORIxl9mzDYIjAgS6Xg.roa Signing time: Fri 06 Jun 2025 02:31:08 +0000 ROA not before: Fri 06 Jun 2025 02:31:08 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 24445 IP address blocks: 240a:40c2:6010::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 12 Jun 2025 08:09:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 200 (0xc8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:31:08 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=368497918ABD30E448C65F66CC36088C0812E978 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:20:d5:21:65:d3:71:33:3d:25:1e:9c:6e:ab: 42:8e:fd:13:09:e4:b6:a0:aa:90:8a:28:be:a6:16: 09:1d:20:46:95:e9:50:0e:21:87:50:3c:e0:e8:65: c2:ea:12:2c:1b:1b:90:e3:0b:3a:4b:80:2f:99:99: b5:b6:b4:63:d5:6b:11:cd:88:3c:8f:e7:9c:d5:7e: 63:86:9e:f6:ec:13:55:9a:bd:6a:6f:fb:86:d0:88: 84:79:81:06:64:5e:8a:0d:f1:b3:3c:7f:e1:23:ba: ec:5e:18:ed:01:18:ab:31:25:c4:ea:73:47:9c:c9: 69:92:32:42:ac:d3:d8:1e:4a:a1:06:c3:57:18:9b: 1d:94:92:7f:47:e1:73:10:4b:53:68:36:84:35:4f: c5:da:a5:f7:c5:ad:99:f9:1b:13:6f:e6:5e:91:bf: 0a:32:e2:cd:50:c2:e6:87:4c:41:9f:e6:f7:0e:c2: f8:df:97:58:67:58:c1:a3:6a:c0:b6:58:f6:6d:b8: ec:6c:a5:d4:4b:31:aa:0a:cd:db:8a:db:06:19:40: 9c:97:a1:6e:a3:68:c8:a0:de:7e:59:b3:b6:2a:bc: 91:f4:bb:07:ce:42:a2:c6:c3:d5:16:44:f5:ea:95: fc:e1:0c:c2:b2:75:7e:17:c9:56:38:b9:2b:1a:df: 58:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:84:97:91:8A:BD:30:E4:48:C6:5F:66:CC:36:08:8C:08:12:E9:78 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/NoSXkYq9MORIxl9mzDYIjAgS6Xg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c2:6010::/44 Signature Algorithm: sha256WithRSAEncryption be:5c:b8:90:e0:d5:0f:32:60:d5:23:a0:a6:25:bb:5f:f7:53: 35:46:0e:8e:8e:62:bf:a6:4b:86:c3:5c:97:af:fa:50:8e:2e: cf:4c:b9:b3:79:d9:b5:91:50:bd:36:fe:e4:68:0f:eb:a8:e4: a0:69:dc:9b:a6:d2:65:7d:3f:ed:4a:ea:27:fe:84:fd:50:ab: 1c:af:cc:0c:bb:c7:f4:d8:ac:a0:5e:9e:2f:39:03:64:65:d6: 71:36:f5:8c:33:be:91:81:9d:fc:18:e8:76:ef:03:0b:7e:db: ef:5d:da:16:b6:f0:ee:af:82:38:86:63:03:19:ef:5f:b2:98: b5:8d:a4:20:80:6b:26:40:2a:93:99:42:da:4a:e7:ef:ff:01: 8b:d4:d2:1a:08:33:59:66:70:51:07:49:47:d3:8c:bb:a4:ae: e6:64:0b:a2:c9:ef:e1:32:0e:85:0a:ba:ab:1d:a8:7a:81:d8: 60:a0:8d:1d:94:64:34:ae:61:d6:93:5f:e1:62:ac:ed:b6:7d: 3f:60:22:79:07:19:59:2b:f0:5d:ee:07:38:eb:be:a5:10:5e: 45:e5:b2:ac:24:45:ab:56:3c:94:51:21:f3:b1:f4:c3:db:27: 4c:12:19:9a:38:9c:b0:87:dd:50:a1:32:06:33:62:94:89:ff: 3b:ee:97:ae -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICAMgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjMxMDhaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDM2ODQ5NzkxOEFCRDMw RTQ0OEM2NUY2NkNDMzYwODhDMDgxMkU5NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDbINUhZdNxMz0lHpxuq0KO/RMJ5LagqpCKKL6mFgkdIEaV6VAO IYdQPODoZcLqEiwbG5DjCzpLgC+ZmbW2tGPVaxHNiDyP55zVfmOGnvbsE1WavWpv +4bQiIR5gQZkXooN8bM8f+EjuuxeGO0BGKsxJcTqc0ecyWmSMkKs09geSqEGw1cY mx2Ukn9H4XMQS1NoNoQ1T8XapffFrZn5GxNv5l6Rvwoy4s1QwuaHTEGf5vcOwvjf l1hnWMGjasC2WPZtuOxspdRLMaoKzduK2wYZQJyXoW6jaMig3n5Zs7YqvJH0uwfO QqLGw9UWRPXqlfzhDMKydX4XyVY4uSsa31jTAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUNoSXkYq9MORIxl9mzDYIjAgS6XgwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvTm9TWGtZcTlNT1JJ eGw5bXpEWUlqQWdTNlhnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMJgEDANBgkqhkiG9w0BAQsFAAOCAQEAvly4kODVDzJg1SOgpiW7X/dT NUYOjo5iv6ZLhsNcl6/6UI4uz0y5s3nZtZFQvTb+5GgP66jkoGncm6bSZX0/7Urq J/6E/VCrHK/MDLvH9NisoF6eLzkDZGXWcTb1jDO+kYGd/Bjodu8DC37b713aFrbw 7q+COIZjAxnvX7KYtY2kIIBrJkAqk5lC2krn7/8Bi9TSGggzWWZwUQdJR9OMu6Su 5mQLosnv4TIOhQq6qx2oeoHYYKCNHZRkNK5h1pNf4WKs7bZ9P2AieQcZWSvwXe4H OOu+pRBeReWyrCRFq1Y8lFEh87H0w9snTBIZmjicsIfdUKEyBjNilIn/O+6Xrg== -----END CERTIFICATE-----Generated at Thu Jun 12 07:50:23 2025 by rpki-client