$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/WcCPYufIVyucbrySdiq9PQw-Qyc.roa File: WcCPYufIVyucbrySdiq9PQw-Qyc.roa (raw, json) Hash identifier: 2U9CXN1xVqtIIgU5N6+vKQ3OiSrRUorgUp3ZBGdR0J8= Subject key identifier: 59:C0:8F:62:E7:C8:57:2B:9C:6E:BC:92:76:2A:BD:3D:0C:3E:43:27 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: 51 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/WcCPYufIVyucbrySdiq9PQw-Qyc.roa Signing time: Tue 27 May 2025 08:36:31 +0000 ROA not before: Tue 27 May 2025 08:36:31 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 56041 IP address blocks: 240a:42aa::/31 maxlen: 31 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 81 (0x51) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: May 27 08:36:31 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=59C08F62E7C8572B9C6EBC92762ABD3D0C3E4327 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:e0:15:64:b9:03:f9:92:20:f5:23:5c:f6:20: e8:28:68:d4:6f:b6:7f:05:94:72:01:3c:c3:30:04: 85:cf:d0:53:05:3c:d0:9f:d4:49:2a:be:1b:2c:fc: aa:c4:ff:6d:d6:78:1c:42:6d:d2:c3:14:5c:3a:b3: 4c:66:5a:cc:18:d1:e2:60:94:07:cd:b8:2a:dd:42: 22:99:89:e3:9f:d1:cd:e4:b4:79:a2:10:55:65:e2: c9:60:f8:90:ed:39:73:e9:52:1a:d7:05:10:70:47: 77:c2:57:4d:d2:6f:dc:57:e3:61:88:25:3f:71:a6: 99:a7:c0:ca:51:ba:ec:0e:a4:bd:5f:91:a4:0f:fa: d0:a5:69:51:2a:ed:8b:3c:bb:a4:b9:47:3f:f3:5a: ac:0f:44:07:d3:14:6f:b5:26:a1:25:c1:e6:9b:dc: 62:8e:6b:b7:82:f9:ab:b8:c5:48:eb:83:f6:8c:27: bc:16:2b:e2:28:be:c1:72:3c:90:ed:aa:43:39:28: 7a:63:99:8b:c3:1d:fb:be:b9:85:56:91:4d:88:2d: 66:08:4c:a5:1d:80:d1:db:3c:4e:3a:21:82:e5:ac: 6b:88:65:79:30:10:ff:ee:3c:f0:e6:7e:a7:85:31: 7c:b7:04:e0:40:02:30:58:d9:eb:8d:86:18:fb:54: 93:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:C0:8F:62:E7:C8:57:2B:9C:6E:BC:92:76:2A:BD:3D:0C:3E:43:27 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/WcCPYufIVyucbrySdiq9PQw-Qyc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:42aa::/31 Signature Algorithm: sha256WithRSAEncryption 62:49:5e:ef:13:ed:63:0e:e8:80:ec:4c:87:df:22:39:65:ab: 66:cc:f3:f1:64:1f:c4:c2:49:39:cc:01:ff:9d:6b:fd:e1:c3: 94:4b:a6:79:ed:36:e7:af:88:7e:ac:c4:c2:0d:77:2c:03:cc: 30:c6:80:cf:57:66:27:dd:44:6e:e9:b8:00:30:81:89:31:82: 98:b3:8c:27:5e:1e:b0:e7:8f:ec:3d:c4:3b:bd:df:34:91:e5: 1c:cc:05:8c:bf:34:f3:5e:43:31:9f:63:50:45:9b:bc:7b:1b: 44:a7:91:45:65:8b:d4:16:9e:07:43:0b:02:7c:e9:46:1c:b3: 84:3c:6f:07:7e:af:bf:c3:29:ac:24:73:a4:8c:ca:25:79:28: 21:97:c3:d0:41:22:87:28:bb:e6:b7:62:b4:19:3f:94:0f:db: d3:3e:30:26:49:26:bb:b6:e6:fd:56:2b:5b:04:1c:3b:ac:a9: f4:98:04:c1:f2:3c:b4:ee:e0:46:66:76:2d:0f:d1:18:47:c9: 1b:31:92:7b:2e:48:99:a3:a8:11:22:c2:9f:c2:f5:2a:11:1e: ec:60:71:43:9d:0e:3f:71:12:a1:38:dd:1d:0a:14:d3:01:dd: 25:3d:02:75:b9:80:44:1d:95:be:7a:46:64:67:8a:f8:6f:d1: 39:34:bc:61 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgIBUTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4 MzYzMVoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoNTlDMDhGNjJFN0M4NTcy QjlDNkVCQzkyNzYyQUJEM0QwQzNFNDMyNzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALXgFWS5A/mSIPUjXPYg6Cho1G+2fwWUcgE8wzAEhc/QUwU80J/U SSq+Gyz8qsT/bdZ4HEJt0sMUXDqzTGZazBjR4mCUB824Kt1CIpmJ45/RzeS0eaIQ VWXiyWD4kO05c+lSGtcFEHBHd8JXTdJv3FfjYYglP3GmmafAylG67A6kvV+RpA/6 0KVpUSrtizy7pLlHP/NarA9EB9MUb7UmoSXB5pvcYo5rt4L5q7jFSOuD9ownvBYr 4ii+wXI8kO2qQzkoemOZi8Md+765hVaRTYgtZghMpR2A0ds8TjohguWsa4hleTAQ /+488OZ+p4UxfLcE4EACMFjZ642GGPtUk/8CAwEAAaOCAfQwggHwMB0GA1UdDgQW BBRZwI9i58hXK5xuvJJ2Kr09DD5DJzAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi9XY0NQWXVmSVZ5dWNi cnlTZGlxOVBRdy1ReWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH AwUBJApCqjANBgkqhkiG9w0BAQsFAAOCAQEAYkle7xPtYw7ogOxMh98iOWWrZszz 8WQfxMJJOcwB/51r/eHDlEumee0256+IfqzEwg13LAPMMMaAz1dmJ91Ebum4ADCB iTGCmLOMJ14esOeP7D3EO73fNJHlHMwFjL80815DMZ9jUEWbvHsbRKeRRWWL1Bae B0MLAnzpRhyzhDxvB36vv8MprCRzpIzKJXkoIZfD0EEihyi75rditBk/lA/b0z4w Jkkmu7bm/VYrWwQcO6yp9JgEwfI8tO7gRmZ2LQ/RGEfJGzGSey5ImaOoESLCn8L1 KhEe7GBxQ50OP3ESoTjdHQoU0wHdJT0CdbmARB2VvnpGZGeK+G/ROTS8YQ== -----END CERTIFICATE-----Generated at Wed Jun 4 00:59:51 2025 by rpki-client