$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/ZxMsfSySmo73F-9ChoECfq-KE3Y.roa File: ZxMsfSySmo73F-9ChoECfq-KE3Y.roa (raw, json) Hash identifier: SkasEgwz5WCZ2TqKJciII9uEnCirfXPBtoV99vCbYgg= Subject key identifier: 67:13:2C:7D:2C:92:9A:8E:F7:17:EF:42:86:81:02:7E:AF:8A:13:76 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: C2 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/ZxMsfSySmo73F-9ChoECfq-KE3Y.roa Signing time: Fri 06 Jun 2025 02:29:17 +0000 ROA not before: Fri 06 Jun 2025 02:29:17 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 56046 IP address blocks: 240a:40c1:a010::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 03:39:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 194 (0xc2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:29:17 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=67132C7D2C929A8EF717EF428681027EAF8A1376 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:fc:3c:9a:21:24:3b:63:68:4e:49:27:94:8f: e0:f9:04:4f:b6:26:22:c5:83:6c:56:4d:0f:da:48: 02:56:28:34:8e:50:95:59:f0:52:32:1a:85:85:b4: c0:eb:fc:ea:6f:b8:37:90:62:78:cf:ef:af:cb:f9: 62:d5:e5:75:4d:90:9e:b3:78:2c:aa:17:2d:c2:05: ed:49:09:71:48:f7:e4:78:19:72:17:06:b7:c2:40: 78:f5:47:c9:57:c1:52:14:52:b3:01:1f:50:19:cc: 46:4d:3f:07:c0:12:82:62:a8:a2:e2:96:d6:50:11: 40:ba:b5:6f:d8:84:b4:a4:09:fb:28:80:3b:dc:10: fc:33:46:7f:05:15:1d:78:aa:d0:c7:ec:ac:26:4b: 89:a0:69:fc:d2:c8:aa:bd:76:79:d5:01:4b:54:34: 7d:c5:ec:24:f2:ef:28:3e:7b:93:de:59:87:3e:20: 98:78:32:87:0e:d0:3f:05:87:d9:3f:1d:ea:cb:e6: d2:d4:c7:ca:31:31:fc:7b:5e:65:ea:90:e3:4e:cc: 7a:32:d7:fd:39:dd:fa:c0:54:36:a5:8d:dc:a9:f8: 7e:fa:07:d0:b1:05:52:a7:87:b7:48:b9:d6:a2:c7: ac:d1:c2:e5:c0:0b:8d:df:7a:0f:23:c9:d2:e8:7d: af:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:13:2C:7D:2C:92:9A:8E:F7:17:EF:42:86:81:02:7E:AF:8A:13:76 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/ZxMsfSySmo73F-9ChoECfq-KE3Y.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c1:a010::/44 Signature Algorithm: sha256WithRSAEncryption 1d:00:d3:24:b9:6c:48:b4:ec:9e:c2:b9:cf:15:f9:be:c4:30: 6a:f9:8f:7b:0c:73:7c:51:bc:4f:15:ac:d3:fb:09:96:7b:7d: 1c:6f:1d:d7:93:85:e1:2d:5b:9b:a2:65:05:c4:51:6a:24:1f: 6b:cf:ff:e1:96:2b:5d:50:40:bf:34:49:08:89:f1:6c:7a:69: e7:7e:39:fb:8b:be:40:03:b0:b7:97:79:8e:b5:07:06:d3:96: 6b:19:27:52:8f:ca:c4:f1:52:9b:ec:86:eb:d3:27:1f:74:05: 25:cb:63:cd:97:c7:cc:d8:ec:b0:4e:33:61:83:82:09:6a:69: 34:01:38:b1:f2:79:7c:84:e1:b1:05:64:9b:07:52:87:ba:54: 1b:7a:f8:47:03:74:10:50:03:c3:51:1e:5c:07:c8:1b:a6:fa: a2:7b:ec:df:4f:27:28:59:88:0b:16:7a:fe:6b:9d:b7:51:93: 48:8f:f3:b2:fb:72:0e:56:5e:58:31:cc:9c:b0:ed:01:cc:cb: b0:a6:96:7a:be:32:96:90:69:3d:87:d8:43:26:0d:4f:f5:f9: d1:82:21:dc:55:42:3b:8c:23:cd:80:7e:44:2f:5c:51:fc:6e: e0:dc:65:5e:2f:67:b3:62:d2:4c:c4:07:72:67:cf:17:34:48: 7f:ec:69:6c -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICAMIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjI5MTdaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDY3MTMyQzdEMkM5MjlB OEVGNzE3RUY0Mjg2ODEwMjdFQUY4QTEzNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCa/DyaISQ7Y2hOSSeUj+D5BE+2JiLFg2xWTQ/aSAJWKDSOUJVZ 8FIyGoWFtMDr/OpvuDeQYnjP76/L+WLV5XVNkJ6zeCyqFy3CBe1JCXFI9+R4GXIX BrfCQHj1R8lXwVIUUrMBH1AZzEZNPwfAEoJiqKLiltZQEUC6tW/YhLSkCfsogDvc EPwzRn8FFR14qtDH7KwmS4mgafzSyKq9dnnVAUtUNH3F7CTy7yg+e5PeWYc+IJh4 MocO0D8Fh9k/HerL5tLUx8oxMfx7XmXqkONOzHoy1/053frAVDaljdyp+H76B9Cx BVKnh7dIudaix6zRwuXAC43feg8jydLofa8XAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUZxMsfSySmo73F+9ChoECfq+KE3YwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvWnhNc2ZTeVNtbzcz Ri05Q2hvRUNmcS1LRTNZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMGgEDANBgkqhkiG9w0BAQsFAAOCAQEAHQDTJLlsSLTsnsK5zxX5vsQw avmPewxzfFG8TxWs0/sJlnt9HG8d15OF4S1bm6JlBcRRaiQfa8//4ZYrXVBAvzRJ CInxbHpp5345+4u+QAOwt5d5jrUHBtOWaxknUo/KxPFSm+yG69MnH3QFJctjzZfH zNjssE4zYYOCCWppNAE4sfJ5fIThsQVkmwdSh7pUG3r4RwN0EFADw1EeXAfIG6b6 onvs308nKFmICxZ6/mudt1GTSI/zsvtyDlZeWDHMnLDtAczLsKaWer4ylpBpPYfY QyYNT/X50YIh3FVCO4wjzYB+RC9cUfxu4NxlXi9ns2LSTMQHcmfPFzRIf+xpbA== -----END CERTIFICATE-----Generated at Wed Jun 11 01:59:16 2025 by rpki-client