$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/iB9UkMt-XjBCi1pbVPh961-iu28.roa File: iB9UkMt-XjBCi1pbVPh961-iu28.roa (raw, json) Hash identifier: 1kVvrgy2wMKgiUSEtBs3ZbEVOChC1KDL1xAizYXtAxc= Subject key identifier: 88:1F:54:90:CB:7E:5E:30:42:8B:5A:5B:54:F8:7D:EB:5F:A2:BB:6F Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: 0C Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/iB9UkMt-XjBCi1pbVPh961-iu28.roa Signing time: Tue 27 May 2025 08:11:28 +0000 ROA not before: Tue 27 May 2025 08:11:28 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 56048 IP address blocks: 240a:4090:5000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12 (0xc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: May 27 08:11:28 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=881F5490CB7E5E30428B5A5B54F87DEB5FA2BB6F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:a7:2e:76:5a:39:d5:32:5d:0f:7e:6a:f4:5f: 59:22:a5:13:6f:52:2b:bf:83:45:9d:9c:75:50:34: eb:4b:ba:15:b8:d7:91:98:48:5e:9a:b2:92:df:47: 5e:5f:dc:1c:5a:29:5d:f5:61:b3:cb:7b:54:87:b7: 2d:0a:74:7e:2e:7c:9c:81:ec:e1:98:c8:ae:1c:59: 1e:b6:84:7c:c1:0b:2c:70:7d:ea:fd:57:1c:e8:da: fe:11:9c:0f:f0:f9:01:c4:82:c6:f3:60:42:5b:d1: 0b:21:af:06:46:e5:55:da:2c:8f:75:72:a4:8c:ed: a6:52:65:4f:08:eb:28:e3:f1:25:67:c5:0a:b4:32: 80:a5:13:be:9f:0c:4b:81:6d:18:b3:f1:e1:f5:5a: 31:c4:51:11:1d:c9:1d:9e:27:69:09:9c:dd:bb:9e: ab:73:42:1b:f9:cd:c2:ae:2f:f0:58:ad:4d:bb:aa: 30:0b:d2:f7:e5:3d:57:c9:e8:79:52:da:1c:10:ef: f3:76:39:e6:7d:5c:73:0b:87:19:8d:07:74:b0:87: 48:87:41:95:93:26:41:cd:ae:9a:4f:46:7e:dc:92: 4d:c0:91:7a:d7:b4:42:9e:2d:46:4a:49:b0:3e:c2: cb:bd:00:0a:20:77:bf:92:56:34:8e:06:46:8d:7e: 88:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:1F:54:90:CB:7E:5E:30:42:8B:5A:5B:54:F8:7D:EB:5F:A2:BB:6F X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/iB9UkMt-XjBCi1pbVPh961-iu28.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:4090:5000::/40 Signature Algorithm: sha256WithRSAEncryption 68:03:39:c8:66:da:55:b0:2d:03:de:5e:e2:fc:07:c9:2c:88: 74:62:7c:9c:e3:d6:e6:1f:69:0d:ae:f4:35:82:7e:f1:96:12: 5b:bb:cc:44:b5:0e:44:59:05:f3:4d:2c:a6:c0:cd:95:b4:9d: 80:3c:58:f1:e3:34:38:5e:c8:d2:20:8d:65:8b:6c:fe:5d:5a: f1:6d:54:34:9b:9b:a3:43:f9:d0:62:16:04:a0:f3:5a:ae:f5: 01:4c:e6:01:fd:58:70:7e:18:9a:df:da:5a:da:37:12:07:ad: 16:68:51:31:84:75:42:86:d6:e8:42:67:23:61:c6:40:c8:aa: e5:bc:ab:42:04:fe:ba:35:f3:6d:8b:a6:d4:ec:65:1d:50:82: 3c:5e:f0:b0:b7:ff:a9:f5:31:3d:0b:cd:d4:87:24:5f:4f:e3: e7:09:db:81:df:a5:3d:2f:c1:8d:df:79:d0:50:9d:d7:59:78: 05:0c:68:7b:3c:b5:5b:7d:6c:6e:03:2b:14:32:28:62:9c:34: 29:4e:5a:c3:c9:a2:7d:ca:8b:be:56:a1:58:97:81:80:64:2f: 8c:ec:26:93:e2:7b:5a:25:7c:39:1f:26:f9:c6:52:4b:aa:1b: 5e:89:fb:82:52:0d:65:8f:ae:7d:ae:a5:8f:f7:b6:5f:77:30: 8b:a7:16:68 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgIBDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4 MTEyOFoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoODgxRjU0OTBDQjdFNUUz MDQyOEI1QTVCNTRGODdERUI1RkEyQkI2RjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANSnLnZaOdUyXQ9+avRfWSKlE29SK7+DRZ2cdVA060u6FbjXkZhI Xpqykt9HXl/cHFopXfVhs8t7VIe3LQp0fi58nIHs4ZjIrhxZHraEfMELLHB96v1X HOja/hGcD/D5AcSCxvNgQlvRCyGvBkblVdosj3VypIztplJlTwjrKOPxJWfFCrQy gKUTvp8MS4FtGLPx4fVaMcRRER3JHZ4naQmc3bueq3NCG/nNwq4v8FitTbuqMAvS 9+U9V8noeVLaHBDv83Y55n1ccwuHGY0HdLCHSIdBlZMmQc2umk9GftySTcCRete0 Qp4tRkpJsD7Cy70ACiB3v5JWNI4GRo1+iG8CAwEAAaOCAfUwggHxMB0GA1UdDgQW BBSIH1SQy35eMEKLWltU+H3rX6K7bzAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi9pQjlVa010LVhqQkNp MXBiVlBoOTYxLWl1Mjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAI AwYAJApAkFAwDQYJKoZIhvcNAQELBQADggEBAGgDOchm2lWwLQPeXuL8B8ksiHRi fJzj1uYfaQ2u9DWCfvGWElu7zES1DkRZBfNNLKbAzZW0nYA8WPHjNDheyNIgjWWL bP5dWvFtVDSbm6ND+dBiFgSg81qu9QFM5gH9WHB+GJrf2lraNxIHrRZoUTGEdUKG 1uhCZyNhxkDIquW8q0IE/ro1822LptTsZR1Qgjxe8LC3/6n1MT0LzdSHJF9P4+cJ 24HfpT0vwY3fedBQnddZeAUMaHs8tVt9bG4DKxQyKGKcNClOWsPJon3Ki75WoViX gYBkL4zsJpPie1olfDkfJvnGUkuqG16J+4JSDWWPrn2upY/3tl93MIunFmg= -----END CERTIFICATE-----Generated at Wed Jun 4 01:19:06 2025 by rpki-client