$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/kU3_ezgnenI1swZlPagdULr2hac.roa File: kU3_ezgnenI1swZlPagdULr2hac.roa (raw, json) Hash identifier: KFSp8x+GQ1jwPVPKwMSWlMfb3B58HlOjjif8bw5juYs= Subject key identifier: 91:4D:FF:7B:38:27:7A:72:35:B3:06:65:3D:A8:1D:50:BA:F6:85:A7 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: 11 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/kU3_ezgnenI1swZlPagdULr2hac.roa Signing time: Tue 27 May 2025 08:11:29 +0000 ROA not before: Tue 27 May 2025 08:11:29 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 56048 IP address blocks: 240a:4090:3000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17 (0x11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: May 27 08:11:29 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=914DFF7B38277A7235B306653DA81D50BAF685A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:ab:77:02:54:de:46:54:5c:f3:ae:e1:1e:7c: 93:f4:a5:1e:bb:34:62:e6:78:cf:84:ae:4c:62:ed: 22:7f:0c:f8:3e:bf:c9:0b:8c:44:30:22:a6:29:da: ed:8b:30:ae:36:ae:c1:42:ff:e5:c1:c0:53:32:03: 65:d9:7b:d7:01:31:2f:8b:6e:44:46:46:8e:02:5c: 25:e0:4c:45:9f:f8:9f:4a:30:43:32:96:7c:37:54: e8:b0:29:44:f7:6b:b7:26:6c:de:18:47:d6:03:68: 7c:33:7b:c7:46:71:d4:39:79:47:17:51:7c:9c:68: d6:ed:63:da:c3:a1:8d:3a:cd:d2:0d:56:78:4a:88: fb:51:ba:6f:80:53:38:65:de:f2:82:d5:fc:89:47: 35:e1:f8:a9:e8:04:85:9c:4c:42:fe:16:32:c3:df: a8:6b:3f:1e:24:09:2f:f5:df:07:9a:4b:7d:1b:da: 4a:69:f7:b6:89:e4:8a:2b:df:0a:76:d8:e2:c1:f5: c5:45:3b:b8:45:02:c9:df:c6:0e:ba:79:60:e4:d4: 78:b3:a5:c7:16:1f:5f:b6:6e:e3:43:46:9d:fb:d4: ca:a7:99:6f:8b:c4:4f:36:ee:9b:35:d7:0c:64:c2: ed:e0:68:ba:cf:fa:a2:c1:2b:a0:89:df:7e:9b:5d: 4e:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:4D:FF:7B:38:27:7A:72:35:B3:06:65:3D:A8:1D:50:BA:F6:85:A7 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/kU3_ezgnenI1swZlPagdULr2hac.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:4090:3000::/40 Signature Algorithm: sha256WithRSAEncryption cf:e3:99:d8:a6:dc:8b:d8:38:d5:2b:70:ac:88:c7:47:0f:df: f6:fb:14:31:d9:18:eb:09:55:4d:56:f3:c8:55:f2:ae:a7:55: 40:32:02:7d:94:cc:0d:73:d6:05:11:21:14:f8:dc:88:8f:11: d0:96:2e:01:d7:13:b9:04:fe:55:81:e2:1c:f9:f4:15:65:80: 77:a0:fe:63:40:09:fb:d5:19:91:bd:ae:e0:1b:6a:1c:8a:05: f6:e8:f5:13:fa:8e:b2:46:74:97:3c:56:a9:6a:2a:98:be:bf: ed:1d:2e:00:f5:6a:da:f7:4e:a3:12:15:ed:c3:60:33:ad:8e: bb:02:f9:c1:0b:7a:f2:54:a8:d1:55:49:9d:b9:c9:58:9a:8a: 80:dc:c7:44:fb:f1:6e:ea:ea:7d:73:42:39:b1:44:e2:3c:e1: 93:30:87:a9:66:61:7c:39:26:08:52:3a:bd:53:e7:c8:40:f5: 09:bd:d5:8b:57:23:dd:18:15:a4:0b:6e:5c:b1:88:37:33:fa: 2f:02:e7:af:fb:e5:78:15:b6:06:c8:bd:20:5d:04:e4:1e:6a: b0:9b:b9:3d:ac:9b:58:38:5a:f6:14:d6:f8:3c:6e:83:d9:83: 13:f5:cb:f6:d2:e7:c0:7b:86:6d:8c:62:ae:00:40:f2:d6:c7: 56:9f:d2:2a -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgIBETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4 MTEyOVoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoOTE0REZGN0IzODI3N0E3 MjM1QjMwNjY1M0RBODFENTBCQUY2ODVBNzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMurdwJU3kZUXPOu4R58k/SlHrs0YuZ4z4SuTGLtIn8M+D6/yQuM RDAipina7YswrjauwUL/5cHAUzIDZdl71wExL4tuREZGjgJcJeBMRZ/4n0owQzKW fDdU6LApRPdrtyZs3hhH1gNofDN7x0Zx1Dl5RxdRfJxo1u1j2sOhjTrN0g1WeEqI +1G6b4BTOGXe8oLV/IlHNeH4qegEhZxMQv4WMsPfqGs/HiQJL/XfB5pLfRvaSmn3 tonkiivfCnbY4sH1xUU7uEUCyd/GDrp5YOTUeLOlxxYfX7Zu40NGnfvUyqeZb4vE TzbumzXXDGTC7eBous/6osEroInffptdTjcCAwEAAaOCAfUwggHxMB0GA1UdDgQW BBSRTf97OCd6cjWzBmU9qB1QuvaFpzAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi9rVTNfZXpnbmVuSTFz d1psUGFnZFVMcjJoYWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAI AwYAJApAkDAwDQYJKoZIhvcNAQELBQADggEBAM/jmdim3IvYONUrcKyIx0cP3/b7 FDHZGOsJVU1W88hV8q6nVUAyAn2UzA1z1gURIRT43IiPEdCWLgHXE7kE/lWB4hz5 9BVlgHeg/mNACfvVGZG9ruAbahyKBfbo9RP6jrJGdJc8VqlqKpi+v+0dLgD1atr3 TqMSFe3DYDOtjrsC+cELevJUqNFVSZ25yViaioDcx0T78W7q6n1zQjmxROI84ZMw h6lmYXw5JghSOr1T58hA9Qm91YtXI90YFaQLblyxiDcz+i8C56/75XgVtgbIvSBd BOQearCbuT2sm1g4WvYU1vg8boPZgxP1y/bS58B7hm2MYq4AQPLWx1af0io= -----END CERTIFICATE-----Generated at Wed Jun 4 01:04:25 2025 by rpki-client