$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/les9MlZEYRYucLbfe_hXuYLdJ-E.roa File: les9MlZEYRYucLbfe_hXuYLdJ-E.roa (raw, json) Hash identifier: hx9MY1IlgDaICYx0ygRXhCXk+aZKW8lDrPXMY5wOBos= Subject key identifier: 95:EB:3D:32:56:44:61:16:2E:70:B6:DF:7B:F8:57:B9:82:DD:27:E1 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: CA Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/les9MlZEYRYucLbfe_hXuYLdJ-E.roa Signing time: Fri 06 Jun 2025 02:31:09 +0000 ROA not before: Fri 06 Jun 2025 02:31:09 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 24445 IP address blocks: 240a:40c2:6000::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 05:11:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 202 (0xca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:31:09 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=95EB3D32564461162E70B6DF7BF857B982DD27E1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:91:6d:f3:84:e6:4c:3a:2b:cc:85:0f:61:11: 94:34:e5:33:f5:16:58:51:24:8b:6b:00:a0:bd:a0: c6:14:fc:34:2b:d2:90:d0:59:2a:6d:d7:69:63:bf: 17:48:a6:bd:05:30:8f:4d:de:05:20:85:58:dd:12: 61:f8:52:ba:a1:3b:cd:2a:75:fa:94:b9:67:8d:6d: 11:73:09:66:49:b3:57:64:e9:4c:3c:fc:63:34:84: 99:6e:b0:43:2b:8b:68:1f:41:47:b6:dd:a1:3e:01: 98:fe:19:54:3e:f3:99:c4:c2:79:f9:b9:30:04:a4: af:d8:89:10:a4:82:ee:47:dc:54:7d:0e:aa:61:bc: 01:7a:6a:f5:0c:71:8a:6d:85:3c:e4:d0:b0:5b:9c: a2:aa:c1:a4:89:b9:17:51:ff:1b:f6:db:8a:6d:7c: 46:c4:1c:ed:d1:46:40:56:31:5d:16:76:e0:c7:5b: ce:0c:75:9f:b1:69:88:4c:ef:7f:45:61:41:7d:50: 1e:5f:24:42:37:47:c2:84:f0:59:a1:bf:1e:d9:ba: 48:0c:50:03:2e:b0:c7:2a:15:41:83:dc:4d:65:0e: 91:70:44:14:fe:9c:b2:6c:30:82:c3:90:57:23:b8: 1e:c6:26:b8:1c:a4:cc:20:60:39:29:29:08:b5:1e: 1a:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:EB:3D:32:56:44:61:16:2E:70:B6:DF:7B:F8:57:B9:82:DD:27:E1 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/les9MlZEYRYucLbfe_hXuYLdJ-E.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c2:6000::/44 Signature Algorithm: sha256WithRSAEncryption ab:11:89:ce:2c:b4:5a:fe:2f:74:2a:92:bf:53:3c:18:d1:06: 98:a3:98:8d:07:4c:35:b6:22:a7:2a:c3:cd:8a:08:d4:33:b9: 9c:5a:2a:e2:81:59:94:de:68:2e:91:80:6a:bf:8f:45:b6:dd: 41:b0:29:20:8b:87:ac:3c:4e:e9:dc:60:2d:31:5f:99:17:eb: 62:a7:1c:6b:03:8d:cb:bf:3b:99:b3:7e:9e:82:75:13:b2:c8: ba:61:43:3a:d0:6d:35:d3:29:1f:f5:85:0c:86:e3:42:de:01: e7:ce:b7:9f:b4:42:23:62:44:03:9f:87:06:0f:d7:29:8c:ed: d2:29:9e:7f:64:83:8a:a5:15:83:98:cd:c5:68:cb:cb:0c:08: f6:9f:0b:53:04:62:de:1d:72:7e:23:39:52:2c:6c:55:92:9d: 12:d7:7f:56:d4:b0:2f:9d:03:42:d8:c3:42:d9:ad:48:e5:ca: 21:9c:93:ea:d7:16:c7:e0:e3:45:0b:01:a8:fd:a6:7f:0e:be: 66:bc:bd:96:25:7d:f1:fa:6c:67:a8:ed:5b:af:e3:d8:54:5a: e8:a1:74:e3:f9:ed:0d:14:64:02:a4:33:de:e9:2f:4e:3c:98: 0e:f9:f7:d8:78:93:75:86:e4:13:53:50:53:b2:95:31:40:dc: 08:e5:ba:28 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICAMowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjMxMDlaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDk1RUIzRDMyNTY0NDYx MTYyRTcwQjZERjdCRjg1N0I5ODJERDI3RTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDckW3zhOZMOivMhQ9hEZQ05TP1FlhRJItrAKC9oMYU/DQr0pDQ WSpt12ljvxdIpr0FMI9N3gUghVjdEmH4UrqhO80qdfqUuWeNbRFzCWZJs1dk6Uw8 /GM0hJlusEMri2gfQUe23aE+AZj+GVQ+85nEwnn5uTAEpK/YiRCkgu5H3FR9Dqph vAF6avUMcYpthTzk0LBbnKKqwaSJuRdR/xv224ptfEbEHO3RRkBWMV0WduDHW84M dZ+xaYhM739FYUF9UB5fJEI3R8KE8Fmhvx7ZukgMUAMusMcqFUGD3E1lDpFwRBT+ nLJsMILDkFcjuB7GJrgcpMwgYDkpKQi1HhqfAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUles9MlZEYRYucLbfe/hXuYLdJ+EwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvbGVzOU1sWkVZUll1 Y0xiZmVfaFh1WUxkSi1FLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMJgADANBgkqhkiG9w0BAQsFAAOCAQEAqxGJziy0Wv4vdCqSv1M8GNEG mKOYjQdMNbYipyrDzYoI1DO5nFoq4oFZlN5oLpGAar+PRbbdQbApIIuHrDxO6dxg LTFfmRfrYqccawONy787mbN+noJ1E7LIumFDOtBtNdMpH/WFDIbjQt4B5863n7RC I2JEA5+HBg/XKYzt0imef2SDiqUVg5jNxWjLywwI9p8LUwRi3h1yfiM5UixsVZKd Etd/VtSwL50DQtjDQtmtSOXKIZyT6tcWx+DjRQsBqP2mfw6+Zry9liV98fpsZ6jt W6/j2FRa6KF04/ntDRRkAqQz3ukvTjyYDvn32HiTdYbkE1NQU7KVMUDcCOW6KA== -----END CERTIFICATE-----Generated at Tue Jun 10 04:57:17 2025 by rpki-client