$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/rc-Tl-tL38BzMG7lSI4SEqD-c5s.roa File: rc-Tl-tL38BzMG7lSI4SEqD-c5s.roa (raw, json) Hash identifier: 8BAwP0Jy7px8pX6qclAp5LMV3dRjeQJuB674vcuGmIQ= Subject key identifier: AD:CF:93:97:EB:4B:DF:C0:73:30:6E:E5:48:8E:12:12:A0:FE:73:9B Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: 4C Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/rc-Tl-tL38BzMG7lSI4SEqD-c5s.roa Signing time: Tue 27 May 2025 08:36:29 +0000 ROA not before: Tue 27 May 2025 08:36:29 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 9808 IP address blocks: 240a:42f0::/31 maxlen: 31 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76 (0x4c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: May 27 08:36:29 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=ADCF9397EB4BDFC073306EE5488E1212A0FE739B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:4d:9d:64:02:48:22:37:5b:9a:c2:70:74:85: 8f:24:d2:92:7b:cb:14:65:43:11:82:ab:39:8f:89: 53:e0:4a:d8:99:b1:4c:cc:7b:15:74:ae:4a:41:15: 48:40:fc:bb:89:85:dc:8e:82:4f:da:65:59:a6:f2: a8:1d:c6:8c:e0:0e:55:2a:66:a3:6d:54:b4:ee:07: 7f:92:71:1f:e8:2e:53:10:91:1e:a8:9f:be:a5:30: 50:c3:fc:df:34:c8:74:5c:c5:12:c5:43:09:4f:6b: 3e:9e:e1:20:28:3b:66:c8:18:51:62:78:df:ff:76: ec:18:ec:df:4f:9a:1e:66:53:1b:fd:d1:5c:f2:b2: 16:e0:91:52:b7:a9:4e:b9:f9:f4:43:e8:3d:f0:be: af:3a:07:96:16:7f:26:94:19:f4:b0:7b:31:ae:60: d8:e3:20:cf:f1:c4:b4:09:45:8e:54:1e:be:9e:7f: 63:10:ff:06:65:49:de:f4:29:18:61:c4:fc:04:0d: b0:4a:be:21:68:d7:d5:fc:87:24:a2:d4:0e:00:5e: ea:6e:a9:1a:0c:70:c3:0f:2e:5b:07:6c:58:f9:1f: 7e:76:ed:52:69:7b:8d:c7:b8:42:94:6e:8c:21:4b: ab:50:5f:2a:34:20:13:47:f0:57:83:3d:7a:f8:f1: 31:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:CF:93:97:EB:4B:DF:C0:73:30:6E:E5:48:8E:12:12:A0:FE:73:9B X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/rc-Tl-tL38BzMG7lSI4SEqD-c5s.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:42f0::/31 Signature Algorithm: sha256WithRSAEncryption a2:ec:c4:98:d7:c5:9e:fd:81:50:4d:7e:bf:a1:25:70:fc:af: 08:9a:4a:49:39:c9:c3:cb:84:37:54:f1:d0:b9:83:ab:0a:fa: f3:9a:c8:3d:44:ff:c8:34:8b:b2:9f:e1:9b:96:bb:89:bb:d4: 9c:e1:83:b8:fd:dc:da:52:ad:1b:c3:62:ce:db:b9:9f:ca:99: 34:d0:55:24:d2:86:3a:3e:1f:8d:e1:58:1a:09:50:d5:10:9f: b5:cf:06:6a:57:b5:1e:e4:75:59:5f:55:9b:8f:9f:f7:fa:aa: 36:91:9a:91:e5:4e:de:ae:b1:6a:29:3f:4b:ab:6a:97:60:6e: da:69:82:16:7a:ef:04:59:e8:8b:5b:ad:6f:b6:a8:b9:a4:8f: 3e:b3:47:98:9b:d7:59:85:59:bc:28:91:19:92:88:1c:1e:3c: 17:1f:72:33:dd:e7:60:1c:4b:0a:5a:d4:7f:8a:3f:37:fa:a6: f2:7f:bd:8c:a8:6c:b3:3b:e4:79:c8:c9:79:70:65:6b:58:ed: 6c:a1:1d:45:9c:f3:f0:8b:85:83:55:eb:b8:95:5d:6a:70:db: 79:7e:46:4d:e3:36:65:0f:75:88:54:4a:6f:59:17:60:c5:26: 7e:39:37:39:87:02:b8:c9:60:46:72:4e:8d:f7:13:03:e3:f8: 98:9f:8d:a9 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgIBTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4 MzYyOVoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoQURDRjkzOTdFQjRCREZD MDczMzA2RUU1NDg4RTEyMTJBMEZFNzM5QjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKFNnWQCSCI3W5rCcHSFjyTSknvLFGVDEYKrOY+JU+BK2JmxTMx7 FXSuSkEVSED8u4mF3I6CT9plWabyqB3GjOAOVSpmo21UtO4Hf5JxH+guUxCRHqif vqUwUMP83zTIdFzFEsVDCU9rPp7hICg7ZsgYUWJ43/927Bjs30+aHmZTG/3RXPKy FuCRUrepTrn59EPoPfC+rzoHlhZ/JpQZ9LB7Ma5g2OMgz/HEtAlFjlQevp5/YxD/ BmVJ3vQpGGHE/AQNsEq+IWjX1fyHJKLUDgBe6m6pGgxwww8uWwdsWPkffnbtUml7 jce4QpRujCFLq1BfKjQgE0fwV4M9evjxMcMCAwEAAaOCAfQwggHwMB0GA1UdDgQW BBStz5OX60vfwHMwbuVIjhISoP5zmzAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi9yYy1UbC10TDM4QnpN RzdsU0k0U0VxRC1jNXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH AwUBJApC8DANBgkqhkiG9w0BAQsFAAOCAQEAouzEmNfFnv2BUE1+v6ElcPyvCJpK STnJw8uEN1Tx0LmDqwr685rIPUT/yDSLsp/hm5a7ibvUnOGDuP3c2lKtG8Niztu5 n8qZNNBVJNKGOj4fjeFYGglQ1RCftc8Gale1HuR1WV9Vm4+f9/qqNpGakeVO3q6x aik/S6tql2Bu2mmCFnrvBFnoi1utb7aouaSPPrNHmJvXWYVZvCiRGZKIHB48Fx9y M93nYBxLClrUf4o/N/qm8n+9jKhsszvkecjJeXBla1jtbKEdRZzz8IuFg1XruJVd anDbeX5GTeM2ZQ91iFRKb1kXYMUmfjk3OYcCuMlgRnJOjfcTA+P4mJ+NqQ== -----END CERTIFICATE-----Generated at Wed Jun 4 01:14:49 2025 by rpki-client