$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/sZ3QLMDTAwvXCY2PqIVZI0Tg-J0.roa File: sZ3QLMDTAwvXCY2PqIVZI0Tg-J0.roa (raw, json) Hash identifier: SpE+Kw+dmjwqbf+oqS1IIuJbUjxOWhBXZtdgXw966Jg= Subject key identifier: B1:9D:D0:2C:C0:D3:03:0B:D7:09:8D:8F:A8:85:59:23:44:E0:F8:9D Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: A9 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/sZ3QLMDTAwvXCY2PqIVZI0Tg-J0.roa Signing time: Fri 06 Jun 2025 02:21:22 +0000 ROA not before: Fri 06 Jun 2025 02:21:22 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 38019 IP address blocks: 240a:40c0:a000::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 04:09:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 169 (0xa9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:21:22 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=B19DD02CC0D3030BD7098D8FA885592344E0F89D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:dc:92:9f:4d:76:00:15:d1:dd:4c:1a:5a:bb: db:6a:86:1b:99:ad:e1:46:24:40:e2:d0:21:d3:0a: b7:0c:e9:97:f3:7c:82:4b:1e:a1:08:c0:ca:8a:15: 05:fb:49:06:ba:80:34:b1:1b:3d:23:98:70:01:69: bd:3e:f6:b5:a1:19:44:cd:3d:dc:9e:19:2c:c5:fe: 09:bb:c7:6d:9b:6b:94:e8:a7:22:d5:ab:b6:62:55: 95:ac:8a:0b:94:dd:78:30:d8:ab:eb:0b:b3:88:32: 36:37:80:75:84:c8:81:da:2e:f7:a3:4e:60:ec:bf: 22:6f:a7:fc:c1:98:49:67:83:b4:1d:21:e5:22:53: 0f:de:a7:e9:fa:c2:8e:be:d5:11:66:cd:e9:fd:aa: 69:e4:4a:ff:aa:85:8f:20:2a:b0:05:4a:11:67:8f: 25:25:ee:d4:08:03:c1:90:d4:4d:81:1e:fe:fb:93: f1:fa:fd:8e:84:e0:f8:71:a0:01:3f:ed:f4:46:3f: a2:d5:4a:a9:01:85:75:bd:ed:39:30:c9:db:d1:15: 7d:c7:65:52:6c:e1:45:a1:c3:54:68:24:01:fe:40: 27:91:a5:0c:1d:2b:fe:45:71:38:1f:b1:b5:8e:69: da:e9:6d:c8:6d:13:61:5e:a0:2f:22:2b:9a:f8:8a: 7b:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:9D:D0:2C:C0:D3:03:0B:D7:09:8D:8F:A8:85:59:23:44:E0:F8:9D X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/sZ3QLMDTAwvXCY2PqIVZI0Tg-J0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c0:a000::/44 Signature Algorithm: sha256WithRSAEncryption 15:38:3f:00:ac:16:4b:21:3c:ff:7b:b4:62:ad:e5:c5:8f:87: ed:6f:97:6d:bf:21:41:83:9c:2f:50:39:5e:3e:1e:4b:e4:e6: 17:4b:76:fe:b9:12:a7:1a:85:35:53:06:d1:34:80:8b:38:b8: 0b:75:27:a4:05:07:4d:6c:f0:08:f1:30:4a:00:c1:33:0c:4a: 04:7d:89:6e:cd:3e:51:03:89:b8:30:1b:e0:f2:46:1d:df:9f: e6:82:90:e4:7d:d3:20:11:89:4d:4e:2d:dd:1a:2d:d6:e6:03: 09:bd:db:79:d1:78:00:fb:9b:40:cf:cb:ed:c0:1f:e9:1f:19: 49:13:39:c6:6e:9f:a7:9d:3a:61:73:db:2a:a5:d8:bd:5b:a6: 81:74:e8:7f:fe:7f:67:2e:a6:13:d7:f6:f5:a0:f0:b7:cc:51: 66:db:3c:08:f3:c0:8e:e1:bc:3a:d4:ce:2c:1d:52:41:db:11: b8:ca:c5:9c:e4:ed:85:76:f3:9b:64:0c:0d:24:9a:90:fa:a6: d6:ea:fe:9c:73:1d:9c:c1:fc:6e:27:38:d1:8f:7b:1f:94:83: ee:c8:82:f2:88:34:36:d6:1e:88:7b:9b:37:fa:ef:ac:a3:9b: 63:62:62:a3:8a:11:77:e0:e3:33:43:6d:32:2c:76:9b:1d:b2: ce:19:e6:bb -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICAKkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjIxMjJaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKEIxOUREMDJDQzBEMzAz MEJENzA5OEQ4RkE4ODU1OTIzNDRFMEY4OUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDA3JKfTXYAFdHdTBpau9tqhhuZreFGJEDi0CHTCrcM6ZfzfIJL HqEIwMqKFQX7SQa6gDSxGz0jmHABab0+9rWhGUTNPdyeGSzF/gm7x22ba5TopyLV q7ZiVZWsiguU3Xgw2KvrC7OIMjY3gHWEyIHaLvejTmDsvyJvp/zBmElng7QdIeUi Uw/ep+n6wo6+1RFmzen9qmnkSv+qhY8gKrAFShFnjyUl7tQIA8GQ1E2BHv77k/H6 /Y6E4PhxoAE/7fRGP6LVSqkBhXW97TkwydvRFX3HZVJs4UWhw1RoJAH+QCeRpQwd K/5FcTgfsbWOadrpbchtE2FeoC8iK5r4insPAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUsZ3QLMDTAwvXCY2PqIVZI0Tg+J0wHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvc1ozUUxNRFRBd3ZY Q1kyUHFJVlpJMFRnLUowLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMCgADANBgkqhkiG9w0BAQsFAAOCAQEAFTg/AKwWSyE8/3u0Yq3lxY+H 7W+Xbb8hQYOcL1A5Xj4eS+TmF0t2/rkSpxqFNVMG0TSAizi4C3UnpAUHTWzwCPEw SgDBMwxKBH2Jbs0+UQOJuDAb4PJGHd+f5oKQ5H3TIBGJTU4t3Rot1uYDCb3bedF4 APubQM/L7cAf6R8ZSRM5xm6fp506YXPbKqXYvVumgXTof/5/Zy6mE9f29aDwt8xR Zts8CPPAjuG8OtTOLB1SQdsRuMrFnOTthXbzm2QMDSSakPqm1ur+nHMdnMH8bic4 0Y97H5SD7siC8og0NtYeiHubN/rvrKObY2Jio4oRd+DjM0NtMix2mx2yzhnmuw== -----END CERTIFICATE-----Generated at Tue Jun 10 00:48:59 2025 by rpki-client