$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/tSQH9CtalLoagjYN-yx5wZRNkzo.roa File: tSQH9CtalLoagjYN-yx5wZRNkzo.roa (raw, json) Hash identifier: 9h/DHMZmxHUsVAHHXNiC+Wv/e/e2tgUjWKWsAZJnsqg= Subject key identifier: B5:24:07:F4:2B:5A:94:BA:1A:82:36:0D:FB:2C:79:C1:94:4D:93:3A Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: 2C Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/tSQH9CtalLoagjYN-yx5wZRNkzo.roa Signing time: Tue 27 May 2025 08:19:38 +0000 ROA not before: Tue 27 May 2025 08:19:38 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 24547 IP address blocks: 240a:428a::/31 maxlen: 31 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:39:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44 (0x2c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: May 27 08:19:38 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=B52407F42B5A94BA1A82360DFB2C79C1944D933A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:1e:50:2a:5a:c3:0c:de:f6:1e:f9:cd:6a:40: e6:7f:f1:47:8f:d9:39:3b:76:f4:22:0e:f2:ba:02: 64:ad:95:52:5a:3e:8e:94:a2:e1:f7:f8:76:7b:6c: d2:ac:a1:96:a6:01:c4:c4:fb:6d:9d:5e:0f:5b:2c: c5:f2:24:89:05:6f:fc:27:17:72:46:a0:5c:75:eb: fe:a4:6a:7c:1d:90:86:7e:d2:ef:80:52:0f:07:35: 91:8d:b1:d8:19:2c:d0:3b:84:73:6c:c9:89:a6:c5: 72:1c:e7:71:f6:72:93:ee:8f:5e:ad:ff:61:eb:94: 63:02:8d:21:c2:88:f5:df:ab:db:ef:ed:2e:33:a0: 2b:89:4a:08:4a:e1:c9:cb:0c:31:ae:db:43:d2:37: 37:9f:13:a5:87:23:78:18:71:b1:7a:66:2f:21:df: 5c:c3:de:04:5b:2a:b1:e7:b9:58:aa:07:45:66:7b: 13:3b:a4:78:a4:04:c2:6b:a4:6c:a9:66:c9:29:2b: 25:38:10:bb:e2:df:e7:7c:ba:69:8a:59:61:b3:90: 04:5f:51:9a:7f:58:d7:a7:2d:5b:60:f9:5a:e2:6c: 7c:f3:46:62:1a:d0:93:d0:67:7e:1f:4c:12:8d:1f: 04:3c:5c:6e:18:5f:18:de:7a:3a:cd:f0:d6:7c:2c: 77:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:24:07:F4:2B:5A:94:BA:1A:82:36:0D:FB:2C:79:C1:94:4D:93:3A X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/tSQH9CtalLoagjYN-yx5wZRNkzo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:428a::/31 Signature Algorithm: sha256WithRSAEncryption 0a:97:59:0d:41:c0:25:88:fa:6e:8f:9c:fe:26:fd:e0:b0:4f: a1:2c:84:34:e5:02:8d:f4:e3:73:a4:a9:1f:34:53:a8:c6:72: c5:d4:08:52:d1:06:bb:05:91:21:3b:2a:b8:a0:cc:f0:a8:51: 22:40:44:72:c8:28:d6:d6:56:7c:4b:89:dc:99:ee:bf:b2:12: e9:e3:50:73:9a:11:0f:d8:2d:74:a6:3a:c3:3d:a7:6f:5e:f5: 48:9f:de:b2:37:88:99:09:1a:90:51:0c:75:96:38:34:a0:53: 8d:51:8b:10:20:06:25:4c:da:7d:a2:da:a5:31:af:a5:67:cc: f9:c9:8e:38:73:4b:73:dd:7d:6c:c1:30:fb:0b:7b:46:c2:37: aa:68:77:9d:ca:a1:df:22:f1:a0:8d:cd:19:eb:b0:ef:15:38: d5:3c:1c:48:30:95:26:0a:29:e6:e3:d2:7a:83:a9:de:46:c2: f3:0f:d9:15:06:46:e1:9a:ea:37:04:9f:49:97:eb:55:e2:ee: 5c:f4:b5:12:b6:78:65:2c:0b:07:95:95:d6:c5:21:6e:1e:72: b5:af:32:9c:89:46:c2:65:70:2b:ac:37:0b:86:2f:f7:98:86: 17:e4:66:8c:99:45:c2:45:4b:14:a1:3d:b6:21:4e:3f:01:53: c5:1e:6f:cc -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgIBLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4 MTkzOFoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoQjUyNDA3RjQyQjVBOTRC QTFBODIzNjBERkIyQzc5QzE5NDREOTMzQTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMEeUCpawwze9h75zWpA5n/xR4/ZOTt29CIO8roCZK2VUlo+jpSi 4ff4dnts0qyhlqYBxMT7bZ1eD1ssxfIkiQVv/CcXckagXHXr/qRqfB2Qhn7S74BS Dwc1kY2x2Bks0DuEc2zJiabFchzncfZyk+6PXq3/YeuUYwKNIcKI9d+r2+/tLjOg K4lKCErhycsMMa7bQ9I3N58TpYcjeBhxsXpmLyHfXMPeBFsqsee5WKoHRWZ7Ezuk eKQEwmukbKlmySkrJTgQu+Lf53y6aYpZYbOQBF9Rmn9Y16ctW2D5WuJsfPNGYhrQ k9Bnfh9MEo0fBDxcbhhfGN56Os3w1nwsdz8CAwEAAaOCAfQwggHwMB0GA1UdDgQW BBS1JAf0K1qUuhqCNg37LHnBlE2TOjAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi90U1FIOUN0YWxMb2Fn allOLXl4NXdaUk5rem8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH AwUBJApCijANBgkqhkiG9w0BAQsFAAOCAQEACpdZDUHAJYj6bo+c/ib94LBPoSyE NOUCjfTjc6SpHzRTqMZyxdQIUtEGuwWRITsquKDM8KhRIkBEcsgo1tZWfEuJ3Jnu v7IS6eNQc5oRD9gtdKY6wz2nb171SJ/esjeImQkakFEMdZY4NKBTjVGLECAGJUza faLapTGvpWfM+cmOOHNLc919bMEw+wt7RsI3qmh3ncqh3yLxoI3NGeuw7xU41Twc SDCVJgop5uPSeoOp3kbC8w/ZFQZG4ZrqNwSfSZfrVeLuXPS1ErZ4ZSwLB5WV1sUh bh5yta8ynIlGwmVwK6w3C4Yv95iGF+RmjJlFwkVLFKE9tiFOPwFTxR5vzA== -----END CERTIFICATE-----Generated at Thu Jun 5 20:33:28 2025 by rpki-client