$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/yh8OrFWpZskl4eV7pWQDYQ-kfC0.roa File: yh8OrFWpZskl4eV7pWQDYQ-kfC0.roa (raw, json) Hash identifier: iVDFf8EmvgzjWJwxwTmhvVvzkV2f9IZr6TUqgQtpQDg= Subject key identifier: CA:1F:0E:AC:55:A9:66:C9:25:E1:E5:7B:A5:64:03:61:0F:A4:7C:2D Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: 0F Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/yh8OrFWpZskl4eV7pWQDYQ-kfC0.roa Signing time: Tue 27 May 2025 08:11:28 +0000 ROA not before: Tue 27 May 2025 08:11:28 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 56040 IP address blocks: 240a:40b0:483a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15 (0xf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: May 27 08:11:28 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=CA1F0EAC55A966C925E1E57BA56403610FA47C2D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:98:1b:3c:55:5f:7d:d2:ff:94:85:95:e7:47: cf:f5:c5:a8:51:97:d4:f8:0e:4f:99:c0:61:08:90: 32:29:84:57:ba:aa:98:3a:d6:23:49:b0:e9:cc:57: 3f:b8:2d:68:39:d1:84:11:c2:81:3d:26:67:28:e8: c5:16:34:b3:76:9a:78:4a:78:e2:8a:8b:95:df:31: 93:f8:9a:f2:11:5b:e6:12:56:6e:00:30:fe:af:f1: ba:dd:b2:0a:c6:1b:5b:7d:b5:d6:71:b0:88:81:ab: a9:6f:a4:e2:46:ce:0c:4b:ef:71:25:ce:9c:4e:15: 5c:55:a4:e9:99:60:49:63:b1:fe:19:2d:83:f2:16: 80:51:72:0b:3c:be:a6:d3:31:24:2c:b3:fc:68:66: 9f:ff:42:8e:d9:1f:c5:41:d3:25:cf:dc:32:08:d4: aa:59:28:5f:b7:4e:37:4c:c9:df:86:8c:44:5b:11: 7c:13:6f:bf:14:93:7b:ec:50:7e:87:1d:18:5f:f4: 74:ce:5f:f3:65:6d:54:61:60:85:8c:63:8d:10:6e: 7e:5f:7d:cf:84:11:cf:1d:0e:0b:14:27:00:48:e2: 7e:ea:37:47:b1:6f:c0:2f:fa:34:ed:25:5b:07:52: e3:6e:78:e7:39:40:2d:aa:12:f9:f0:2e:60:ca:94: 1b:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:1F:0E:AC:55:A9:66:C9:25:E1:E5:7B:A5:64:03:61:0F:A4:7C:2D X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/yh8OrFWpZskl4eV7pWQDYQ-kfC0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40b0:483a::/48 Signature Algorithm: sha256WithRSAEncryption 2f:d9:b5:b7:43:61:f3:94:c4:70:8f:75:cb:a9:89:13:8c:41: 13:3d:3d:fb:90:e5:78:9a:f3:dd:1d:f0:56:8a:2b:05:f8:10: 64:6a:3c:dd:94:c7:d4:31:4e:ad:56:9e:3e:8c:ea:56:28:b9: df:e4:3f:90:40:1d:aa:ea:f7:a8:62:ca:b2:85:68:df:d3:78: 4d:39:56:20:1c:62:92:be:da:4d:02:9e:0f:6d:8e:20:af:94: 07:ea:53:c7:05:7b:4a:82:d6:bb:e6:9f:d4:a1:ab:6a:84:b2: db:fd:34:ef:24:f9:44:b6:ec:1e:56:89:4a:fe:95:07:12:8b: da:d8:68:e8:fa:20:b7:05:31:17:6b:57:4f:6d:20:6b:c3:0c: 4c:4a:46:24:45:81:b7:ef:66:6d:2b:9e:69:40:27:c9:a4:d2: 88:c7:29:c6:5c:19:bb:29:91:b4:1b:34:3c:4f:11:02:57:7c: f2:17:ee:b0:ce:16:9d:4a:95:0b:e1:b6:4b:02:26:3b:a7:7f: 3b:cd:56:5f:7d:30:a2:4e:df:5f:bd:b6:68:f9:f8:6d:51:d5: 53:ba:8b:bd:fc:ba:27:fb:17:c0:b2:4f:43:a5:a9:8d:7b:68: 6f:32:b3:9c:0d:40:34:22:0a:88:d3:51:a9:38:95:18:c9:60: 71:5e:88:e6 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIBDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4 MTEyOFoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoQ0ExRjBFQUM1NUE5NjZD OTI1RTFFNTdCQTU2NDAzNjEwRkE0N0MyRDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALWYGzxVX33S/5SFledHz/XFqFGX1PgOT5nAYQiQMimEV7qqmDrW I0mw6cxXP7gtaDnRhBHCgT0mZyjoxRY0s3aaeEp44oqLld8xk/ia8hFb5hJWbgAw /q/xut2yCsYbW3211nGwiIGrqW+k4kbODEvvcSXOnE4VXFWk6ZlgSWOx/hktg/IW gFFyCzy+ptMxJCyz/Ghmn/9CjtkfxUHTJc/cMgjUqlkoX7dON0zJ34aMRFsRfBNv vxSTe+xQfocdGF/0dM5f82VtVGFghYxjjRBufl99z4QRzx0OCxQnAEjifuo3R7Fv wC/6NO0lWwdS42545zlALaoS+fAuYMqUG08CAwEAAaOCAfYwggHyMB0GA1UdDgQW BBTKHw6sValmySXh5XulZANhD6R8LTAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi95aDhPckZXcFpza2w0 ZVY3cFdRRFlRLWtmQzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAJApAsEg6MA0GCSqGSIb3DQEBCwUAA4IBAQAv2bW3Q2HzlMRwj3XLqYkTjEET PT37kOV4mvPdHfBWiisF+BBkajzdlMfUMU6tVp4+jOpWKLnf5D+QQB2q6veoYsqy hWjf03hNOVYgHGKSvtpNAp4PbY4gr5QH6lPHBXtKgta75p/UoatqhLLb/TTvJPlE tuweVolK/pUHEova2Gjo+iC3BTEXa1dPbSBrwwxMSkYkRYG372ZtK55pQCfJpNKI xynGXBm7KZG0GzQ8TxECV3zyF+6wzhadSpUL4bZLAiY7p387zVZffTCiTt9fvbZo +fhtUdVTuou9/Lon+xfAsk9DpamNe2hvMrOcDUA0IgqI01GpOJUYyWBxXojm -----END CERTIFICATE-----Generated at Wed Jun 4 01:14:28 2025 by rpki-client