$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2739/wuMc5_h3ESCq4Y53qARzye0cxIA.roa File: wuMc5_h3ESCq4Y53qARzye0cxIA.roa (raw, json) Hash identifier: l+pDBHJI9r+UtBFGnISvEObI5TJY34qLko/XVOGPvKA= Subject key identifier: C2:E3:1C:E7:F8:77:11:20:AA:E1:8E:77:A8:04:73:C9:ED:1C:C4:80 Certificate issuer: /CN=65DA61BDCA2CC0F8CA95D24D3942BC087D8C92A6 Certificate serial: 1B8F Authority key identifier: 65:DA:61:BD:CA:2C:C0:F8:CA:95:D2:4D:39:42:BC:08:7D:8C:92:A6 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZdphvcoswPjKldJNOUK8CH2MkqY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2739/wuMc5_h3ESCq4Y53qARzye0cxIA.roa Signing time: Fri 17 Jan 2025 01:28:28 +0000 ROA not before: Fri 17 Jan 2025 01:28:28 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 137797 IP address blocks: 2402:f9c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2739/ZdphvcoswPjKldJNOUK8CH2MkqY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2739/ZdphvcoswPjKldJNOUK8CH2MkqY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZdphvcoswPjKldJNOUK8CH2MkqY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7055 (0x1b8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=65DA61BDCA2CC0F8CA95D24D3942BC087D8C92A6 Validity Not Before: Jan 17 01:28:28 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=C2E31CE7F8771120AAE18E77A80473C9ED1CC480 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:8e:8a:71:af:31:24:48:47:68:d6:ab:2b:01: 11:6d:80:b3:d5:05:79:84:ae:0c:44:aa:b3:4c:d3: 5a:37:9a:24:9f:06:6a:09:c7:78:b1:43:6e:f6:cd: 09:b7:8a:73:97:f0:fe:13:09:be:55:e6:8a:90:02: c7:3d:64:4d:76:b9:ba:03:43:a8:99:12:05:9c:ca: e9:ca:7c:21:d5:fc:c9:cd:c3:7b:76:d8:ac:49:2f: ec:6d:1d:72:9a:2e:ec:21:fe:d5:b8:78:19:52:6f: 17:c3:fe:26:ba:1e:76:c6:83:75:3b:11:5a:61:9b: e1:83:3a:37:c7:03:ab:e9:90:fc:fc:7c:cf:c2:7a: a7:26:ef:e6:93:ff:bb:84:09:7d:64:0c:18:3d:78: 15:42:5c:a0:7f:ba:c7:6c:f9:c8:41:11:ae:9b:0b: 81:05:f7:86:d3:8b:82:6f:02:df:24:56:37:2c:33: 42:f3:e2:8a:2c:81:42:73:6f:e2:33:e0:1a:db:29: 76:55:c8:b5:59:f9:79:c5:e1:d3:d4:e6:c3:7d:d4: 18:84:91:04:f6:79:d5:a6:b4:1d:84:1c:2e:4c:74: 0f:d4:d0:e5:27:2d:b3:7d:b2:44:17:4d:1d:cd:6b: 10:80:11:2f:fc:2f:26:eb:61:d6:f2:7e:9a:db:41: 28:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:E3:1C:E7:F8:77:11:20:AA:E1:8E:77:A8:04:73:C9:ED:1C:C4:80 X509v3 Authority Key Identifier: keyid:65:DA:61:BD:CA:2C:C0:F8:CA:95:D2:4D:39:42:BC:08:7D:8C:92:A6 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2739/ZdphvcoswPjKldJNOUK8CH2MkqY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZdphvcoswPjKldJNOUK8CH2MkqY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2739/wuMc5_h3ESCq4Y53qARzye0cxIA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:f9c0::/48 Signature Algorithm: sha256WithRSAEncryption 29:03:02:c4:64:9f:f0:72:0c:61:7c:ef:38:e5:bd:9f:04:43: db:e8:91:fa:43:68:08:cb:c1:bf:41:88:56:9e:ae:41:d6:81: da:6f:fb:02:01:cc:24:0f:f0:98:71:7b:be:09:3a:64:3a:8a: 37:a1:c6:3b:02:82:5d:bd:f3:ac:0d:e5:24:31:ab:22:eb:19: 71:c3:b2:36:e4:e7:1f:38:5c:fb:ce:01:2e:c6:ed:e9:bd:24: 9f:b8:36:db:f3:d6:ac:a5:4d:a8:e1:2c:8c:a8:79:d2:96:97: 2b:0d:b1:2e:97:b3:c8:4b:eb:c5:61:6a:dd:04:f6:14:2d:05: c5:1d:c1:5f:33:39:5a:f8:2d:71:8d:43:59:d7:e4:9d:bb:24: 14:91:87:ef:49:f2:3c:f8:4a:76:cd:0a:56:c2:9e:17:fb:4c: d6:66:66:cc:95:4e:6f:da:87:a7:e8:7e:11:e3:ee:19:c7:b1: 04:60:d8:88:d0:30:96:4d:b9:f7:6f:32:c7:fa:a5:7a:8a:54: f7:97:80:91:b4:c5:12:e6:23:29:e8:3d:05:5a:a5:90:83:c4: 53:53:1f:4b:0f:3e:7d:41:15:39:cd:96:d5:c2:7d:2c:54:79: 5e:30:e6:d1:92:5e:27:12:a4:39:d3:cc:c1:bc:06:3d:44:ed: 65:22:23:c1 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICG48wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjVE QTYxQkRDQTJDQzBGOENBOTVEMjREMzk0MkJDMDg3RDhDOTJBNjAeFw0yNTAxMTcw MTI4MjhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEMyRTMxQ0U3Rjg3NzEx MjBBQUUxOEU3N0E4MDQ3M0M5RUQxQ0M0ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIjopxrzEkSEdo1qsrARFtgLPVBXmErgxEqrNM01o3miSfBmoJ x3ixQ272zQm3inOX8P4TCb5V5oqQAsc9ZE12uboDQ6iZEgWcyunKfCHV/MnNw3t2 2KxJL+xtHXKaLuwh/tW4eBlSbxfD/ia6HnbGg3U7EVphm+GDOjfHA6vpkPz8fM/C eqcm7+aT/7uECX1kDBg9eBVCXKB/usds+chBEa6bC4EF94bTi4JvAt8kVjcsM0Lz 4oosgUJzb+Iz4BrbKXZVyLVZ+XnF4dPU5sN91BiEkQT2edWmtB2EHC5MdA/U0OUn LbN9skQXTR3NaxCAES/8LybrYdbyfprbQSj9AgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUwuMc5/h3ESCq4Y53qARzye0cxIAwHwYDVR0jBBgwFoAUZdphvcoswPjKldJN OUK8CH2MkqYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcz OS9aZHBodmNvc3dQaktsZEpOT1VLOENIMk1rcVkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1pkcGh2Y29zd1BqS2xkSk5PVUs4Q0gyTWtxWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3Mzkvd3VNYzVfaDNFU0Nx NFk1M3FBUnp5ZTBjeElBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQC+cAAADANBgkqhkiG9w0BAQsFAAOCAQEAKQMCxGSf8HIMYXzvOOW9nwRD 2+iR+kNoCMvBv0GIVp6uQdaB2m/7AgHMJA/wmHF7vgk6ZDqKN6HGOwKCXb3zrA3l JDGrIusZccOyNuTnHzhc+84BLsbt6b0kn7g22/PWrKVNqOEsjKh50paXKw2xLpez yEvrxWFq3QT2FC0FxR3BXzM5WvgtcY1DWdfknbskFJGH70nyPPhKds0KVsKeF/tM 1mZmzJVOb9qHp+h+EePuGcexBGDYiNAwlk25928yx/qleopU95eAkbTFEuYjKeg9 BVqlkIPEU1MfSw8+fUEVOc2W1cJ9LFR5XjDm0ZJeJxKkOdPMwbwGPUTtZSIjwQ== -----END CERTIFICATE-----Generated at Fri Apr 4 18:41:28 2025 by rpki-client