$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3078/YmRp3pRqbaCUis4LPuGV2ubaWO8.roa File: YmRp3pRqbaCUis4LPuGV2ubaWO8.roa (raw, json) Hash identifier: V2Ttc+LoymI/7lrTfQScRY9jXY85pxgTEpV1RqCXy3M= Subject key identifier: 62:64:69:DE:94:6A:6D:A0:94:8A:CE:0B:3E:E1:95:DA:E6:DA:58:EF Certificate issuer: /CN=F702935F02FC1B81297D1FFB4C78CE0BA1D43785 Certificate serial: 3A Authority key identifier: F7:02:93:5F:02:FC:1B:81:29:7D:1F:FB:4C:78:CE:0B:A1:D4:37:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9wKTXwL8G4EpfR_7THjOC6HUN4U.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/YmRp3pRqbaCUis4LPuGV2ubaWO8.roa Signing time: Sat 17 May 2025 03:40:39 +0000 ROA not before: Sat 17 May 2025 03:40:39 +0000 ROA not after: Sun 10 May 2026 04:51:55 +0000 asID: 151270 IP address blocks: 110.40.51.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/9wKTXwL8G4EpfR_7THjOC6HUN4U.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/9wKTXwL8G4EpfR_7THjOC6HUN4U.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9wKTXwL8G4EpfR_7THjOC6HUN4U.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:09:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58 (0x3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F702935F02FC1B81297D1FFB4C78CE0BA1D43785 Validity Not Before: May 17 03:40:39 2025 GMT Not After : May 10 04:51:55 2026 GMT Subject: CN=626469DE946A6DA0948ACE0B3EE195DAE6DA58EF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:f1:f8:e3:58:96:0f:84:c6:5b:f3:ec:27:5d: cb:2b:fa:f6:1f:56:75:36:cd:0a:1c:8d:2d:b4:32: b8:69:08:0d:1d:44:74:c0:6f:2d:eb:af:18:e2:79: a2:94:ad:8b:0b:17:3c:ba:e1:1e:47:6b:52:f7:28: 4f:14:70:21:9e:a9:90:76:1a:cf:bb:20:95:b1:af: 2f:fa:c3:80:92:5d:b3:73:ea:c5:49:2f:1b:9c:77: 40:4b:14:9c:57:2c:ec:4b:c0:92:bd:9f:ae:c8:f2: 1d:8b:a6:38:31:8c:df:40:a7:5b:8f:aa:23:a4:e0: c7:aa:ad:db:28:97:4e:ba:20:94:47:c0:28:84:13: 79:f0:a6:80:4e:c2:3c:f2:03:9f:28:6b:3d:bc:58: 57:d6:03:77:e3:cd:81:9e:e0:db:12:4c:34:ed:db: b0:cf:83:b8:3a:ff:85:ca:63:5f:a7:a5:b6:33:4a: 5a:da:a0:8d:b8:32:3d:66:2c:3e:81:eb:a0:2d:6c: b0:6a:94:ff:12:7b:94:05:5e:20:c8:fd:55:e7:20: 21:89:d5:14:50:db:2e:1d:7d:ce:7e:da:5f:46:1b: 9e:fe:29:c4:d7:12:d0:5f:8d:b1:71:b5:80:20:9a: b2:bf:bd:6e:1b:14:6e:01:ad:2a:59:bb:09:ea:3d: 38:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:64:69:DE:94:6A:6D:A0:94:8A:CE:0B:3E:E1:95:DA:E6:DA:58:EF X509v3 Authority Key Identifier: keyid:F7:02:93:5F:02:FC:1B:81:29:7D:1F:FB:4C:78:CE:0B:A1:D4:37:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/9wKTXwL8G4EpfR_7THjOC6HUN4U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9wKTXwL8G4EpfR_7THjOC6HUN4U.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/YmRp3pRqbaCUis4LPuGV2ubaWO8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.40.51.0/24 Signature Algorithm: sha256WithRSAEncryption 02:68:57:e9:e3:8a:36:ea:77:8b:2c:78:bf:c8:5e:c0:39:df: 1a:61:1f:de:68:1a:a3:01:2e:d7:ea:f6:ff:83:5c:e3:6f:cd: 40:e6:f4:8f:ac:4a:ab:36:c1:99:d9:b0:d6:f6:a1:f1:8f:df: a4:b8:38:a2:18:6c:cc:0e:81:e7:b2:86:04:ea:53:4d:a7:85: 01:be:14:37:34:2c:f9:3e:ff:5a:57:93:fd:e4:f8:01:54:51: ac:83:d7:9a:74:ef:87:e4:50:be:67:61:68:77:4a:92:96:ee: c7:8c:5a:43:7e:d0:86:c3:6a:02:78:c1:ea:18:a0:cb:3e:61: fe:29:da:77:b8:a4:47:90:3a:76:f3:78:54:37:a1:b1:c1:76: 4e:ba:c0:f8:6d:92:d8:c7:f1:4f:4a:84:ae:cb:b1:d6:74:0f: 34:57:31:15:fe:8b:71:62:c8:c1:2b:a8:08:93:25:6c:25:5c: 3a:f1:b7:e0:10:22:bb:c4:bb:24:fb:d8:7c:54:08:03:96:57: 9a:ac:60:5f:08:f5:ba:de:35:ac:a3:0d:a7:6b:20:14:0b:9d: 1d:39:35:2f:d9:fa:42:22:27:a9:08:10:4f:cd:97:31:3f:5e: 20:fc:9a:72:9a:a0:85:81:63:a2:06:40:70:06:7e:d8:e7:85: 73:33:6b:90 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGNzAy OTM1RjAyRkMxQjgxMjk3RDFGRkI0Qzc4Q0UwQkExRDQzNzg1MB4XDTI1MDUxNzAz NDAzOVoXDTI2MDUxMDA0NTE1NVowMzExMC8GA1UEAxMoNjI2NDY5REU5NDZBNkRB MDk0OEFDRTBCM0VFMTk1REFFNkRBNThFRjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAODx+ONYlg+Exlvz7Cddyyv69h9WdTbNChyNLbQyuGkIDR1EdMBv LeuvGOJ5opStiwsXPLrhHkdrUvcoTxRwIZ6pkHYaz7sglbGvL/rDgJJds3PqxUkv G5x3QEsUnFcs7EvAkr2frsjyHYumODGM30CnW4+qI6Tgx6qt2yiXTroglEfAKIQT efCmgE7CPPIDnyhrPbxYV9YDd+PNgZ7g2xJMNO3bsM+DuDr/hcpjX6eltjNKWtqg jbgyPWYsPoHroC1ssGqU/xJ7lAVeIMj9VecgIYnVFFDbLh19zn7aX0Ybnv4pxNcS 0F+NsXG1gCCasr+9bhsUbgGtKlm7Ceo9OCUCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBRiZGnelGptoJSKzgs+4ZXa5tpY7zAfBgNVHSMEGDAWgBT3ApNfAvwbgSl9H/tM eM4LodQ3hTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMDc4 Lzl3S1RYd0w4RzRFcGZSXzdUSGpPQzZIVU40VS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOXdLVFh3TDhHNEVwZlJfN1RIak9DNkhVTjRVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA3OC9ZbVJwM3BScWJhQ1Vp czRMUHVHVjJ1YmFXTzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAbigzMA0GCSqGSIb3DQEBCwUAA4IBAQACaFfp44o26neLLHi/yF7AOd8aYR/e aBqjAS7X6vb/g1zjb81A5vSPrEqrNsGZ2bDW9qHxj9+kuDiiGGzMDoHnsoYE6lNN p4UBvhQ3NCz5Pv9aV5P95PgBVFGsg9eadO+H5FC+Z2Fod0qSlu7HjFpDftCGw2oC eMHqGKDLPmH+Kdp3uKRHkDp283hUN6GxwXZOusD4bZLYx/FPSoSuy7HWdA80VzEV /otxYsjBK6gIkyVsJVw68bfgECK7xLsk+9h8VAgDllearGBfCPW63jWsow2nayAU C50dOTUv2fpCIiepCBBPzZcxP14g/JpymqCFgWOiBkBwBn7Y54VzM2uQ -----END CERTIFICATE-----Generated at Wed Jun 4 00:52:02 2025 by rpki-client