$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/40/XUqYO0gIBGKJdMnRrWNYofV9ASg.roa File: XUqYO0gIBGKJdMnRrWNYofV9ASg.roa (raw, json) Hash identifier: wk1aQuhsTJNh/QxRDGrQZqRt8vq+yd3VLEO5BonUzDY= Subject key identifier: 5D:4A:98:3B:48:08:04:62:89:74:C9:D1:AD:63:58:A1:F5:7D:01:28 Certificate issuer: /CN=AECCCCB79DFE6C466CCADB39896710ECAC37B847 Certificate serial: 184D Authority key identifier: AE:CC:CC:B7:9D:FE:6C:46:6C:CA:DB:39:89:67:10:EC:AC:37:B8:47 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rszMt53-bEZsyts5iWcQ7Kw3uEc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/XUqYO0gIBGKJdMnRrWNYofV9ASg.roa Signing time: Fri 17 Jan 2025 01:30:00 +0000 ROA not before: Fri 17 Jan 2025 01:30:00 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 17429 IP address blocks: 2403:4300::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/rszMt53-bEZsyts5iWcQ7Kw3uEc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/rszMt53-bEZsyts5iWcQ7Kw3uEc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rszMt53-bEZsyts5iWcQ7Kw3uEc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6221 (0x184d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AECCCCB79DFE6C466CCADB39896710ECAC37B847 Validity Not Before: Jan 17 01:30:00 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=5D4A983B480804628974C9D1AD6358A1F57D0128 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:5a:a4:f9:9e:d1:db:65:62:40:eb:d1:21:b9: 65:a5:25:a3:94:11:89:5e:77:5f:7e:87:f1:95:4a: 4a:d7:d7:40:93:13:3a:12:b5:c0:04:72:3f:d6:51: 44:6c:9b:41:4c:6b:16:d0:e6:51:b1:f4:0a:0b:a0: 2c:74:a7:70:1a:58:3c:06:33:40:4c:1e:62:26:38: 1f:4b:bf:cf:30:16:3f:2f:4a:6e:dd:a0:35:12:3e: 18:53:b7:d6:2f:e2:22:f7:99:f3:b6:73:cf:50:f8: 30:bc:30:43:3b:63:f6:84:47:c2:ec:e1:35:8a:a8: 8e:56:d3:69:1b:e8:06:af:d8:a6:f1:a6:11:f0:1c: 36:4b:9d:0d:d7:3c:db:1d:61:0f:c0:15:39:df:9f: 4f:48:f4:9e:fa:31:a5:d5:02:09:68:f8:0f:19:b0: 91:86:16:c0:78:70:31:3c:81:9b:5f:e8:4e:46:06: 10:d0:07:f8:1c:9e:b7:7b:01:e2:7b:e5:16:14:de: 4e:7a:b9:24:50:a4:2f:4c:f0:0f:51:34:a8:84:eb: 73:d3:64:0f:e9:45:4d:d7:a6:33:b2:72:b5:b2:d5: a6:1e:fb:31:d3:94:b2:77:ca:7a:73:a7:7a:05:89: 23:e9:13:7b:12:00:d0:63:4b:ad:0e:e6:6c:af:a7: 7b:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:4A:98:3B:48:08:04:62:89:74:C9:D1:AD:63:58:A1:F5:7D:01:28 X509v3 Authority Key Identifier: keyid:AE:CC:CC:B7:9D:FE:6C:46:6C:CA:DB:39:89:67:10:EC:AC:37:B8:47 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/rszMt53-bEZsyts5iWcQ7Kw3uEc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rszMt53-bEZsyts5iWcQ7Kw3uEc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/XUqYO0gIBGKJdMnRrWNYofV9ASg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:4300::/32 Signature Algorithm: sha256WithRSAEncryption 08:9d:e0:be:a9:c1:61:93:50:99:d1:f8:6a:c6:43:aa:69:fc: ae:0d:b3:ef:6b:93:06:3c:cb:6a:67:73:93:84:fd:a3:9c:8d: 0e:b8:49:85:ad:db:3c:87:09:7f:de:3d:93:98:b6:af:00:97: e1:51:5d:3e:9c:9d:6b:6f:73:48:70:b7:50:af:08:6a:e0:50: f1:e3:a8:24:73:7b:c6:3c:c3:56:cf:36:d2:ed:32:91:d0:24: 6b:0a:f0:b8:ae:8b:6b:b8:77:c2:04:49:9f:63:92:21:bb:a1: d6:d0:d7:2a:07:d7:5a:e7:89:d6:d2:a1:55:d4:ba:8b:28:3d: 98:dc:ad:02:d4:1e:4a:80:db:a1:d4:bb:d2:53:9d:6f:a0:32: de:02:07:1f:fc:5f:78:e9:fb:4b:94:c0:1a:c6:a4:08:56:a8: f3:75:fd:f8:02:21:92:91:1a:ac:71:ff:cb:0c:67:8a:4e:f8: f0:fe:9e:6b:8b:66:ae:63:47:e2:b6:eb:09:3c:bd:4f:33:57: ac:d0:b8:52:38:56:a1:93:b8:d2:a1:4f:ea:02:83:cb:c6:f6: ae:a9:bf:4b:de:cb:1c:3d:bd:e9:42:b7:83:78:eb:2c:2f:84: f3:e3:b3:cd:86:e8:65:0b:7b:b6:95:a8:27:b0:48:39:14:d9: 0e:6d:88:b7 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICGE0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUVD Q0NDQjc5REZFNkM0NjZDQ0FEQjM5ODk2NzEwRUNBQzM3Qjg0NzAeFw0yNTAxMTcw MTMwMDBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDVENEE5ODNCNDgwODA0 NjI4OTc0QzlEMUFENjM1OEExRjU3RDAxMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpWqT5ntHbZWJA69EhuWWlJaOUEYled19+h/GVSkrX10CTEzoS tcAEcj/WUURsm0FMaxbQ5lGx9AoLoCx0p3AaWDwGM0BMHmImOB9Lv88wFj8vSm7d oDUSPhhTt9Yv4iL3mfO2c89Q+DC8MEM7Y/aER8Ls4TWKqI5W02kb6Aav2KbxphHw HDZLnQ3XPNsdYQ/AFTnfn09I9J76MaXVAglo+A8ZsJGGFsB4cDE8gZtf6E5GBhDQ B/gcnrd7AeJ75RYU3k56uSRQpC9M8A9RNKiE63PTZA/pRU3XpjOycrWy1aYe+zHT lLJ3ynpzp3oFiSPpE3sSANBjS60O5myvp3s9AgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUXUqYO0gIBGKJdMnRrWNYofV9ASgwHwYDVR0jBBgwFoAUrszMt53+bEZsyts5 iWcQ7Kw3uEcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDAv cnN6TXQ1My1iRVpzeXRzNWlXY1E3S3czdUVjLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9yc3pNdDUzLWJFWnN5dHM1aVdjUTdLdzN1RWMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC80MC9YVXFZTzBnSUJHS0pkTW5S cldOWW9mVjlBU2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA JANDADANBgkqhkiG9w0BAQsFAAOCAQEACJ3gvqnBYZNQmdH4asZDqmn8rg2z72uT BjzLamdzk4T9o5yNDrhJha3bPIcJf949k5i2rwCX4VFdPpyda29zSHC3UK8IauBQ 8eOoJHN7xjzDVs820u0ykdAkawrwuK6La7h3wgRJn2OSIbuh1tDXKgfXWueJ1tKh VdS6iyg9mNytAtQeSoDbodS70lOdb6Ay3gIHH/xfeOn7S5TAGsakCFao83X9+AIh kpEarHH/ywxnik748P6ea4tmrmNH4rbrCTy9TzNXrNC4UjhWoZO40qFP6gKDy8b2 rqm/S97LHD296UK3g3jrLC+E8+OzzYboZQt7tpWoJ7BIORTZDm2Itw== -----END CERTIFICATE-----Generated at Wed Jun 4 00:58:14 2025 by rpki-client