$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/715/OURKKMBERp6fhyznG4QUV7I1fU8.roa File: OURKKMBERp6fhyznG4QUV7I1fU8.roa (raw, json) Hash identifier: tEDAKCve4qFLWqxZlyva9GdzhXGBXId4jj4unjkX/zM= Subject key identifier: 39:44:4A:28:C0:44:46:9E:9F:87:2C:E7:1B:84:14:57:B2:35:7D:4F Certificate issuer: /CN=7A14368A1704DDE2B028D26D54D83BD7C8347CE3 Certificate serial: 38 Authority key identifier: 7A:14:36:8A:17:04:DD:E2:B0:28:D2:6D:54:D8:3B:D7:C8:34:7C:E3 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ehQ2ihcE3eKwKNJtVNg718g0fOM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/715/OURKKMBERp6fhyznG4QUV7I1fU8.roa Signing time: Thu 22 May 2025 03:11:32 +0000 ROA not before: Thu 22 May 2025 03:11:32 +0000 ROA not after: Tue 12 May 2026 12:19:28 +0000 asID: 131526 IP address blocks: 2402:5e40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/715/ehQ2ihcE3eKwKNJtVNg718g0fOM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/715/ehQ2ihcE3eKwKNJtVNg718g0fOM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ehQ2ihcE3eKwKNJtVNg718g0fOM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:08:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56 (0x38) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7A14368A1704DDE2B028D26D54D83BD7C8347CE3 Validity Not Before: May 22 03:11:32 2025 GMT Not After : May 12 12:19:28 2026 GMT Subject: CN=39444A28C044469E9F872CE71B841457B2357D4F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:23:a2:b4:04:c1:27:69:29:a3:05:28:ba:66: 4d:69:ea:8c:0c:23:ab:0c:93:c3:26:43:d2:cb:d9: fb:82:1f:de:44:51:c8:0c:28:26:eb:7b:7d:30:a4: 63:7e:66:ca:24:ba:f3:52:6b:88:43:3e:8b:95:52: 8a:ec:40:75:67:31:2f:14:e4:21:16:3f:0f:fc:ca: 55:4c:74:0f:d2:9b:d1:6e:a1:37:df:6b:40:e8:ac: b8:96:22:ae:3f:97:05:9a:13:a0:90:6f:10:26:38: 00:ff:8c:36:5d:e5:9d:ec:27:a6:bd:7f:8b:31:d3: cf:0f:52:aa:40:40:87:69:47:d4:5b:19:ea:00:42: 9e:0d:97:11:47:bd:cb:ed:46:17:71:f4:b7:e7:30: ba:9c:42:68:d6:5a:05:bd:58:c4:69:43:03:64:c2: b5:6d:3d:35:ae:71:64:24:e6:09:5e:88:c0:ff:a4: 25:03:f1:99:7f:d7:c8:11:01:93:a1:3c:7e:2c:20: 34:d3:65:5e:61:ce:b0:81:b8:6b:fa:af:e8:a2:21: df:c0:a5:c2:6a:4d:08:8b:68:46:5a:2c:07:c2:d1: a5:69:aa:76:65:19:fa:33:74:57:0d:fc:86:48:13: cc:ee:a0:49:e6:01:48:52:4e:8d:9f:1e:98:0a:32: 26:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:44:4A:28:C0:44:46:9E:9F:87:2C:E7:1B:84:14:57:B2:35:7D:4F X509v3 Authority Key Identifier: keyid:7A:14:36:8A:17:04:DD:E2:B0:28:D2:6D:54:D8:3B:D7:C8:34:7C:E3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/715/ehQ2ihcE3eKwKNJtVNg718g0fOM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ehQ2ihcE3eKwKNJtVNg718g0fOM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/715/OURKKMBERp6fhyznG4QUV7I1fU8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:5e40::/32 Signature Algorithm: sha256WithRSAEncryption 5c:c3:5a:6a:07:0b:fe:31:11:ae:f2:bf:4b:51:b2:5c:b3:b3: 94:99:a9:c0:1a:93:f3:fa:6a:37:2a:1b:ca:76:24:8d:8f:6c: 6c:13:83:0b:93:d7:d1:1f:40:05:fd:ad:14:18:8b:87:6f:4e: dc:05:c9:f5:74:f5:79:5c:68:5f:95:a4:2d:4d:3e:f7:55:d4: 82:6c:2c:78:e1:b2:7c:6f:bc:24:1f:3e:55:ba:ef:53:11:87: 0a:10:f5:d3:42:5a:ef:9e:6d:c9:07:4b:f2:dc:f3:53:de:f2: b1:f1:6d:b7:a6:ab:ab:34:80:74:00:74:9c:61:47:0a:4b:df: f9:73:46:e4:09:8c:4f:10:0d:04:f4:d7:09:94:db:9f:28:bb: c6:b2:d5:6a:7f:c3:d8:62:90:51:0e:37:72:95:5a:08:18:b4: 62:2b:ff:81:32:51:45:87:93:65:d2:01:e3:0d:32:da:6c:e2: 90:19:4f:5c:72:dc:ea:a8:5d:cf:da:44:28:b9:a7:bc:c9:21: 9e:4c:29:20:2b:5d:cb:a5:a2:10:ce:53:3a:95:2b:4a:a9:8f: 26:8a:23:c2:ec:98:5f:ef:8f:11:b2:ac:6f:18:4f:b9:70:5f: 60:bb:3e:21:25:5b:9e:6d:5b:55:e1:25:b7:7a:82:a6:a3:2b: 44:70:e2:19 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgIBODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3QTE0 MzY4QTE3MDREREUyQjAyOEQyNkQ1NEQ4M0JEN0M4MzQ3Q0UzMB4XDTI1MDUyMjAz MTEzMloXDTI2MDUxMjEyMTkyOFowMzExMC8GA1UEAxMoMzk0NDRBMjhDMDQ0NDY5 RTlGODcyQ0U3MUI4NDE0NTdCMjM1N0Q0RjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAPcjorQEwSdpKaMFKLpmTWnqjAwjqwyTwyZD0svZ+4If3kRRyAwo Jut7fTCkY35myiS681JriEM+i5VSiuxAdWcxLxTkIRY/D/zKVUx0D9Kb0W6hN99r QOisuJYirj+XBZoToJBvECY4AP+MNl3lnewnpr1/izHTzw9SqkBAh2lH1FsZ6gBC ng2XEUe9y+1GF3H0t+cwupxCaNZaBb1YxGlDA2TCtW09Na5xZCTmCV6IwP+kJQPx mX/XyBEBk6E8fiwgNNNlXmHOsIG4a/qv6KIh38ClwmpNCItoRlosB8LRpWmqdmUZ +jN0Vw38hkgTzO6gSeYBSFJOjZ8emAoyJm8CAwEAAaOCAfIwggHuMB0GA1UdDgQW BBQ5REoowERGnp+HLOcbhBRXsjV9TzAfBgNVHSMEGDAWgBR6FDaKFwTd4rAo0m1U 2DvXyDR84zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83MTUv ZWhRMmloY0UzZUt3S05KdFZOZzcxOGcwZk9NLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9laFEyaWhjRTNlS3dLTkp0Vk5nNzE4ZzBmT00uY2VyMA4GA1UdDwEB/wQE AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83MTUvT1VSS0tNQkVScDZmaHl6 bkc0UVVWN0kxZlU4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj LmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF ACQCXkAwDQYJKoZIhvcNAQELBQADggEBAFzDWmoHC/4xEa7yv0tRslyzs5SZqcAa k/P6ajcqG8p2JI2PbGwTgwuT19EfQAX9rRQYi4dvTtwFyfV09XlcaF+VpC1NPvdV 1IJsLHjhsnxvvCQfPlW671MRhwoQ9dNCWu+ebckHS/Lc81Pe8rHxbbemq6s0gHQA dJxhRwpL3/lzRuQJjE8QDQT01wmU258ou8ay1Wp/w9hikFEON3KVWggYtGIr/4Ey UUWHk2XSAeMNMtps4pAZT1xy3OqoXc/aRCi5p7zJIZ5MKSArXculohDOUzqVK0qp jyaKI8LsmF/vjxGyrG8YT7lwX2C7PiElW55tW1XhJbd6gqajK0Rw4hk= -----END CERTIFICATE-----Generated at Wed Jun 4 00:59:54 2025 by rpki-client