$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/2nbWAF-v2icIFmaXS9slVts9t14.roa File: 2nbWAF-v2icIFmaXS9slVts9t14.roa (raw, json) Hash identifier: sI4VK47iEQ4kxpF0VfSvzlYkRNONQ4g8r9p3LAdBLHo= Subject key identifier: DA:76:D6:00:5F:AF:DA:27:08:16:66:97:4B:DB:25:56:DB:3D:B7:5E Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: B0 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/2nbWAF-v2icIFmaXS9slVts9t14.roa Signing time: Fri 06 Jun 2025 02:22:21 +0000 ROA not before: Fri 06 Jun 2025 02:22:21 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 9808 IP address blocks: 240a:40c3::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 09:12:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 176 (0xb0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:22:21 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=DA76D6005FAFDA27081666974BDB2556DB3DB75E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ce:6d:82:ff:ea:1f:39:a6:6b:4c:82:89:7f: 2c:31:5a:74:73:c6:ee:f1:50:f7:7d:4a:a0:8a:b4: fa:73:3c:62:89:05:10:a1:05:94:98:7f:23:27:88: 74:ef:8f:9e:fc:c3:03:f6:4d:65:91:3b:0f:ad:b9: 1d:9b:8b:98:6f:a0:19:b3:bb:82:40:5b:39:b4:b9: 4c:5c:e0:19:6d:3a:1a:43:9c:11:46:23:f6:19:d9: dd:76:9a:5a:ee:fe:54:e2:51:3d:d3:15:77:4b:22: e7:ca:b3:29:39:ea:18:03:58:38:84:b4:ed:90:b8: 5e:0a:6c:bf:5f:56:4d:d3:90:90:73:94:9d:a5:98: 1e:ee:8c:48:43:83:d4:ba:a9:2a:85:e9:42:0b:58: 4c:a8:e9:7d:18:f7:85:fa:b4:db:b7:fc:f0:94:f2: c1:a9:8f:51:94:04:d0:a1:ca:88:ae:bd:2b:79:34: 8c:42:9c:a0:5e:7a:52:97:10:d0:d4:3c:ff:ad:84: a5:2f:a6:03:a4:01:38:ef:8a:37:14:64:cb:92:4a: 6f:60:bf:e1:ca:f2:d3:54:43:60:c6:0d:e3:8b:94: 25:b7:23:03:ed:eb:bd:a0:a2:f6:c8:7e:02:08:99: eb:ad:c9:d3:33:b8:24:c6:b3:5b:4c:52:de:8d:46: 42:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:76:D6:00:5F:AF:DA:27:08:16:66:97:4B:DB:25:56:DB:3D:B7:5E X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/2nbWAF-v2icIFmaXS9slVts9t14.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c3::/44 Signature Algorithm: sha256WithRSAEncryption b6:f4:91:8b:96:7d:12:87:ed:eb:59:0d:57:d0:17:70:3b:1d: 4a:eb:96:bc:1f:91:9a:a6:b2:2f:3f:98:1b:14:96:63:85:9c: fd:0c:b8:52:ed:7d:34:49:31:25:66:bc:6a:8f:27:bb:e9:2a: 06:a5:80:f5:2b:6a:70:4e:48:4e:0f:e8:20:cc:d5:75:41:c6: 4b:39:39:7c:c6:6f:6a:8a:2e:a9:40:cd:68:2c:e5:83:8d:ed: d8:07:fd:bd:8a:8c:b7:fd:52:6e:3c:c5:86:67:7e:c1:e3:17: 6a:50:7a:37:3e:05:4e:99:6f:d6:38:93:8f:da:af:54:92:63: 9d:e8:7f:76:71:fe:0d:9e:a7:74:63:75:87:ec:3c:f8:56:d7: 22:01:2a:9d:a4:f6:5b:1e:70:a1:cd:17:fb:3e:5e:43:4b:63: 57:8b:22:33:41:e5:ac:2e:0a:90:6a:a6:25:42:5e:e0:31:82: 8c:cd:ac:84:6c:ab:04:39:9d:a5:e6:d8:fb:6a:d3:11:58:38: 1a:d0:3b:c8:13:fe:6c:a6:6d:cf:ec:5b:4d:08:7c:d1:d7:46: 01:80:d9:3c:00:bc:ba:ac:e3:21:61:84:b1:58:b8:a2:da:f7: 13:26:45:1b:dc:4d:0c:de:3c:af:2a:b5:a5:c8:3e:4e:74:06: 49:90:b2:a0 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICALAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjIyMjFaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKERBNzZENjAwNUZBRkRB MjcwODE2NjY5NzRCREIyNTU2REIzREI3NUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPzm2C/+ofOaZrTIKJfywxWnRzxu7xUPd9SqCKtPpzPGKJBRCh BZSYfyMniHTvj578wwP2TWWROw+tuR2bi5hvoBmzu4JAWzm0uUxc4BltOhpDnBFG I/YZ2d12mlru/lTiUT3TFXdLIufKsyk56hgDWDiEtO2QuF4KbL9fVk3TkJBzlJ2l mB7ujEhDg9S6qSqF6UILWEyo6X0Y94X6tNu3/PCU8sGpj1GUBNChyoiuvSt5NIxC nKBeelKXENDUPP+thKUvpgOkATjvijcUZMuSSm9gv+HK8tNUQ2DGDeOLlCW3IwPt 672govbIfgIImeutydMzuCTGs1tMUt6NRkLNAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQU2nbWAF+v2icIFmaXS9slVts9t14wHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvMm5iV0FGLXYyaWNJ Rm1hWFM5c2xWdHM5dDE0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMMAADANBgkqhkiG9w0BAQsFAAOCAQEAtvSRi5Z9Eoft61kNV9AXcDsd SuuWvB+RmqayLz+YGxSWY4Wc/Qy4Uu19NEkxJWa8ao8nu+kqBqWA9StqcE5ITg/o IMzVdUHGSzk5fMZvaoouqUDNaCzlg43t2Af9vYqMt/1SbjzFhmd+weMXalB6Nz4F Tplv1jiTj9qvVJJjneh/dnH+DZ6ndGN1h+w8+FbXIgEqnaT2Wx5woc0X+z5eQ0tj V4siM0HlrC4KkGqmJUJe4DGCjM2shGyrBDmdpebY+2rTEVg4GtA7yBP+bKZtz+xb TQh80ddGAYDZPAC8uqzjIWGEsVi4otr3EyZFG9xNDN48ryq1pcg+TnQGSZCyoA== -----END CERTIFICATE-----Generated at Fri Jul 4 07:55:53 2025 by rpki-client