$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/2tUNj6UBt3xrrshEx6RlCk_RuS0.roa File: 2tUNj6UBt3xrrshEx6RlCk_RuS0.roa (raw, json) Hash identifier: vPnfd8KyPEleO8HLqJ6H0EyQnypmKU2Un32BIva3BF4= Subject key identifier: DA:D5:0D:8F:A5:01:B7:7C:6B:AE:C8:44:C7:A4:65:0A:4F:D1:B9:2D Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: F0 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/2tUNj6UBt3xrrshEx6RlCk_RuS0.roa Signing time: Fri 06 Jun 2025 02:52:22 +0000 ROA not before: Fri 06 Jun 2025 02:52:22 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 9808 IP address blocks: 240a:40c4:10::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 09:12:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 240 (0xf0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:52:22 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=DAD50D8FA501B77C6BAEC844C7A4650A4FD1B92D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:a6:9f:e5:2b:3d:44:1b:e1:a6:9e:88:33:76: b5:c3:17:bd:40:94:8b:b0:c4:e9:df:47:45:cf:d6: ff:d3:58:bf:f1:dd:ac:60:3e:98:22:1f:ba:08:25: 0b:3c:ba:2a:be:d2:3f:47:4d:f3:91:8a:ff:de:bf: 38:84:46:59:90:4b:3c:d2:50:5a:e6:cb:ef:11:9b: c6:1a:39:f7:24:e4:e5:5c:cb:27:c5:a5:cf:b4:27: 5e:c7:36:51:41:50:12:03:2c:a5:e2:6c:a8:98:d1: e5:da:93:62:ab:c4:77:42:5d:12:1a:db:17:a8:97: 23:81:d9:3a:7a:4f:dd:6c:85:cf:e6:0b:53:9f:58: 8d:28:2e:fc:fa:9e:63:ee:41:1b:fa:47:42:36:6d: 7c:37:64:3e:0b:ee:e2:91:86:15:d0:93:76:64:d4: dd:4e:a0:bb:8d:f6:5b:8b:2b:e4:4f:15:90:99:a2: 04:a7:48:ba:c1:4c:00:c2:a5:fc:ab:a4:ed:91:53: fd:68:6d:0a:22:f5:45:93:12:85:0c:75:4e:84:56: 95:c9:88:15:31:fd:ab:63:3f:b1:dc:8e:19:2d:99: cd:ce:ec:1c:ee:0d:ba:8f:b3:64:ba:1a:e7:fc:b0: e8:18:74:b0:46:1b:c9:1e:f9:7d:fa:d6:63:61:6f: 0c:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:D5:0D:8F:A5:01:B7:7C:6B:AE:C8:44:C7:A4:65:0A:4F:D1:B9:2D X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/2tUNj6UBt3xrrshEx6RlCk_RuS0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c4:10::/44 Signature Algorithm: sha256WithRSAEncryption 81:c2:7e:93:d4:85:28:76:a9:f7:e7:26:0d:d1:63:cb:71:7b: 4d:ca:93:c1:c2:38:6f:fb:62:5d:fa:7f:85:b8:16:be:7c:cb: 3b:f6:66:ea:dd:18:b5:b1:6f:0d:83:d8:73:25:39:7b:f4:87: d7:82:1e:94:c5:c9:c3:ed:85:41:05:e5:29:a7:e8:3b:c6:31: 60:f5:33:d3:66:87:17:ff:6e:12:f6:8e:aa:6b:77:5d:52:e5: 6f:52:6d:af:81:ab:e0:fe:fc:78:9f:70:e1:70:56:7d:23:3d: 3f:d0:3d:d8:48:e5:6b:b0:61:59:84:fd:bd:d0:a3:1b:12:0d: 9a:6e:dc:50:0f:ef:e7:04:0d:fb:8f:e5:97:76:f3:4b:0c:0e: 14:ad:1f:22:7c:04:15:1b:46:7f:6a:88:09:3a:e6:52:e9:1f: f7:ec:2f:43:a5:5e:6f:3e:7e:4d:a3:9d:8f:cb:dd:b1:5f:6b: 84:b8:6c:2c:5c:e2:27:b0:8e:0b:81:26:d6:65:ad:a7:f9:63: d0:56:94:f4:a1:79:8e:d4:c5:3a:78:c5:12:ee:06:19:73:1b: 30:0a:c3:e0:05:d9:a7:a0:ce:75:04:4c:cc:de:c1:dc:34:17: c8:62:56:ce:1c:92:d0:83:30:0e:17:31:ce:d5:d6:18:6f:34: b9:6f:8e:12 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICAPAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjUyMjJaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKERBRDUwRDhGQTUwMUI3 N0M2QkFFQzg0NEM3QTQ2NTBBNEZEMUI5MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGpp/lKz1EG+GmnogzdrXDF71AlIuwxOnfR0XP1v/TWL/x3axg PpgiH7oIJQs8uiq+0j9HTfORiv/evziERlmQSzzSUFrmy+8Rm8YaOfck5OVcyyfF pc+0J17HNlFBUBIDLKXibKiY0eXak2KrxHdCXRIa2xeolyOB2Tp6T91shc/mC1Of WI0oLvz6nmPuQRv6R0I2bXw3ZD4L7uKRhhXQk3Zk1N1OoLuN9luLK+RPFZCZogSn SLrBTADCpfyrpO2RU/1obQoi9UWTEoUMdU6EVpXJiBUx/atjP7Hcjhktmc3O7Bzu DbqPs2S6Guf8sOgYdLBGG8ke+X361mNhbwy1AgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQU2tUNj6UBt3xrrshEx6RlCk/RuS0wHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvMnRVTmo2VUJ0M3hy cnNoRXg2UmxDa19SdVMwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMQAEDANBgkqhkiG9w0BAQsFAAOCAQEAgcJ+k9SFKHap9+cmDdFjy3F7 TcqTwcI4b/tiXfp/hbgWvnzLO/Zm6t0YtbFvDYPYcyU5e/SH14IelMXJw+2FQQXl KafoO8YxYPUz02aHF/9uEvaOqmt3XVLlb1Jtr4Gr4P78eJ9w4XBWfSM9P9A92Ejl a7BhWYT9vdCjGxINmm7cUA/v5wQN+4/ll3bzSwwOFK0fInwEFRtGf2qICTrmUukf 9+wvQ6Vebz5+TaOdj8vdsV9rhLhsLFziJ7COC4Em1mWtp/lj0FaU9KF5jtTFOnjF Eu4GGXMbMArD4AXZp6DOdQRMzN7B3DQXyGJWzhyS0IMwDhcxztXWGG80uW+OEg== -----END CERTIFICATE-----Generated at Fri Jul 4 08:38:58 2025 by rpki-client