$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/33bYPL2QBGOO3ctqt10DEcpNzeg.roa File: 33bYPL2QBGOO3ctqt10DEcpNzeg.roa (raw, json) Hash identifier: NepcBqsVSFGCItEDdin67LqZN+lnkOKPziFtPuiPrFQ= Subject key identifier: DF:76:D8:3C:BD:90:04:63:8E:DD:CB:6A:B7:5D:03:11:CA:4D:CD:E8 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: EE Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/33bYPL2QBGOO3ctqt10DEcpNzeg.roa Signing time: Fri 06 Jun 2025 02:45:47 +0000 ROA not before: Fri 06 Jun 2025 02:45:47 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 9808 IP address blocks: 240a:40c2:10::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 13:18:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 238 (0xee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:45:47 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=DF76D83CBD9004638EDDCB6AB75D0311CA4DCDE8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:ad:9b:7f:0f:69:be:2d:d6:91:a8:c4:7b:80: 84:0e:82:93:07:fc:e9:46:e0:b5:f3:b1:a7:20:62: 77:19:5d:42:f1:2a:f5:20:cd:ca:2a:10:a5:4e:13: 0c:d3:7c:fc:f6:99:ea:b7:98:23:b2:8d:bd:14:c8: c4:e9:27:b9:72:46:b3:f5:78:50:4c:67:49:48:3d: 81:23:9d:fd:03:08:b8:b6:aa:cc:11:0c:3e:2c:7f: 71:13:aa:c8:bb:8f:53:96:26:fd:a3:9a:d3:67:45: 1a:a0:54:9e:2e:a6:bd:d9:35:a5:3e:8b:30:8b:a1: 49:24:a6:08:4b:a5:d1:a8:50:5a:83:c4:c3:97:23: 82:16:25:98:43:55:51:9b:23:7c:b4:0a:e0:b8:91: 1b:4d:93:a5:f8:3e:b0:b1:71:f3:1e:2a:e2:43:9f: 3c:88:e5:12:3a:07:0b:ad:f4:5e:1f:44:05:0c:2c: 07:ed:b5:02:a9:d7:6e:0a:af:bb:43:78:01:7d:94: ef:d3:2c:b1:63:f7:c0:24:8f:b3:77:f1:37:95:b3: 42:09:9b:2d:c2:74:ca:96:2d:20:30:0e:9a:9a:7a: da:ac:cb:54:8c:d7:04:82:17:b3:be:d0:45:a1:eb: 94:cb:86:81:4f:cf:5c:1e:65:28:34:f7:54:51:26: f0:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:76:D8:3C:BD:90:04:63:8E:DD:CB:6A:B7:5D:03:11:CA:4D:CD:E8 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/33bYPL2QBGOO3ctqt10DEcpNzeg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c2:10::/44 Signature Algorithm: sha256WithRSAEncryption 51:13:b3:b6:b3:29:8a:f1:a2:7e:ee:ca:44:1f:f5:c0:7f:84: 73:f4:c0:69:91:91:83:82:a6:eb:47:1a:e5:86:af:01:91:f2: 64:d7:65:9b:45:3a:2f:d7:e6:08:1a:93:57:ce:b8:38:bd:df: 64:6b:92:98:2b:fd:8c:f2:22:ed:dd:f5:1c:06:41:f1:ea:53: 73:7b:40:2e:d4:7b:d1:b8:38:1a:24:e6:e9:67:31:b1:f0:35: ed:fd:4b:47:8d:d4:08:d9:41:83:c0:76:a3:98:ee:2a:2c:da: 97:43:d6:9d:01:28:76:13:ba:7d:46:6d:f3:e3:a0:9b:1e:b7: a0:dd:d3:12:71:13:61:d3:94:ae:d6:9f:e3:82:9c:35:2b:fc: 4a:28:3e:b2:1d:6b:f5:02:1c:75:40:a0:20:91:ff:03:84:91: bf:97:63:2c:24:a3:d2:94:78:75:fc:bb:c7:52:1e:6a:e0:28: 7d:d9:fc:f2:78:fc:17:ec:d2:80:8d:b5:f3:9c:6d:4d:e7:a0: 86:e2:41:b8:e6:f9:bf:9e:fd:43:47:40:c2:52:3f:98:1c:50: 66:e3:5d:fc:22:21:88:d7:4f:6e:30:27:59:36:86:f9:b6:c9: f6:5a:f2:7c:eb:2e:40:e7:e2:af:dd:3c:cc:90:a3:02:91:85: 8c:f4:4c:ee -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICAO4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjQ1NDdaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKERGNzZEODNDQkQ5MDA0 NjM4RUREQ0I2QUI3NUQwMzExQ0E0RENERTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVrZt/D2m+LdaRqMR7gIQOgpMH/OlG4LXzsacgYncZXULxKvUg zcoqEKVOEwzTfPz2meq3mCOyjb0UyMTpJ7lyRrP1eFBMZ0lIPYEjnf0DCLi2qswR DD4sf3ETqsi7j1OWJv2jmtNnRRqgVJ4upr3ZNaU+izCLoUkkpghLpdGoUFqDxMOX I4IWJZhDVVGbI3y0CuC4kRtNk6X4PrCxcfMeKuJDnzyI5RI6Bwut9F4fRAUMLAft tQKp124Kr7tDeAF9lO/TLLFj98Akj7N38TeVs0IJmy3CdMqWLSAwDpqaetqsy1SM 1wSCF7O+0EWh65TLhoFPz1weZSg091RRJvBbAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQU33bYPL2QBGOO3ctqt10DEcpNzegwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvMzNiWVBMMlFCR09P M2N0cXQxMERFY3BOemVnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMIAEDANBgkqhkiG9w0BAQsFAAOCAQEAUROztrMpivGifu7KRB/1wH+E c/TAaZGRg4Km60ca5YavAZHyZNdlm0U6L9fmCBqTV864OL3fZGuSmCv9jPIi7d31 HAZB8epTc3tALtR70bg4GiTm6WcxsfA17f1LR43UCNlBg8B2o5juKizal0PWnQEo dhO6fUZt8+Ogmx63oN3TEnETYdOUrtaf44KcNSv8Sig+sh1r9QIcdUCgIJH/A4SR v5djLCSj0pR4dfy7x1IeauAofdn88nj8F+zSgI2185xtTeeghuJBuOb5v579Q0dA wlI/mBxQZuNd/CIhiNdPbjAnWTaG+bbJ9lryfOsuQOfir908zJCjApGFjPRM7g== -----END CERTIFICATE-----Generated at Fri Jul 4 09:01:57 2025 by rpki-client