$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/H3TbWwq0Uce7ejBU3vBw9-hZ6XE.roa File: H3TbWwq0Uce7ejBU3vBw9-hZ6XE.roa (raw, json) Hash identifier: V3AcCIl5bTTXUbVzXZ5X+YmFrSuDHZ5yabOTUaZ++LQ= Subject key identifier: 1F:74:DB:5B:0A:B4:51:C7:BB:7A:30:54:DE:F0:70:F7:E8:59:E9:71 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: F5 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/H3TbWwq0Uce7ejBU3vBw9-hZ6XE.roa Signing time: Fri 06 Jun 2025 02:54:37 +0000 ROA not before: Fri 06 Jun 2025 02:54:37 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 56040 IP address blocks: 240a:4021:83a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 22:44:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 245 (0xf5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:54:37 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=1F74DB5B0AB451C7BB7A3054DEF070F7E859E971 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:f7:bc:98:33:1d:62:5b:23:7c:34:13:2d:29: 60:29:14:84:64:32:97:9f:a7:3c:56:48:29:b9:da: f3:b8:e3:c2:7d:07:35:a7:dd:25:61:66:77:92:71: 71:bd:12:86:ea:04:ee:35:8d:cd:e4:a5:cf:31:48: 01:3b:6a:18:c2:13:a4:08:11:02:2a:2f:1d:6b:a2: 5b:a9:0b:2c:81:32:37:e1:3d:21:64:c9:61:3f:0b: cb:79:06:23:9e:84:45:7b:43:55:dd:20:9b:bf:28: e2:93:02:d2:5e:98:89:e7:73:b6:de:9f:55:d5:83: 3f:9a:38:e3:d3:e3:05:a0:8b:a5:54:94:fc:20:27: 17:c6:89:f5:4d:e5:57:51:b0:f2:af:91:88:69:cf: 89:f1:f6:f4:87:57:3f:91:85:02:c4:9d:ce:db:51: f4:21:31:3f:be:f3:fb:52:2c:80:c1:a0:12:d8:69: 27:87:0d:ea:a1:88:1d:f8:f0:3f:82:77:96:b3:62: 1b:13:2a:27:db:02:2a:a7:52:c7:6a:e9:37:8f:f3: a4:05:7c:7b:c7:a8:2b:3a:9f:42:59:be:ed:cc:d0: 4b:64:22:e0:f5:a6:ad:98:86:fd:a4:a8:90:dd:8e: ed:9a:0a:e0:3b:b6:3c:38:e6:99:28:e6:b2:44:da: 89:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:74:DB:5B:0A:B4:51:C7:BB:7A:30:54:DE:F0:70:F7:E8:59:E9:71 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/H3TbWwq0Uce7ejBU3vBw9-hZ6XE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:4021:83a::/48 Signature Algorithm: sha256WithRSAEncryption d7:f3:03:57:ec:20:b3:8f:1a:c9:ba:8a:98:cd:bc:97:7b:57: 58:d8:3b:3d:89:dd:12:31:ce:62:32:cf:65:e6:be:34:40:1f: b2:fc:d2:be:0d:1f:5e:5f:f0:c4:fa:8b:23:d3:e9:4b:29:09: be:40:8a:b6:c4:82:6d:19:f2:29:42:e2:2a:46:48:9e:af:55: cc:11:7f:f4:0f:90:ea:fb:7b:96:50:77:8a:b5:66:b3:2a:a7: 06:13:fb:a0:17:a8:f8:37:ff:46:77:f4:66:f9:5e:0b:4a:bc: 61:54:40:f6:58:14:d0:f4:d2:9f:77:34:c1:bb:f9:80:6c:4f: 1a:9f:c5:01:50:58:8b:b3:96:33:1e:c5:3c:34:3e:57:6e:e9: 34:2a:52:aa:23:44:7d:a8:cf:9c:97:6c:8d:48:fb:c5:6e:d4: 0f:f6:87:d4:16:c7:1b:cf:61:24:e4:f9:72:5b:8f:85:16:ad: f2:39:40:25:c6:c0:01:ee:9b:93:aa:2e:5c:e8:57:ac:d2:6f: fd:c6:47:21:ae:de:d2:70:2d:a4:2d:94:46:d0:4e:dd:ce:c1: ba:45:f6:39:7b:57:00:bc:d3:ad:43:ec:05:2e:b4:cb:d6:db: ec:50:77:11:20:52:ac:96:df:40:ae:40:d3:75:1b:97:aa:3f: 4b:7c:0d:a7 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICAPUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjU0MzdaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDFGNzREQjVCMEFCNDUx QzdCQjdBMzA1NERFRjA3MEY3RTg1OUU5NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCm97yYMx1iWyN8NBMtKWApFIRkMpefpzxWSCm52vO448J9BzWn 3SVhZneScXG9EobqBO41jc3kpc8xSAE7ahjCE6QIEQIqLx1rolupCyyBMjfhPSFk yWE/C8t5BiOehEV7Q1XdIJu/KOKTAtJemInnc7ben1XVgz+aOOPT4wWgi6VUlPwg JxfGifVN5VdRsPKvkYhpz4nx9vSHVz+RhQLEnc7bUfQhMT++8/tSLIDBoBLYaSeH DeqhiB348D+Cd5azYhsTKifbAiqnUsdq6TeP86QFfHvHqCs6n0JZvu3M0EtkIuD1 pq2Yhv2kqJDdju2aCuA7tjw45pko5rJE2ontAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUH3TbWwq0Uce7ejBU3vBw9+hZ6XEwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvSDNUYld3cTBVY2U3 ZWpCVTN2Qnc5LWhaNlhFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQKQCEIOjANBgkqhkiG9w0BAQsFAAOCAQEA1/MDV+wgs48aybqKmM28l3tX WNg7PYndEjHOYjLPZea+NEAfsvzSvg0fXl/wxPqLI9PpSykJvkCKtsSCbRnyKULi KkZInq9VzBF/9A+Q6vt7llB3irVmsyqnBhP7oBeo+Df/Rnf0ZvleC0q8YVRA9lgU 0PTSn3c0wbv5gGxPGp/FAVBYi7OWMx7FPDQ+V27pNCpSqiNEfajPnJdsjUj7xW7U D/aH1BbHG89hJOT5cluPhRat8jlAJcbAAe6bk6ouXOhXrNJv/cZHIa7e0nAtpC2U RtBO3c7BukX2OXtXALzTrUPsBS60y9bb7FB3ESBSrJbfQK5A03Ubl6o/S3wNpw== -----END CERTIFICATE-----Generated at Fri Jul 4 22:06:01 2025 by rpki-client