$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/KNra1qqDYp4q2Md4-jedRaQBM-8.roa File: KNra1qqDYp4q2Md4-jedRaQBM-8.roa (raw, json) Hash identifier: 2V4BhXhGdCwp1iUYPtktp/0azwvRfjA6eX0Upx4ZQ3g= Subject key identifier: 28:DA:DA:D6:AA:83:62:9E:2A:D8:C7:78:FA:37:9D:45:A4:01:33:EF Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: D4 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/KNra1qqDYp4q2Md4-jedRaQBM-8.roa Signing time: Fri 06 Jun 2025 02:34:33 +0000 ROA not before: Fri 06 Jun 2025 02:34:33 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 9808 IP address blocks: 240a:40c2:e000::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 13:18:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 212 (0xd4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:34:33 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=28DADAD6AA83629E2AD8C778FA379D45A40133EF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fa:61:fe:cb:a1:07:ff:2b:36:33:0f:1d:87:46: 92:35:c1:20:9a:9c:30:db:f6:33:95:75:c6:99:ac: c2:85:73:1a:6b:03:68:0c:48:8f:71:f6:f8:99:d2: fa:dd:9f:27:5e:29:fb:41:dd:ce:49:89:0a:7e:52: 15:d7:0c:fe:41:3c:b1:0b:ef:1b:62:bf:33:88:a6: 77:5a:73:22:61:ad:8f:c3:21:d0:33:7b:e1:d2:ff: 8a:b2:da:26:56:6c:d0:d4:89:c8:c8:00:c1:a3:bc: d6:2d:54:90:65:79:ef:65:69:97:cd:f6:92:cf:29: 0e:3b:be:ed:d4:a4:39:37:27:c2:b4:81:c6:4c:dd: 98:9b:0e:ad:fd:52:97:1c:94:76:97:9b:27:64:4f: 68:c1:dd:1f:73:a3:dc:79:5a:b9:88:9e:86:82:4a: ce:f0:cf:4e:39:bb:93:9f:8b:a5:ae:a4:c5:ee:98: 94:1d:72:a7:04:fa:08:d6:d6:13:96:85:9d:4e:a2: 42:e0:92:e3:d9:46:0f:dc:ea:1c:03:ee:6a:6e:bb: 0c:11:5f:3c:0a:cd:62:8d:5b:ca:b2:17:c1:df:3f: ad:b2:34:66:e0:4d:31:37:a0:98:48:d5:ba:12:c0: fc:e1:a0:f4:6a:e0:a7:67:8e:59:ab:17:4b:71:88: 67:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:DA:DA:D6:AA:83:62:9E:2A:D8:C7:78:FA:37:9D:45:A4:01:33:EF X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/KNra1qqDYp4q2Md4-jedRaQBM-8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c2:e000::/44 Signature Algorithm: sha256WithRSAEncryption 4b:be:db:79:13:4d:82:c5:ba:ef:b1:41:44:3b:88:70:46:cc: c6:87:18:b9:96:49:a5:39:2d:67:5e:fc:4e:46:82:d8:37:49: 77:9f:e6:dc:01:de:cd:b3:6f:1f:f5:f4:74:13:34:a5:b1:fc: 42:0e:2e:7a:b8:59:0a:a8:6d:74:f0:5d:80:b5:7a:4f:57:82: 5c:ca:fa:4d:18:b1:a6:6d:e3:ff:93:6c:6e:94:96:30:7f:11: 71:b5:e5:f4:8f:f8:ef:06:e3:cf:d2:5d:8d:c5:4b:30:e5:5a: ae:67:21:b7:cb:f9:d3:00:61:ee:d4:c1:03:0b:a5:7c:51:b9: 02:d6:37:9d:58:77:34:7a:b4:3e:24:c9:e2:89:aa:f4:18:fc: 0f:0e:af:41:1e:64:64:1c:7a:fd:7b:5d:d7:c0:e0:03:a8:72: 28:33:3e:29:ef:49:d4:b9:a0:42:ec:bc:39:59:22:b0:ab:0e: 2f:b5:d9:84:96:58:ae:f1:f3:af:35:8a:4f:49:6d:ad:e9:d1: ad:d2:17:bd:d6:9d:e9:b5:ca:2f:4b:c3:5b:50:a0:49:b7:69: 9e:25:9f:cc:a0:f9:a6:df:11:06:03:33:59:f2:55:c7:02:08: be:42:37:89:e1:d1:25:65:1c:fb:76:96:5b:7a:b4:04:98:90: 00:99:90:f6 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICANQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjM0MzNaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDI4REFEQUQ2QUE4MzYy OUUyQUQ4Qzc3OEZBMzc5RDQ1QTQwMTMzRUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD6Yf7LoQf/KzYzDx2HRpI1wSCanDDb9jOVdcaZrMKFcxprA2gM SI9x9viZ0vrdnydeKftB3c5JiQp+UhXXDP5BPLEL7xtivzOIpndacyJhrY/DIdAz e+HS/4qy2iZWbNDUicjIAMGjvNYtVJBlee9laZfN9pLPKQ47vu3UpDk3J8K0gcZM 3ZibDq39UpcclHaXmydkT2jB3R9zo9x5WrmInoaCSs7wz045u5Ofi6WupMXumJQd cqcE+gjW1hOWhZ1OokLgkuPZRg/c6hwD7mpuuwwRXzwKzWKNW8qyF8HfP62yNGbg TTE3oJhI1boSwPzhoPRq4KdnjlmrF0txiGdDAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUKNra1qqDYp4q2Md4+jedRaQBM+8wHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvS05yYTFxcURZcDRx Mk1kNC1qZWRSYVFCTS04LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMLgADANBgkqhkiG9w0BAQsFAAOCAQEAS77beRNNgsW677FBRDuIcEbM xocYuZZJpTktZ178TkaC2DdJd5/m3AHezbNvH/X0dBM0pbH8Qg4uerhZCqhtdPBd gLV6T1eCXMr6TRixpm3j/5NsbpSWMH8RcbXl9I/47wbjz9JdjcVLMOVarmcht8v5 0wBh7tTBAwulfFG5AtY3nVh3NHq0PiTJ4omq9Bj8Dw6vQR5kZBx6/Xtd18DgA6hy KDM+Ke9J1LmgQuy8OVkisKsOL7XZhJZYrvHzrzWKT0ltrenRrdIXvdad6bXKL0vD W1CgSbdpniWfzKD5pt8RBgMzWfJVxwIIvkI3ieHRJWUc+3aWW3q0BJiQAJmQ9g== -----END CERTIFICATE-----Generated at Fri Jul 4 09:21:43 2025 by rpki-client