$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/RSsk-bnDI26l5PGsQmFIl2nsGaY.roa File: RSsk-bnDI26l5PGsQmFIl2nsGaY.roa (raw, json) Hash identifier: IYuSVXE0aYkxsu2mQ+xPkz5ehuU1E45HRZ+/QP6lmzo= Subject key identifier: 45:2B:24:F9:B9:C3:23:6E:A5:E4:F1:AC:42:61:48:97:69:EC:19:A6 Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Certificate serial: D2 Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/RSsk-bnDI26l5PGsQmFIl2nsGaY.roa Signing time: Fri 06 Jun 2025 02:32:43 +0000 ROA not before: Fri 06 Jun 2025 02:32:43 +0000 ROA not after: Wed 27 May 2026 07:38:41 +0000 asID: 244400 IP address blocks: 240a:40c1:8000::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 03:44:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 210 (0xd2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D Validity Not Before: Jun 6 02:32:43 2025 GMT Not After : May 27 07:38:41 2026 GMT Subject: CN=452B24F9B9C3236EA5E4F1AC4261489769EC19A6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:e3:0b:51:02:99:80:c6:8c:95:ea:62:3d:95: 63:a5:7e:c8:e3:5a:3c:92:78:48:5b:b8:50:c2:b9: ac:0f:75:bc:da:a4:0e:be:ca:60:f5:3a:e3:8a:d5: 0d:23:5f:f7:61:cc:7a:6b:d6:f6:eb:58:fe:51:e7: bf:fb:64:29:cd:62:1d:ba:aa:93:af:f6:8a:55:b6: d6:fc:89:77:13:3d:8b:57:d1:2f:31:8b:ba:64:b6: 2f:86:b4:16:75:21:c2:98:c7:2e:11:a6:94:53:c4: 8e:60:24:ab:2f:1f:9a:49:82:24:d2:fd:0f:30:95: 4e:a0:f8:a5:f7:fb:d8:a5:0e:12:a0:1b:e8:9c:ea: a7:c0:92:70:f2:bb:a7:39:cd:9b:b4:de:0d:d0:34: 1c:f9:0a:e6:a0:9f:8f:00:6f:a8:a9:56:52:f5:f3: 3d:d8:2f:83:db:57:c5:e0:74:06:6f:6f:70:ed:df: 76:50:1b:38:00:95:50:c3:c8:27:c2:23:c5:ab:62: 60:49:23:85:15:6a:0b:b1:64:90:7b:de:28:f6:cc: 03:9c:52:ca:90:5c:f2:35:60:fa:e1:81:14:00:94: 5b:ff:0e:60:c3:98:7a:f8:16:23:c2:cd:fc:31:8f: f6:0f:b6:86:ae:e6:a4:6c:6d:aa:3f:66:e4:f6:b5: e1:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:2B:24:F9:B9:C3:23:6E:A5:E4:F1:AC:42:61:48:97:69:EC:19:A6 X509v3 Authority Key Identifier: keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/RSsk-bnDI26l5PGsQmFIl2nsGaY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 240a:40c1:8000::/44 Signature Algorithm: sha256WithRSAEncryption c0:4b:7f:43:68:f2:2b:de:19:b9:84:6b:4c:51:d2:0a:92:98: bb:68:a4:17:40:84:24:5a:a4:07:92:27:40:91:d6:e0:64:77: 67:e0:ee:eb:cd:e1:88:ed:c0:39:00:9a:cb:a9:dc:6c:12:8b: 3c:fd:62:3e:e7:bb:1c:36:fd:6c:9e:df:a0:a1:9e:2b:ab:5b: 87:77:32:51:5b:ab:37:16:75:ec:6f:eb:d6:19:f7:0e:ea:81: 3f:2a:b6:ec:2f:1e:ab:65:15:07:0e:9c:2e:b2:66:8a:5f:22: 8d:4b:32:08:dc:65:b2:4e:ff:7e:a1:6f:f3:ee:d2:09:8f:f3: c9:2c:c5:eb:2a:30:79:90:68:ad:fb:d5:40:5e:4d:df:6a:a8: 7e:af:a5:a7:1a:d7:e3:fc:c5:c1:54:41:75:7f:cf:fb:4f:ea: 4d:57:4e:b9:53:51:2b:2a:44:10:3b:12:d1:4c:e1:ee:99:fc: 2a:40:97:d2:33:74:e3:7b:f5:b6:d1:cb:07:c1:00:20:16:fc: d7:f5:6b:2e:5d:df:15:13:94:31:c8:83:6b:43:cb:ae:05:83: a0:bf:76:3c:50:9e:59:68:01:45:8d:43:10:4a:52:3b:c0:f1: c6:b8:72:94:94:b9:2f:e1:22:6d:b2:9c:ea:0f:d4:48:25:0f: 39:4b:c7:ac -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICANIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTRF RkY3MzkyRTFFREMxMjI1RkM0Q0ZCOEZBQjZFQjYxN0E5RDI0RDAeFw0yNTA2MDYw MjMyNDNaFw0yNjA1MjcwNzM4NDFaMDMxMTAvBgNVBAMTKDQ1MkIyNEY5QjlDMzIz NkVBNUU0RjFBQzQyNjE0ODk3NjlFQzE5QTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDN4wtRApmAxoyV6mI9lWOlfsjjWjySeEhbuFDCuawPdbzapA6+ ymD1OuOK1Q0jX/dhzHpr1vbrWP5R57/7ZCnNYh26qpOv9opVttb8iXcTPYtX0S8x i7pkti+GtBZ1IcKYxy4RppRTxI5gJKsvH5pJgiTS/Q8wlU6g+KX3+9ilDhKgG+ic 6qfAknDyu6c5zZu03g3QNBz5Cuagn48Ab6ipVlL18z3YL4PbV8XgdAZvb3Dt33ZQ GzgAlVDDyCfCI8WrYmBJI4UVaguxZJB73ij2zAOcUsqQXPI1YPrhgRQAlFv/DmDD mHr4FiPCzfwxj/YPtoau5qRsbao/ZuT2teFtAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQURSsk+bnDI26l5PGsQmFIl2nsGaYwHwYDVR0jBBgwFoAUlO/3OS4e3BIl/Ez7 j6tuthep0k0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 Mi9sT18zT1M0ZTNCSWxfRXo3ajZ0dXRoZXAwazAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzIvUlNzay1ibkRJMjZs NVBHc1FtRklsMm5zR2FZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQKQMGAADANBgkqhkiG9w0BAQsFAAOCAQEAwEt/Q2jyK94ZuYRrTFHSCpKY u2ikF0CEJFqkB5InQJHW4GR3Z+Du683hiO3AOQCay6ncbBKLPP1iPue7HDb9bJ7f oKGeK6tbh3cyUVurNxZ17G/r1hn3DuqBPyq27C8eq2UVBw6cLrJmil8ijUsyCNxl sk7/fqFv8+7SCY/zySzF6yoweZBorfvVQF5N32qofq+lpxrX4/zFwVRBdX/P+0/q TVdOuVNRKypEEDsS0Uzh7pn8KkCX0jN043v1ttHLB8EAIBb81/VrLl3fFROUMciD a0PLrgWDoL92PFCeWWgBRY1DEEpSO8DxxrhylJS5L+EibbKc6g/USCUPOUvHrA== -----END CERTIFICATE-----Generated at Sat Jul 5 00:29:04 2025 by rpki-client