$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/52qJ28LFMGksnZdOvY3NHDKAkPo.roa File: 52qJ28LFMGksnZdOvY3NHDKAkPo.roa (raw, json) Hash identifier: 5PUAqFsR0VKvHBewzPenXF12bSJH5iHPZkZ+kof/w0g= Subject key identifier: E7:6A:89:DB:C2:C5:30:69:2C:9D:97:4E:BD:8D:CD:1C:32:80:90:FA Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Certificate serial: 06DC Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/52qJ28LFMGksnZdOvY3NHDKAkPo.roa Signing time: Tue 10 Jun 2025 01:40:24 +0000 ROA not before: Tue 10 Jun 2025 01:40:24 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146762 IP address blocks: 2400:5f60::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 03:44:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1756 (0x6dc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Validity Not Before: Jun 10 01:40:24 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=E76A89DBC2C530692C9D974EBD8DCD1C328090FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:0e:be:a4:f5:27:36:a1:fc:d4:2e:d2:c7:a4: 79:c5:77:c0:dc:d2:dd:c4:b5:8e:99:35:88:11:f8: 4a:1e:4a:6a:96:f1:bc:e8:a3:67:20:a8:44:85:f4: 2d:73:77:71:9f:bb:02:97:83:a2:70:58:78:f4:68: 61:6f:b6:c5:b2:4d:17:c5:ec:01:43:21:08:99:ef: f4:65:cc:97:96:e9:b2:32:53:92:52:93:54:6d:51: ef:f8:f6:55:08:f0:1b:81:85:f9:f7:6f:0e:97:22: bd:ae:6e:66:f8:6f:3b:0e:6d:4d:54:7b:8e:05:b4: ab:79:7c:92:8d:c2:b6:b2:14:cf:4b:0c:99:02:0a: 5e:9c:e7:de:21:8a:22:ff:6e:fb:a0:5c:1a:ab:d2: 12:43:66:08:90:4b:ad:f2:f0:8c:6c:d9:c7:9b:a3: 3f:14:f3:4c:03:de:78:17:05:60:60:71:0c:2b:ae: 7a:7c:e4:9b:c4:0a:40:31:5d:84:af:dd:a9:cb:22: 20:9a:e2:2a:5a:3c:c9:41:f2:f5:ae:23:41:46:c9: ec:0c:67:a8:65:15:b5:f2:b2:84:be:3a:da:3e:28: d8:50:b3:dd:91:6d:76:43:9c:62:8c:f9:f5:49:88: 7f:6b:fc:07:b7:11:98:e6:83:f9:da:32:a9:35:9d: fa:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:6A:89:DB:C2:C5:30:69:2C:9D:97:4E:BD:8D:CD:1C:32:80:90:FA X509v3 Authority Key Identifier: keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/52qJ28LFMGksnZdOvY3NHDKAkPo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:5f60::/32 Signature Algorithm: sha256WithRSAEncryption 4d:8f:45:e2:59:c7:04:b5:0f:27:49:df:11:02:be:a6:f8:a5: d4:3a:69:34:f5:52:35:aa:3d:f1:31:5b:08:93:8a:92:57:ea: fa:a1:ce:83:13:03:87:27:2e:ba:c0:f6:ec:de:e0:75:e6:0f: 03:5e:c0:d1:e2:d6:a4:f4:09:e5:bb:ed:77:3c:81:6a:9e:09: bc:d1:20:aa:cd:bb:3b:62:6a:0a:4d:e7:07:e4:b4:e5:a0:ad: bd:db:6d:a7:6d:a3:65:1c:c9:b3:8a:41:73:c7:85:79:26:47: df:36:ce:48:91:ae:c5:51:c9:71:84:c7:53:e4:0f:9c:c2:51: 14:cf:4e:43:5b:4c:ed:1b:36:c0:3b:39:01:80:78:14:30:d9: 30:c2:09:0a:4f:9e:21:18:83:74:20:54:d8:3f:3e:ff:05:3c: 3b:d7:c6:37:ec:37:7b:26:31:0c:1a:2b:74:36:8a:11:46:e8: 6a:bf:d6:20:dc:f3:f8:46:2c:f9:a1:d2:ad:36:39:36:73:e1: 01:e0:c4:2a:cc:7f:90:52:41:0c:21:71:f5:db:ce:c2:3e:54: fe:0e:19:03:82:13:8e:90:bb:ba:d7:8b:c9:d6:7f:aa:e8:8b: d2:9e:e5:a7:a9:c0:3e:c7:3f:3c:9d:ac:54:fd:93:a5:4b:15: 6f:1b:42:a2 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICBtwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNTA2MTAw MTQwMjRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU3NkE4OURCQzJDNTMw NjkyQzlEOTc0RUJEOERDRDFDMzI4MDkwRkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDSDr6k9Sc2ofzULtLHpHnFd8Dc0t3EtY6ZNYgR+EoeSmqW8bzo o2cgqESF9C1zd3GfuwKXg6JwWHj0aGFvtsWyTRfF7AFDIQiZ7/RlzJeW6bIyU5JS k1RtUe/49lUI8BuBhfn3bw6XIr2ubmb4bzsObU1Ue44FtKt5fJKNwrayFM9LDJkC Cl6c594hiiL/bvugXBqr0hJDZgiQS63y8Ixs2ceboz8U80wD3ngXBWBgcQwrrnp8 5JvECkAxXYSv3anLIiCa4ipaPMlB8vWuI0FGyewMZ6hlFbXysoS+Oto+KNhQs92R bXZDnGKM+fVJiH9r/Ae3EZjmg/naMqk1nfo1AgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQU52qJ28LFMGksnZdOvY3NHDKAkPowHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvNTJxSjI4TEZNR2tz blpkT3ZZM05IREtBa1BvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQAX2AwDQYJKoZIhvcNAQELBQADggEBAE2PReJZxwS1DydJ3xECvqb4pdQ6 aTT1UjWqPfExWwiTipJX6vqhzoMTA4cnLrrA9uze4HXmDwNewNHi1qT0CeW77Xc8 gWqeCbzRIKrNuztiagpN5wfktOWgrb3bbadto2UcybOKQXPHhXkmR982zkiRrsVR yXGEx1PkD5zCURTPTkNbTO0bNsA7OQGAeBQw2TDCCQpPniEYg3QgVNg/Pv8FPDvX xjfsN3smMQwaK3Q2ihFG6Gq/1iDc8/hGLPmh0q02OTZz4QHgxCrMf5BSQQwhcfXb zsI+VP4OGQOCE46Qu7rXi8nWf6roi9Ke5aepwD7HPzydrFT9k6VLFW8bQqI= -----END CERTIFICATE-----Generated at Sat Jul 5 02:46:29 2025 by rpki-client