$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1200/LYlIwabI9y1aUm1iS6_deSSPdQ4.roa File: LYlIwabI9y1aUm1iS6_deSSPdQ4.roa (raw, json) Hash identifier: sMZ2ffWy01w7sJigLlIkp0LMbKutBmFWKnBXY1e2GyY= Subject key identifier: 2D:89:48:C1:A6:C8:F7:2D:5A:52:6D:62:4B:AF:DD:79:24:8F:75:0E Certificate issuer: /CN=6191AACDCE560A74D83C05DA8EA9327AF944DBBD Certificate serial: 1755 Authority key identifier: 61:91:AA:CD:CE:56:0A:74:D8:3C:05:DA:8E:A9:32:7A:F9:44:DB:BD Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YZGqzc5WCnTYPAXajqkyevlE270.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/LYlIwabI9y1aUm1iS6_deSSPdQ4.roa Signing time: Sat 13 Sep 2025 03:04:23 +0000 ROA not before: Sat 13 Sep 2025 03:04:23 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59022 IP address blocks: 2400:ebc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/YZGqzc5WCnTYPAXajqkyevlE270.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/YZGqzc5WCnTYPAXajqkyevlE270.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YZGqzc5WCnTYPAXajqkyevlE270.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:05:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5973 (0x1755) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6191AACDCE560A74D83C05DA8EA9327AF944DBBD Validity Not Before: Sep 13 03:04:23 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2D8948C1A6C8F72D5A526D624BAFDD79248F750E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:2c:3f:1e:4a:05:cf:ab:ca:72:70:3c:69:99: 0e:15:ee:ba:e3:07:88:89:8a:23:70:ee:b4:a5:89: d8:cf:5a:e2:e6:14:76:00:62:08:2c:3d:da:a9:6d: 18:7f:d8:61:0c:14:5c:e8:94:de:2d:3e:3d:66:cc: 90:06:cb:bf:73:a5:4c:ca:d3:43:ff:fb:c7:aa:75: f7:bb:9e:fa:e8:7b:ea:53:cb:7c:ae:e6:49:36:87: 82:29:c3:5a:6f:b6:e3:28:fc:a6:2e:2e:4e:e4:54: 27:6e:68:3f:f9:18:1b:07:64:83:56:8d:86:b7:c6: 49:47:c3:58:b1:88:55:d5:a6:38:f7:c9:cb:5c:70: 4f:77:f4:a2:2a:ad:98:ab:59:cd:02:4c:23:21:db: 72:5e:41:fb:17:d7:e5:6d:b3:e4:fa:b3:b6:19:d6: ee:d8:5d:63:15:78:09:64:bd:b6:41:57:f7:5f:0e: c4:1e:4d:8c:5e:d7:67:e6:57:20:fe:3c:66:c8:c4: d7:0f:01:d1:49:15:bf:02:d9:c9:e2:2e:45:55:07: 16:d2:26:d1:fd:f6:9c:c8:42:ea:57:11:ab:f5:da: f8:93:38:27:f1:a1:d2:8f:6e:21:d0:58:d8:a5:55: 3a:44:9d:9a:67:e4:c8:5f:4f:c4:cc:9b:76:9e:6a: 57:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:89:48:C1:A6:C8:F7:2D:5A:52:6D:62:4B:AF:DD:79:24:8F:75:0E X509v3 Authority Key Identifier: keyid:61:91:AA:CD:CE:56:0A:74:D8:3C:05:DA:8E:A9:32:7A:F9:44:DB:BD X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/YZGqzc5WCnTYPAXajqkyevlE270.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YZGqzc5WCnTYPAXajqkyevlE270.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/LYlIwabI9y1aUm1iS6_deSSPdQ4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:ebc0::/32 Signature Algorithm: sha256WithRSAEncryption bc:46:0f:29:66:36:81:02:67:d2:d3:df:31:35:47:b7:bd:52: 62:4f:4b:3d:46:2e:ce:23:01:5c:8c:f3:74:32:a9:36:88:f3: 68:b4:f0:01:1f:9c:f4:1f:54:45:79:5e:0a:9b:d7:aa:28:08: 1e:b1:54:cd:ed:72:9e:c3:5c:be:35:33:7c:29:00:ef:a4:56: 21:d1:85:e4:1b:dd:3f:72:f6:ff:75:b1:c3:40:83:f0:e6:9c: 33:f5:ce:b3:de:ed:1c:aa:32:76:52:2d:3b:ef:1f:7a:b4:59: ea:5b:d1:ca:1c:d2:0a:00:7f:0f:12:33:17:bf:95:07:6c:46: 7b:62:91:c8:90:d4:57:29:b5:2d:c5:ab:4f:18:5b:c8:8d:51: 68:dd:c0:2c:33:84:4e:14:28:ec:56:a3:dd:97:51:0b:a0:2e: 32:29:68:4d:fe:70:70:29:68:5d:9c:66:95:2f:fb:be:0f:f9: bc:96:74:54:8c:fc:a4:c2:42:d4:e6:61:e8:98:92:65:6f:5a: ca:9d:9b:a0:16:6d:2d:26:40:ee:8e:a7:f3:f1:34:0e:34:0a: cb:0a:5b:4b:23:b2:97:e9:60:aa:d8:4e:b7:5f:bc:c9:0f:85: 79:d4:5f:12:fc:c1:03:6e:ef:42:93:77:62:2f:13:c3:b4:12: 53:8f:9a:b7 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICF1UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjE5 MUFBQ0RDRTU2MEE3NEQ4M0MwNURBOEVBOTMyN0FGOTQ0REJCRDAeFw0yNTA5MTMw MzA0MjNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDJEODk0OEMxQTZDOEY3 MkQ1QTUyNkQ2MjRCQUZERDc5MjQ4Rjc1MEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2LD8eSgXPq8pycDxpmQ4V7rrjB4iJiiNw7rSlidjPWuLmFHYA YggsPdqpbRh/2GEMFFzolN4tPj1mzJAGy79zpUzK00P/+8eqdfe7nvroe+pTy3yu 5kk2h4Ipw1pvtuMo/KYuLk7kVCduaD/5GBsHZINWjYa3xklHw1ixiFXVpjj3yctc cE939KIqrZirWc0CTCMh23JeQfsX1+Vts+T6s7YZ1u7YXWMVeAlkvbZBV/dfDsQe TYxe12fmVyD+PGbIxNcPAdFJFb8C2cniLkVVBxbSJtH99pzIQupXEav12viTOCfx odKPbiHQWNilVTpEnZpn5MhfT8TMm3aealdHAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQULYlIwabI9y1aUm1iS6/deSSPdQ4wHwYDVR0jBBgwFoAUYZGqzc5WCnTYPAXa jqkyevlE270wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIw MC9ZWkdxemM1V0NuVFlQQVhhanFreWV2bEUyNzAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1laR3F6YzVXQ25UWVBBWGFqcWt5ZXZsRTI3MC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMDAvTFlsSXdhYkk5eTFh VW0xaVM2X2RlU1NQZFE0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQA68AwDQYJKoZIhvcNAQELBQADggEBALxGDylmNoECZ9LT3zE1R7e9UmJP Sz1GLs4jAVyM83QyqTaI82i08AEfnPQfVEV5Xgqb16ooCB6xVM3tcp7DXL41M3wp AO+kViHRheQb3T9y9v91scNAg/DmnDP1zrPe7RyqMnZSLTvvH3q0Wepb0coc0goA fw8SMxe/lQdsRntikciQ1FcptS3Fq08YW8iNUWjdwCwzhE4UKOxWo92XUQugLjIp aE3+cHApaF2cZpUv+74P+byWdFSM/KTCQtTmYeiYkmVvWsqdm6AWbS0mQO6Op/Px NA40CssKW0sjspfpYKrYTrdfvMkPhXnUXxL8wQNu70KTd2IvE8O0ElOPmrc= -----END CERTIFICATE-----Generated at Mon Oct 20 16:29:21 2025 by rpki-client