$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/0af7aekU7gt6uN-s6zaIkFe9jN0.roa File: 0af7aekU7gt6uN-s6zaIkFe9jN0.roa (raw, json) Hash identifier: V35QL3YArsv2drC4n8hgtHfe99YvSVNv02orovnEu7w= Subject key identifier: D1:A7:FB:69:E9:14:EE:0B:7A:B8:DF:AC:EB:36:88:90:57:BD:8C:DD Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 3A Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/0af7aekU7gt6uN-s6zaIkFe9jN0.roa Signing time: Fri 22 Aug 2025 06:30:20 +0000 ROA not before: Fri 22 Aug 2025 06:30:20 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 139137 IP address blocks: 2402:7d80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58 (0x3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:30:20 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=D1A7FB69E914EE0B7AB8DFACEB36889057BD8CDD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:61:65:44:d0:d4:a9:a1:09:25:c4:73:0c:41: 24:f4:b7:7e:25:b8:7a:0c:b2:99:e6:e3:86:69:ba: 38:90:b7:a6:62:f9:7d:fc:c9:d5:26:05:5e:00:a2: da:2d:50:81:13:36:eb:94:d9:74:2c:9e:12:3c:7d: 05:fd:4d:ef:97:fd:49:da:8c:a8:46:49:ee:10:db: 6b:42:bb:2a:18:fe:9b:a2:76:d7:8b:b3:44:44:9e: 02:58:ae:c0:ee:3f:49:85:b9:ff:11:cf:9f:59:48: 28:25:0d:53:85:1f:15:fc:20:b4:28:a5:b4:f4:55: 83:df:82:8b:9a:a3:36:b5:32:86:2f:01:be:56:13: 13:a1:19:fc:0b:73:01:4d:23:f0:2b:b8:bc:34:c2: b2:90:c7:fe:b7:e2:81:a5:88:57:ed:6e:8e:bc:a4: 90:c6:a0:ef:c2:59:06:03:16:dd:d7:18:ca:5c:48: 73:57:4b:79:ad:71:1f:9c:c1:9f:0d:00:10:d7:85: f4:5a:63:73:d1:4d:0d:26:f3:97:7a:41:75:a5:1a: 24:10:a7:bd:df:f5:a1:61:bb:d5:5f:fe:4e:55:fc: 87:7e:6c:cc:fb:85:9b:4c:4d:02:83:ad:6f:34:7f: 3d:d0:5b:0f:94:f8:6b:1b:1a:5f:c6:c4:1d:0c:18: 1c:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:A7:FB:69:E9:14:EE:0B:7A:B8:DF:AC:EB:36:88:90:57:BD:8C:DD X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/0af7aekU7gt6uN-s6zaIkFe9jN0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:7d80::/48 Signature Algorithm: sha256WithRSAEncryption 83:ef:b7:fb:a3:36:d0:81:6b:99:84:bc:0c:68:c9:84:6b:aa: 35:7a:69:17:06:92:55:07:a9:5c:05:ee:c8:bf:e8:53:75:1a: a3:10:fe:9b:2a:af:b8:8f:bc:b7:c4:05:1c:b1:7b:7f:fd:7f: b4:d3:72:7b:73:e4:4c:52:55:76:f0:cf:80:75:b5:ef:c9:ef: af:90:4d:39:a8:3c:45:e6:ac:b1:86:b5:8f:43:35:eb:1d:03: ff:66:a4:00:dd:5c:c1:28:8a:a0:59:4c:d8:71:f1:8b:b5:89: 30:92:34:96:79:ea:a6:6e:4f:a9:df:f9:b4:df:4f:4e:af:45: a8:c8:9d:01:2e:e3:94:6c:d2:18:f1:ae:67:9a:03:81:31:6c: 89:1e:b8:62:a3:9b:5f:a7:19:c4:d3:99:db:ca:dc:c4:13:15: 06:29:d8:1c:c2:12:e6:35:b6:26:60:23:a4:62:f3:01:eb:29: fa:79:72:df:6c:e9:83:12:5c:de:36:60:70:14:96:91:4b:de: fa:7d:53:b3:b5:2b:34:7c:e2:fb:1d:49:bb:f6:3c:49:cf:22: 55:5b:a9:d5:62:ab:dc:93:9b:24:ca:55:24:0d:5b:ea:bd:0b: b8:8a:df:3c:96:7a:29:5b:60:df:c5:59:5a:05:99:ad:47:3b: 47:9f:89:2a -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIBOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MzAyMFoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoRDFBN0ZCNjlFOTE0RUUw QjdBQjhERkFDRUIzNjg4OTA1N0JEOENERDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANFhZUTQ1KmhCSXEcwxBJPS3fiW4egyymebjhmm6OJC3pmL5ffzJ 1SYFXgCi2i1QgRM265TZdCyeEjx9Bf1N75f9SdqMqEZJ7hDba0K7Khj+m6J214uz RESeAliuwO4/SYW5/xHPn1lIKCUNU4UfFfwgtCiltPRVg9+Ci5qjNrUyhi8BvlYT E6EZ/AtzAU0j8Cu4vDTCspDH/rfigaWIV+1ujrykkMag78JZBgMW3dcYylxIc1dL ea1xH5zBnw0AENeF9Fpjc9FNDSbzl3pBdaUaJBCnvd/1oWG71V/+TlX8h35szPuF m0xNAoOtbzR/PdBbD5T4axsaX8bEHQwYHH8CAwEAAaOCAfYwggHyMB0GA1UdDgQW BBTRp/tp6RTuC3q436zrNoiQV72M3TAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi8wYWY3YWVrVTdndDZ1 Ti1zNnphSWtGZTlqTjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAJAJ9gAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCD77f7ozbQgWuZhLwMaMmEa6o1 emkXBpJVB6lcBe7Iv+hTdRqjEP6bKq+4j7y3xAUcsXt//X+003J7c+RMUlV28M+A dbXvye+vkE05qDxF5qyxhrWPQzXrHQP/ZqQA3VzBKIqgWUzYcfGLtYkwkjSWeeqm bk+p3/m0309Or0WoyJ0BLuOUbNIY8a5nmgOBMWyJHrhio5tfpxnE05nbytzEExUG KdgcwhLmNbYmYCOkYvMB6yn6eXLfbOmDElzeNmBwFJaRS976fVOztSs0fOL7HUm7 9jxJzyJVW6nVYqvck5skylUkDVvqvQu4it88lnopW2DfxVlaBZmtRztHn4kq -----END CERTIFICATE-----Generated at Sun Aug 24 02:42:49 2025 by rpki-client