$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/Iw7sD3xzXPWftmeL46s3sTrkFqE.roa File: Iw7sD3xzXPWftmeL46s3sTrkFqE.roa (raw, json) Hash identifier: SppF00wtPjwNeP/6aGb6k18kLA12GGwx14saGhDKVqg= Subject key identifier: 23:0E:EC:0F:7C:73:5C:F5:9F:B6:67:8B:E3:AB:37:B1:3A:E4:16:A1 Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: B4 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/Iw7sD3xzXPWftmeL46s3sTrkFqE.roa Signing time: Thu 11 Sep 2025 05:58:04 +0000 ROA not before: Thu 11 Sep 2025 05:58:04 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 8075 IP address blocks: 2402:7d80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Oct 2025 23:36:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 180 (0xb4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Sep 11 05:58:04 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=230EEC0F7C735CF59FB6678BE3AB37B13AE416A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:b4:dc:e9:b3:d8:cf:c9:5c:a0:13:c5:b8:14: ea:89:d4:2e:c6:55:2d:f7:32:3c:8f:5b:c2:ef:56: 3e:38:7d:ce:d3:4a:67:0e:c0:dc:0d:d2:05:61:75: 43:f3:54:10:41:2b:59:b5:2f:f1:22:12:f2:b2:b6: 54:1b:06:04:13:1b:af:dc:98:8e:a4:02:35:2a:e9: c9:6e:77:c5:a8:80:c8:55:d1:02:fa:13:4e:eb:e9: e2:5b:9b:80:df:fb:f0:c8:9a:3d:c0:7f:6d:e7:9c: 66:83:5d:a1:02:96:88:4c:72:9d:1c:19:6f:61:3d: 69:e8:cd:95:ab:78:91:98:4c:6e:79:85:d0:e0:75: cb:09:50:87:d4:68:e4:eb:17:a6:13:95:1c:48:2d: 93:4d:c4:ef:38:73:c3:20:1a:49:f1:42:7f:9c:17: 7b:95:96:07:bc:1b:68:2e:74:87:14:51:82:79:63: 6d:ed:db:0e:68:09:26:b7:56:33:47:b8:dd:48:4c: 41:e9:3e:34:54:c5:2b:bf:34:29:76:08:ef:42:48: 38:0d:ad:a5:51:57:5f:6f:64:99:ce:ac:a7:78:46: 52:ef:54:b6:57:30:4c:35:a8:62:64:4b:01:35:51: 2a:a3:27:c4:da:7a:97:11:99:4d:67:e8:7f:87:de: e5:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:0E:EC:0F:7C:73:5C:F5:9F:B6:67:8B:E3:AB:37:B1:3A:E4:16:A1 X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/Iw7sD3xzXPWftmeL46s3sTrkFqE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:7d80::/48 Signature Algorithm: sha256WithRSAEncryption 89:99:7d:22:94:06:0b:da:83:8d:45:9f:7b:ba:bd:45:0b:1a: 3d:23:cc:c5:41:78:69:18:22:05:3c:31:82:20:96:fa:3a:f1: fe:c0:eb:9e:43:c1:87:7f:ca:6d:50:40:96:ec:30:16:ef:2a: 82:6e:d7:cd:b3:b7:57:14:7b:51:60:38:6e:f6:ed:1f:3e:c3: 89:33:b8:7f:25:5e:e3:dc:17:b2:f0:77:4f:aa:91:cf:bc:0a: 33:93:ea:45:3f:55:80:33:e2:c9:56:3a:64:9a:72:5a:06:84: 69:95:d1:da:4c:f6:f9:25:8e:be:01:e5:53:11:d7:20:0d:84: 98:27:03:1a:e3:12:61:ec:30:d7:70:b2:62:24:44:61:16:31: b7:65:5c:fb:03:e7:8f:9a:f3:30:5e:0c:89:9d:bc:63:bb:42: a4:39:5e:53:24:60:21:57:49:88:4b:88:9e:f5:b7:0b:58:cd: 90:c7:fe:3d:40:eb:63:d2:88:16:16:8a:58:86:d9:d6:c2:67: 69:b2:79:d6:3a:d8:b6:f7:9e:fa:34:40:d6:ec:96:48:f9:4b: 88:02:cc:5a:58:4d:4a:ed:4b:3c:34:46:02:bc:c2:2b:69:fb: 72:b7:59:b2:a6:ac:56:75:10:0a:61:12:2f:a8:0c:0f:14:66: dd:34:e8:9b -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICALQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjE5 ODlCNDA2OTAxQURGODgxMEI5RENEQzRFMEZDOUU3RTg1RUVCNDAeFw0yNTA5MTEw NTU4MDRaFw0yNjA4MjAwNzQ5MThaMDMxMTAvBgNVBAMTKDIzMEVFQzBGN0M3MzVD RjU5RkI2Njc4QkUzQUIzN0IxM0FFNDE2QTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDbtNzps9jPyVygE8W4FOqJ1C7GVS33MjyPW8LvVj44fc7TSmcO wNwN0gVhdUPzVBBBK1m1L/EiEvKytlQbBgQTG6/cmI6kAjUq6clud8WogMhV0QL6 E07r6eJbm4Df+/DImj3Af23nnGaDXaEClohMcp0cGW9hPWnozZWreJGYTG55hdDg dcsJUIfUaOTrF6YTlRxILZNNxO84c8MgGknxQn+cF3uVlge8G2gudIcUUYJ5Y23t 2w5oCSa3VjNHuN1ITEHpPjRUxSu/NCl2CO9CSDgNraVRV19vZJnOrKd4RlLvVLZX MEw1qGJkSwE1USqjJ8TaepcRmU1n6H+H3uWNAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUIw7sD3xzXPWftmeL46s3sTrkFqEwHwYDVR0jBBgwFoAU8ZibQGkBrfiBC53N xOD8nn6F7rQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIz Mi84WmliUUdrQnJmaUJDNTNOeE9EOG5uNkY3clEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMzIvSXc3c0QzeHpYUFdm dG1lTDQ2czNzVHJrRnFFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQCfYAAADANBgkqhkiG9w0BAQsFAAOCAQEAiZl9IpQGC9qDjUWfe7q9RQsa PSPMxUF4aRgiBTwxgiCW+jrx/sDrnkPBh3/KbVBAluwwFu8qgm7XzbO3VxR7UWA4 bvbtHz7DiTO4fyVe49wXsvB3T6qRz7wKM5PqRT9VgDPiyVY6ZJpyWgaEaZXR2kz2 +SWOvgHlUxHXIA2EmCcDGuMSYeww13CyYiREYRYxt2Vc+wPnj5rzMF4MiZ28Y7tC pDleUyRgIVdJiEuInvW3C1jNkMf+PUDrY9KIFhaKWIbZ1sJnabJ51jrYtvee+jRA 1uyWSPlLiALMWlhNSu1LPDRGArzCK2n7crdZsqasVnUQCmESL6gMDxRm3TTomw== -----END CERTIFICATE-----Generated at Sun Oct 19 20:20:26 2025 by rpki-client