$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/KYvTUUL2Xs79bmvvkVQHz5Yy3kE.roa File: KYvTUUL2Xs79bmvvkVQHz5Yy3kE.roa (raw, json) Hash identifier: T9rzI3+S88eWnmwTDwFtPJ6WWpJ9uUiLanjXAsSaRxg= Subject key identifier: 29:8B:D3:51:42:F6:5E:CE:FD:6E:6B:EF:91:54:07:CF:96:32:DE:41 Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 46 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/KYvTUUL2Xs79bmvvkVQHz5Yy3kE.roa Signing time: Fri 22 Aug 2025 06:30:24 +0000 ROA not before: Fri 22 Aug 2025 06:30:24 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 138457 IP address blocks: 2402:7d80:8888::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70 (0x46) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:30:24 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=298BD35142F65ECEFD6E6BEF915407CF9632DE41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:b4:bf:41:e2:fa:f1:69:62:57:d4:10:ef:b5: da:e0:29:2a:cb:67:4b:c8:d3:6f:c5:65:76:29:f9: f9:7f:65:42:8c:b3:30:b9:81:7a:06:a4:8e:aa:00: 52:3c:c5:16:60:1c:f6:31:32:56:a4:20:ed:bf:a7: 7e:80:09:b3:5a:36:ab:fc:97:96:3f:be:ce:5a:b1: 08:1e:3a:1f:26:e1:12:3a:8e:62:ff:3a:6b:31:cc: ff:8f:3b:42:16:f0:a4:2e:00:32:7d:28:e9:eb:7a: af:b8:43:5e:bd:e7:10:2b:d7:c1:7f:43:c3:64:24: f9:2f:7b:6f:72:12:6c:cb:c9:83:1d:bc:71:4a:2f: 0e:43:52:0d:0f:1f:d9:09:81:43:60:dc:40:c7:63: d9:72:23:ae:f8:90:3a:71:2b:0b:b0:18:68:a6:0d: ea:72:70:3e:b7:35:10:db:98:5b:3f:35:d8:78:f7: 6c:29:81:4c:e9:17:d1:5b:4c:de:41:45:33:42:ff: 43:f1:73:77:d3:22:2e:db:24:5e:7f:42:a5:ad:70: 43:57:d9:98:18:31:f3:77:e1:b8:ef:ce:1d:5b:bd: f1:58:3b:eb:00:df:4d:87:50:45:63:21:0f:ea:0d: 7b:87:d5:3e:7f:44:01:38:53:65:67:dc:5c:1b:53: 12:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:8B:D3:51:42:F6:5E:CE:FD:6E:6B:EF:91:54:07:CF:96:32:DE:41 X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/KYvTUUL2Xs79bmvvkVQHz5Yy3kE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:7d80:8888::/48 Signature Algorithm: sha256WithRSAEncryption 3b:46:e2:91:a5:78:1e:04:d3:be:62:00:20:eb:c1:38:23:4a: 3f:a9:80:0b:44:88:c1:a9:92:28:6a:7e:16:fc:2a:cc:bc:7a: 17:32:cd:55:52:be:d5:2b:ea:f4:fe:8e:7a:71:00:69:ec:a0: f5:90:bc:bf:29:90:95:0b:0d:21:30:89:8d:13:03:8f:cd:60: 06:ce:1e:c3:c4:1e:ca:4c:43:98:e5:d1:fd:a0:40:26:19:8c: 55:68:b2:46:ab:05:69:a2:d7:d9:d7:ac:57:bb:14:c1:1b:54: 7e:55:23:2a:4a:aa:10:5f:b0:4f:ee:de:56:c6:f8:5a:8c:1b: ef:09:08:b9:8e:80:d8:dd:16:4a:42:e6:ed:e1:60:d2:b4:5e: c9:69:40:a8:e9:63:cb:05:92:34:2e:86:11:1a:25:1b:8f:40: 8d:21:91:30:1a:d2:b2:d1:c1:5e:fa:66:57:9a:0e:9b:22:10: 8d:36:34:10:eb:9a:77:c4:71:f7:70:d1:c0:2d:92:dd:c3:50: 25:df:89:31:4e:c9:b3:a1:c1:91:a4:aa:7b:7d:84:01:bd:7b: cc:f5:50:67:c1:7c:ec:7c:2c:15:07:68:52:42:98:fb:cd:1f: 91:f4:27:fb:6f:4f:c1:43:05:ea:76:02:ff:2e:dc:c6:98:35: 5a:3b:4f:8b -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIBRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MzAyNFoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoMjk4QkQzNTE0MkY2NUVD RUZENkU2QkVGOTE1NDA3Q0Y5NjMyREU0MTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANy0v0Hi+vFpYlfUEO+12uApKstnS8jTb8Vldin5+X9lQoyzMLmB egakjqoAUjzFFmAc9jEyVqQg7b+nfoAJs1o2q/yXlj++zlqxCB46HybhEjqOYv86 azHM/487QhbwpC4AMn0o6et6r7hDXr3nECvXwX9Dw2Qk+S97b3ISbMvJgx28cUov DkNSDQ8f2QmBQ2DcQMdj2XIjrviQOnErC7AYaKYN6nJwPrc1ENuYWz812Hj3bCmB TOkX0VtM3kFFM0L/Q/Fzd9MiLtskXn9Cpa1wQ1fZmBgx83fhuO/OHVu98Vg76wDf TYdQRWMhD+oNe4fVPn9EAThTZWfcXBtTEqUCAwEAAaOCAfYwggHyMB0GA1UdDgQW BBQpi9NRQvZezv1ua++RVAfPljLeQTAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi9LWXZUVVVMMlhzNzli bXZ2a1ZRSHo1WXkza0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAJAJ9gIiIMA0GCSqGSIb3DQEBCwUAA4IBAQA7RuKRpXgeBNO+YgAg68E4I0o/ qYALRIjBqZIoan4W/CrMvHoXMs1VUr7VK+r0/o56cQBp7KD1kLy/KZCVCw0hMImN EwOPzWAGzh7DxB7KTEOY5dH9oEAmGYxVaLJGqwVpotfZ16xXuxTBG1R+VSMqSqoQ X7BP7t5WxvhajBvvCQi5joDY3RZKQubt4WDStF7JaUCo6WPLBZI0LoYRGiUbj0CN IZEwGtKy0cFe+mZXmg6bIhCNNjQQ65p3xHH3cNHALZLdw1Al34kxTsmzocGRpKp7 fYQBvXvM9VBnwXzsfCwVB2hSQpj7zR+R9Cf7b0/BQwXqdgL/LtzGmDVaO0+L -----END CERTIFICATE-----Generated at Sun Aug 24 02:42:23 2025 by rpki-client