$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/S8a9hAKC_C1SAlEpSVq-6l6uZVQ.roa File: S8a9hAKC_C1SAlEpSVq-6l6uZVQ.roa (raw, json) Hash identifier: GfMexP26984dkstlUAK60JA2gV/oiWzcGzF1Wjm/2H4= Subject key identifier: 4B:C6:BD:84:02:82:FC:2D:52:02:51:29:49:5A:BE:EA:5E:AE:65:54 Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 3E Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/S8a9hAKC_C1SAlEpSVq-6l6uZVQ.roa Signing time: Fri 22 Aug 2025 06:30:21 +0000 ROA not before: Fri 22 Aug 2025 06:30:21 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 63582 IP address blocks: 2402:7d80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62 (0x3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:30:21 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=4BC6BD840282FC2D52025129495ABEEA5EAE6554 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:e8:c7:e8:07:57:2f:7e:e2:50:6f:5f:bd:db: 8c:d4:58:92:c6:db:ed:91:84:dc:ba:8a:53:b9:2a: 3b:88:21:f0:1c:fe:92:27:e8:ab:95:f1:1f:f1:03: ab:b7:91:4e:39:c8:31:b7:fc:e2:2f:99:38:a0:5e: bf:22:52:3a:d5:ca:e1:9b:b7:95:5e:88:85:60:98: d5:62:f1:34:77:7e:8c:f1:49:3d:cc:1f:d4:d4:92: be:86:63:92:11:98:35:f9:76:30:c0:87:8a:3f:39: ba:61:23:c2:60:d7:05:b9:8f:c3:af:f3:27:3c:61: 53:c8:3d:24:f5:1d:81:2c:01:d7:63:a4:41:2e:36: 8b:b5:d4:e7:f8:f0:7a:c7:62:12:73:e5:41:f3:66: 18:db:43:ae:b4:eb:a9:02:f1:00:df:06:25:e3:1f: e7:93:05:d3:40:af:76:d5:ea:44:2a:a7:b2:c5:15: fc:9c:01:8d:07:24:a0:8a:2e:a6:87:bb:e5:89:dc: ff:02:ca:24:57:c2:e0:1a:be:37:d8:92:09:ba:f8: 9d:20:49:19:a9:a6:fc:13:f1:15:7e:52:fb:c6:f5: e8:bb:d9:85:c5:3b:2f:fd:e2:83:13:d7:31:fc:2c: 9c:9e:d9:a6:b4:69:0d:cb:9f:e3:52:06:98:61:b6: 30:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:C6:BD:84:02:82:FC:2D:52:02:51:29:49:5A:BE:EA:5E:AE:65:54 X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/S8a9hAKC_C1SAlEpSVq-6l6uZVQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:7d80::/48 Signature Algorithm: sha256WithRSAEncryption 7a:90:91:27:53:ff:71:63:58:e2:a2:83:ed:72:b7:cb:f0:3c: 1b:31:fe:b3:43:ff:c9:e8:e2:fb:ef:06:4f:75:6a:bd:e8:f1: 3c:b4:c4:cd:3d:a3:8d:7c:42:f3:c1:07:80:f6:0b:2a:39:8a: fa:76:a3:71:56:c1:22:00:8a:17:b6:24:d1:9a:72:0b:87:d5: c7:2f:d0:e4:7d:c2:f9:14:f2:b6:9a:cf:06:4f:9c:0a:ac:6f: ac:2c:7b:57:f8:eb:26:20:45:d6:82:2a:8d:07:4f:73:b3:66: 58:ba:8f:36:1d:62:32:0a:5b:08:d2:6a:19:63:49:fb:5a:1e: 65:10:5f:4e:bd:67:2e:9a:10:80:5e:24:89:02:7a:0f:1b:ae: dc:57:98:33:3b:bf:de:07:29:5e:61:ec:bb:c4:c9:3c:16:12: ab:fc:1c:1a:b6:c7:50:52:74:42:5e:7a:97:84:27:7b:7c:3c: 14:d0:6d:08:76:45:f4:cf:6f:8a:ee:fb:53:89:fb:7a:e2:50: 1a:94:8f:fe:ac:dd:2c:5e:c0:6c:8a:f3:b8:a9:8f:08:a2:a2: 65:87:64:36:01:4f:4e:e9:29:63:eb:62:a0:9c:e6:7c:02:90: 78:19:83:af:34:f5:e6:2f:d1:ac:f7:03:e8:63:fd:00:d8:10: fb:ef:c5:a8 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIBPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MzAyMVoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoNEJDNkJEODQwMjgyRkMy RDUyMDI1MTI5NDk1QUJFRUE1RUFFNjU1NDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMDox+gHVy9+4lBvX73bjNRYksbb7ZGE3LqKU7kqO4gh8Bz+kifo q5XxH/EDq7eRTjnIMbf84i+ZOKBevyJSOtXK4Zu3lV6IhWCY1WLxNHd+jPFJPcwf 1NSSvoZjkhGYNfl2MMCHij85umEjwmDXBbmPw6/zJzxhU8g9JPUdgSwB12OkQS42 i7XU5/jwesdiEnPlQfNmGNtDrrTrqQLxAN8GJeMf55MF00CvdtXqRCqnssUV/JwB jQckoIoupoe75Ync/wLKJFfC4Bq+N9iSCbr4nSBJGamm/BPxFX5S+8b16LvZhcU7 L/3igxPXMfwsnJ7ZprRpDcuf41IGmGG2MCcCAwEAAaOCAfYwggHyMB0GA1UdDgQW BBRLxr2EAoL8LVICUSlJWr7qXq5lVDAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi9TOGE5aEFLQ19DMVNB bEVwU1ZxLTZsNnVaVlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAJAJ9gAAAMA0GCSqGSIb3DQEBCwUAA4IBAQB6kJEnU/9xY1jiooPtcrfL8Dwb Mf6zQ//J6OL77wZPdWq96PE8tMTNPaONfELzwQeA9gsqOYr6dqNxVsEiAIoXtiTR mnILh9XHL9DkfcL5FPK2ms8GT5wKrG+sLHtX+OsmIEXWgiqNB09zs2ZYuo82HWIy ClsI0moZY0n7Wh5lEF9OvWcumhCAXiSJAnoPG67cV5gzO7/eByleYey7xMk8FhKr /BwatsdQUnRCXnqXhCd7fDwU0G0IdkX0z2+K7vtTift64lAalI/+rN0sXsBsivO4 qY8IoqJlh2Q2AU9O6Slj62KgnOZ8ApB4GYOvNPXmL9Gs9wPoY/0A2BD778Wo -----END CERTIFICATE-----Generated at Sun Aug 24 02:42:59 2025 by rpki-client