$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/k1ZUWGGLuUErYAs6HaX5l6zhy5o.roa File: k1ZUWGGLuUErYAs6HaX5l6zhy5o.roa (raw, json) Hash identifier: eRes3sDx/dl7ffyJgwY+RtVafyZI4wJo+5pFEoLDg0c= Subject key identifier: 93:56:54:58:61:8B:B9:41:2B:60:0B:3A:1D:A5:F9:97:AC:E1:CB:9A Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 49 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/k1ZUWGGLuUErYAs6HaX5l6zhy5o.roa Signing time: Fri 22 Aug 2025 06:35:05 +0000 ROA not before: Fri 22 Aug 2025 06:35:05 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 139137 IP address blocks: 2402:7d80:fffe::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73 (0x49) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:35:05 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=93565458618BB9412B600B3A1DA5F997ACE1CB9A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:25:c3:ba:d4:f2:52:37:30:92:44:c5:5d:e4: b3:4f:05:3e:9a:94:aa:79:da:f2:a3:34:79:1f:c8: a9:18:b4:74:19:bf:ce:48:90:5d:8f:61:15:4f:b5: c0:21:04:11:1b:03:88:e5:41:bf:6b:22:9e:48:44: 14:3a:fd:85:81:bb:a3:03:d6:f5:1e:ec:57:16:0a: 98:1a:48:9d:da:55:b9:60:5e:05:54:e6:1c:0d:e4: 16:13:1e:03:dd:6c:7a:b6:1a:5a:a9:88:86:e9:ac: 43:55:aa:61:74:68:04:11:ac:8e:dc:00:db:f3:bc: 00:e7:a7:b5:89:03:fd:da:86:7c:fa:75:69:f6:d3: d1:99:7b:a9:d3:f7:9f:92:da:20:01:8a:aa:f0:7e: 6d:46:f7:bf:30:0f:cf:2b:21:af:7e:ee:ca:23:92: b4:17:ed:93:6a:d5:a5:75:66:e3:c2:bb:0f:69:96: dc:92:16:11:83:14:9f:15:aa:bc:9e:cb:34:ad:46: 40:68:1d:47:85:9b:35:93:1b:2f:5d:23:4b:4a:f5: 14:83:32:cc:60:4b:ac:c0:d6:9a:1e:41:fc:b2:92: 14:0b:d6:f6:10:74:6a:b7:21:2b:7d:12:eb:f5:80: 5e:71:a5:95:86:e2:1b:74:60:d5:6f:2d:82:3f:99: fe:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:56:54:58:61:8B:B9:41:2B:60:0B:3A:1D:A5:F9:97:AC:E1:CB:9A X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/k1ZUWGGLuUErYAs6HaX5l6zhy5o.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:7d80:fffe::/48 Signature Algorithm: sha256WithRSAEncryption 20:25:8f:b1:1a:ba:b9:01:af:5d:89:49:de:aa:da:60:50:3f: 2d:40:12:37:48:3e:80:3c:4a:46:69:4d:db:1f:9f:92:41:10: b2:67:15:ab:fa:45:ba:86:9d:ff:d3:22:99:4f:5c:ae:ca:03: f9:30:7f:8a:d1:10:ea:f0:4d:0c:b5:b6:5d:7b:2d:e8:cd:b6: ff:bb:4c:98:10:82:63:66:d0:66:0c:f2:a2:f5:51:e1:23:3a: b2:ae:83:b9:a5:5c:6d:49:6d:f5:53:5b:d3:de:a0:a7:42:db: 68:a0:5d:78:b5:ed:95:a6:db:0e:f8:89:8c:43:73:4c:88:f9: 16:c5:f1:95:63:fb:fa:b5:22:ff:a9:17:54:7f:4c:7a:b2:8e: a4:e2:67:21:87:68:ae:f7:d1:7b:bc:f2:39:fa:93:eb:e0:4e: 14:9e:e4:7e:c8:95:1d:9c:61:e6:5d:b4:82:4a:3b:ee:20:e8: 74:d1:c9:32:c8:e0:99:6f:39:18:3a:60:ba:15:31:b5:97:3d: cc:c1:a8:56:22:2d:81:67:5e:71:d9:8e:ee:9e:f8:7c:23:78: ab:d5:aa:c1:bb:aa:af:c1:08:02:71:1e:97:16:76:c9:23:30: 37:fc:fd:da:77:64:55:ab:ed:0b:34:4c:4e:a3:8e:02:47:61: da:e4:76:71 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIBSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MzUwNVoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoOTM1NjU0NTg2MThCQjk0 MTJCNjAwQjNBMURBNUY5OTdBQ0UxQ0I5QTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMIlw7rU8lI3MJJExV3ks08FPpqUqnna8qM0eR/IqRi0dBm/zkiQ XY9hFU+1wCEEERsDiOVBv2sinkhEFDr9hYG7owPW9R7sVxYKmBpIndpVuWBeBVTm HA3kFhMeA91serYaWqmIhumsQ1WqYXRoBBGsjtwA2/O8AOentYkD/dqGfPp1afbT 0Zl7qdP3n5LaIAGKqvB+bUb3vzAPzyshr37uyiOStBftk2rVpXVm48K7D2mW3JIW EYMUnxWqvJ7LNK1GQGgdR4WbNZMbL10jS0r1FIMyzGBLrMDWmh5B/LKSFAvW9hB0 archK30S6/WAXnGllYbiG3Rg1W8tgj+Z/vMCAwEAAaOCAfYwggHyMB0GA1UdDgQW BBSTVlRYYYu5QStgCzodpfmXrOHLmjAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi9rMVpVV0dHTHVVRXJZ QXM2SGFYNWw2emh5NW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAJAJ9gP/+MA0GCSqGSIb3DQEBCwUAA4IBAQAgJY+xGrq5Aa9diUneqtpgUD8t QBI3SD6APEpGaU3bH5+SQRCyZxWr+kW6hp3/0yKZT1yuygP5MH+K0RDq8E0MtbZd ey3ozbb/u0yYEIJjZtBmDPKi9VHhIzqyroO5pVxtSW31U1vT3qCnQttooF14te2V ptsO+ImMQ3NMiPkWxfGVY/v6tSL/qRdUf0x6so6k4mchh2iu99F7vPI5+pPr4E4U nuR+yJUdnGHmXbSCSjvuIOh00ckyyOCZbzkYOmC6FTG1lz3MwahWIi2BZ15x2Y7u nvh8I3ir1arBu6qvwQgCcR6XFnbJIzA3/P3ad2RVq+0LNExOo44CR2Ha5HZx -----END CERTIFICATE-----Generated at Sun Aug 24 02:32:49 2025 by rpki-client