$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/nfwyTJJneKP8yrvlcfkoqAhhAVY.roa File: nfwyTJJneKP8yrvlcfkoqAhhAVY.roa (raw, json) Hash identifier: gsQwZbRmvM14lgnxXzz8ujWTdk7S6aeaP7Y91vxAh7E= Subject key identifier: 9D:FC:32:4C:92:67:78:A3:FC:CA:BB:E5:71:F9:28:A8:08:61:01:56 Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 4A Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/nfwyTJJneKP8yrvlcfkoqAhhAVY.roa Signing time: Fri 22 Aug 2025 06:35:05 +0000 ROA not before: Fri 22 Aug 2025 06:35:05 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 63582 IP address blocks: 2402:7d80:fffe::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74 (0x4a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:35:05 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=9DFC324C926778A3FCCABBE571F928A808610156 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:a4:fe:b8:0d:1c:36:2b:a7:01:a7:45:03:76: 10:a3:ff:a7:ab:36:0a:4f:36:dd:15:1d:c5:17:3d: 45:36:b5:94:5c:fd:21:5f:52:b3:0c:a1:86:3e:04: 10:c9:68:eb:91:d3:10:a1:56:f3:2b:5e:0e:15:5e: 00:4e:7b:1d:1a:d2:2c:2c:5a:20:db:2a:c8:93:c8: 9d:bf:bc:86:38:9d:7f:2d:ea:8e:78:c7:5b:88:38: 36:52:64:d8:6f:3f:b5:3f:34:79:86:97:93:62:e2: 7d:07:d7:6a:81:ba:58:02:88:c4:0f:fe:c9:d5:c7: 65:b7:32:31:b2:fa:56:87:2b:a4:42:1b:8c:94:8b: f3:89:df:b1:bb:02:52:c0:0d:26:62:7d:be:9b:2c: 26:4b:14:ff:c3:b2:9e:e1:d1:27:34:c6:94:73:87: e8:cb:b3:ec:47:dd:7d:9b:43:f3:dd:31:be:0b:3b: c1:17:4f:04:9d:d5:68:a4:1f:6a:85:45:49:50:27: a7:c1:ee:8d:91:35:bb:27:55:dd:a8:5f:4f:85:31: da:27:83:b2:f3:c6:1f:31:93:d9:48:4c:ce:5d:dd: 3b:de:f5:d3:89:fb:0a:7f:2a:1d:2d:f7:27:57:6b: 66:b3:9d:1c:cc:7c:b1:a7:88:d8:26:d2:cd:c8:9c: 74:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:FC:32:4C:92:67:78:A3:FC:CA:BB:E5:71:F9:28:A8:08:61:01:56 X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/nfwyTJJneKP8yrvlcfkoqAhhAVY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:7d80:fffe::/48 Signature Algorithm: sha256WithRSAEncryption 47:de:cb:99:3c:29:2f:bf:0b:dc:bb:ed:b2:3b:36:05:52:9c: 58:47:36:2e:c1:21:7c:3a:d7:7a:79:3a:43:b2:a1:92:5d:26: 35:b7:de:32:13:a4:eb:e6:af:3e:c0:cb:08:a2:3b:ec:40:04: 57:c7:3f:6e:dc:09:97:42:c1:be:e5:fe:78:c8:5d:84:5d:9a: 11:98:90:b8:47:fb:a7:a5:a1:6b:9a:e2:8a:4b:de:c6:90:45: 1d:bb:a5:ec:b3:99:ab:14:1b:8f:6f:c8:1f:d4:67:ff:68:b2: 07:60:cd:0c:3a:16:27:14:3d:67:c8:04:6d:87:77:13:ef:8d: 19:55:e0:83:b5:c0:9a:3d:b6:ef:ab:9b:81:d5:0f:51:fb:9a: 02:71:1c:68:1b:e4:aa:d0:87:61:b9:00:2b:2e:ec:19:86:8a: d9:58:19:ef:22:12:a8:ca:09:7f:e5:e9:50:69:be:13:5b:70: 6b:9b:68:d6:a8:4f:f4:54:57:c4:2e:c1:c8:a5:fc:dd:ba:d3: 12:a9:34:b7:17:03:67:cd:77:43:26:05:0d:df:2c:99:4a:98: 1e:da:03:69:0b:4b:e0:9a:ad:0a:2a:a7:1e:b9:8c:90:f9:67: fd:a4:f0:ea:84:e7:51:27:26:31:13:4b:7b:30:5f:ce:3a:0a: 91:4f:ba:62 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIBSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MzUwNVoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoOURGQzMyNEM5MjY3NzhB M0ZDQ0FCQkU1NzFGOTI4QTgwODYxMDE1NjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALak/rgNHDYrpwGnRQN2EKP/p6s2Ck823RUdxRc9RTa1lFz9IV9S swyhhj4EEMlo65HTEKFW8yteDhVeAE57HRrSLCxaINsqyJPInb+8hjidfy3qjnjH W4g4NlJk2G8/tT80eYaXk2LifQfXaoG6WAKIxA/+ydXHZbcyMbL6VocrpEIbjJSL 84nfsbsCUsANJmJ9vpssJksU/8OynuHRJzTGlHOH6Muz7EfdfZtD890xvgs7wRdP BJ3VaKQfaoVFSVAnp8HujZE1uydV3ahfT4Ux2ieDsvPGHzGT2UhMzl3dO97104n7 Cn8qHS33J1drZrOdHMx8saeI2CbSzcicdAcCAwEAAaOCAfYwggHyMB0GA1UdDgQW BBSd/DJMkmd4o/zKu+Vx+SioCGEBVjAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi9uZnd5VEpKbmVLUDh5 cnZsY2Zrb3FBaGhBVlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAJAJ9gP/+MA0GCSqGSIb3DQEBCwUAA4IBAQBH3suZPCkvvwvcu+2yOzYFUpxY RzYuwSF8Otd6eTpDsqGSXSY1t94yE6Tr5q8+wMsIojvsQARXxz9u3AmXQsG+5f54 yF2EXZoRmJC4R/unpaFrmuKKS97GkEUdu6Xss5mrFBuPb8gf1Gf/aLIHYM0MOhYn FD1nyARth3cT740ZVeCDtcCaPbbvq5uB1Q9R+5oCcRxoG+Sq0IdhuQArLuwZhorZ WBnvIhKoygl/5elQab4TW3Brm2jWqE/0VFfELsHIpfzdutMSqTS3FwNnzXdDJgUN 3yyZSpge2gNpC0vgmq0KKqceuYyQ+Wf9pPDqhOdRJyYxE0t7MF/OOgqRT7pi -----END CERTIFICATE-----Generated at Sun Aug 24 02:41:28 2025 by rpki-client