$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/o6HuQJH5hpPAN1ln47Hlpx9rgYI.roa File: o6HuQJH5hpPAN1ln47Hlpx9rgYI.roa (raw, json) Hash identifier: lI3FubVDq0WT3iMf9E6HKfU90/xl9J+DMoyg8nru2KE= Subject key identifier: A3:A1:EE:40:91:F9:86:93:C0:37:59:67:E3:B1:E5:A7:1F:6B:81:82 Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: B3 Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/o6HuQJH5hpPAN1ln47Hlpx9rgYI.roa Signing time: Thu 11 Sep 2025 05:58:03 +0000 ROA not before: Thu 11 Sep 2025 05:58:03 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 8075 IP address blocks: 2402:7d80:8888::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Oct 2025 23:36:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 179 (0xb3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Sep 11 05:58:03 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=A3A1EE4091F98693C0375967E3B1E5A71F6B8182 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:47:4e:c6:35:86:c7:17:c0:af:09:d5:02:82: e3:a8:dc:26:be:77:12:25:f5:d7:6a:cf:a0:77:eb: 86:ac:8e:76:cb:f8:17:71:3b:e8:1f:e8:65:f0:6a: 6c:d7:fc:ba:3f:8c:bf:04:b5:f4:3a:0d:b7:93:62: e6:a3:74:df:04:89:37:e8:f7:ff:94:38:65:fe:14: 72:cd:63:b3:e3:72:4d:15:f3:74:6b:5e:4f:a0:9c: a4:ae:19:e3:98:06:06:74:87:f9:d6:30:54:66:94: bc:96:f8:21:27:9c:15:45:3f:38:74:83:1c:6c:aa: cd:21:7d:34:95:fa:67:36:85:f3:cb:2e:fe:51:e1: 84:98:79:80:c3:a7:14:df:47:31:0d:09:e8:1d:f8: 0c:1f:35:fd:a5:03:d4:4c:9d:12:aa:58:07:2c:05: 76:16:0c:1d:87:2b:43:51:97:2f:a6:37:75:af:6c: de:20:e9:d9:43:a6:6b:f6:b6:0e:44:71:a3:1a:b8: 6c:72:88:27:7f:40:26:f3:40:fe:cd:28:39:bf:cd: d2:d1:3f:1a:a0:42:59:e7:90:5e:e6:22:73:6c:4e: 8b:d6:dc:38:ba:c7:98:d1:00:bd:9a:c0:47:d5:05: ad:fd:a3:47:3b:ad:8f:36:eb:27:3b:da:ac:a0:b5: 3d:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:A1:EE:40:91:F9:86:93:C0:37:59:67:E3:B1:E5:A7:1F:6B:81:82 X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/o6HuQJH5hpPAN1ln47Hlpx9rgYI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:7d80:8888::/48 Signature Algorithm: sha256WithRSAEncryption 65:e0:a0:af:f1:2b:ef:e3:e3:20:59:a6:86:43:d9:83:6f:b1: 43:06:ad:17:4b:1c:f9:92:c6:84:20:0e:8a:28:5f:ec:cb:85: 80:13:51:4f:59:bf:29:32:cd:d7:77:a7:1f:94:cc:58:6f:51: 34:cb:ce:2b:80:d4:61:5d:ca:0c:30:99:46:5c:32:db:c6:cb: 3a:8a:47:bb:f7:54:ee:55:43:e0:fb:67:95:54:1c:7b:b8:0c: d3:34:72:9c:fb:68:24:49:71:db:53:9e:a6:71:d4:1e:77:0f: dd:c4:4a:59:8d:06:f9:3f:17:74:70:60:12:ac:1a:d2:a0:b7: 34:d8:19:92:dd:6a:01:63:4c:b6:a9:1b:bc:f7:11:9c:1e:f9: e2:dd:41:e0:ad:b4:a7:8d:29:e5:b5:f1:75:46:5e:9e:16:c4: b7:ec:c2:34:86:fd:69:28:52:27:74:28:94:b2:0c:26:88:e2: 6e:73:fc:58:f6:1d:a7:d6:d7:4c:44:34:ab:96:1f:c6:8e:0f: 91:b6:92:bf:1d:73:d3:24:ab:e7:9a:64:f7:1f:0c:84:d4:08: f5:d4:be:9c:ac:40:c2:c9:55:43:3b:03:01:eb:9f:0b:18:b2: 0d:f7:3a:62:12:21:b0:d8:84:34:97:98:4f:19:5a:60:84:83: 47:ea:d1:4a -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICALMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjE5 ODlCNDA2OTAxQURGODgxMEI5RENEQzRFMEZDOUU3RTg1RUVCNDAeFw0yNTA5MTEw NTU4MDNaFw0yNjA4MjAwNzQ5MThaMDMxMTAvBgNVBAMTKEEzQTFFRTQwOTFGOTg2 OTNDMDM3NTk2N0UzQjFFNUE3MUY2QjgxODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIR07GNYbHF8CvCdUCguOo3Ca+dxIl9ddqz6B364asjnbL+Bdx O+gf6GXwamzX/Lo/jL8EtfQ6DbeTYuajdN8EiTfo9/+UOGX+FHLNY7Pjck0V83Rr Xk+gnKSuGeOYBgZ0h/nWMFRmlLyW+CEnnBVFPzh0gxxsqs0hfTSV+mc2hfPLLv5R 4YSYeYDDpxTfRzENCegd+AwfNf2lA9RMnRKqWAcsBXYWDB2HK0NRly+mN3WvbN4g 6dlDpmv2tg5EcaMauGxyiCd/QCbzQP7NKDm/zdLRPxqgQlnnkF7mInNsTovW3Di6 x5jRAL2awEfVBa39o0c7rY826yc72qygtT3LAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUo6HuQJH5hpPAN1ln47Hlpx9rgYIwHwYDVR0jBBgwFoAU8ZibQGkBrfiBC53N xOD8nn6F7rQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIz Mi84WmliUUdrQnJmaUJDNTNOeE9EOG5uNkY3clEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMzIvbzZIdVFKSDVocFBB TjFsbjQ3SGxweDlyZ1lJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQCfYCIiDANBgkqhkiG9w0BAQsFAAOCAQEAZeCgr/Er7+PjIFmmhkPZg2+x QwatF0sc+ZLGhCAOiihf7MuFgBNRT1m/KTLN13enH5TMWG9RNMvOK4DUYV3KDDCZ Rlwy28bLOopHu/dU7lVD4PtnlVQce7gM0zRynPtoJElx21OepnHUHncP3cRKWY0G +T8XdHBgEqwa0qC3NNgZkt1qAWNMtqkbvPcRnB754t1B4K20p40p5bXxdUZenhbE t+zCNIb9aShSJ3QolLIMJojibnP8WPYdp9bXTEQ0q5Yfxo4PkbaSvx1z0ySr55pk 9x8MhNQI9dS+nKxAwslVQzsDAeufCxiyDfc6YhIhsNiENJeYTxlaYISDR+rRSg== -----END CERTIFICATE-----Generated at Sun Oct 19 20:20:16 2025 by rpki-client