$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/tZRoA6Pw_8nJNLA_KylU_DCE-Lc.roa File: tZRoA6Pw_8nJNLA_KylU_DCE-Lc.roa (raw, json) Hash identifier: /j3Jt29pLc0/9pCbPghTLPsKpVN8Dp84CdiKHLXltJI= Subject key identifier: B5:94:68:03:A3:F0:FF:C9:C9:34:B0:3F:2B:29:54:FC:30:84:F8:B7 Certificate issuer: /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Certificate serial: 4C Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/tZRoA6Pw_8nJNLA_KylU_DCE-Lc.roa Signing time: Fri 22 Aug 2025 06:35:05 +0000 ROA not before: Fri 22 Aug 2025 06:35:05 +0000 ROA not after: Thu 20 Aug 2026 07:49:18 +0000 asID: 139140 IP address blocks: 2402:7d80:fffe::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76 (0x4c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4 Validity Not Before: Aug 22 06:35:05 2025 GMT Not After : Aug 20 07:49:18 2026 GMT Subject: CN=B5946803A3F0FFC9C934B03F2B2954FC3084F8B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:db:25:49:2c:3a:b1:1e:f7:d3:72:10:ed:b8: 20:a3:2d:a5:87:13:16:b6:5c:35:a5:c1:d6:85:12: b4:ed:21:85:24:18:17:4f:8e:02:f9:86:d7:76:aa: 58:8a:fd:55:de:ee:25:84:2d:cb:cd:b3:01:b8:17: 8a:81:04:42:a7:76:5c:27:da:67:c9:09:91:c5:a2: be:2e:9a:7c:48:af:34:ce:0d:53:ec:ce:e3:04:52: 66:63:98:44:b5:df:93:12:d9:bc:da:52:6e:83:38: 68:b4:db:4a:17:fb:18:fa:fd:96:99:2d:2c:af:ba: ee:c9:2e:67:9f:4a:69:d6:b8:08:01:25:ec:47:0a: a1:81:d7:a9:fa:32:f5:fe:1b:82:d2:7e:bc:9b:06: 6a:29:0e:0d:fd:67:69:de:33:1a:63:c6:2b:1e:44: 5c:3e:8d:47:af:43:2d:64:ec:fc:53:d5:6c:74:38: 9b:61:1b:87:b8:9a:ca:31:1d:85:b6:b5:78:e9:02: 09:6a:1c:f0:c0:5a:76:a9:23:8c:8b:6c:43:e3:b6: a9:b4:56:c5:09:09:38:e2:fe:83:bd:05:57:95:b3: d6:83:2a:11:f2:ad:33:20:66:54:3e:11:6d:43:82: 05:09:60:96:3e:c5:86:5d:18:35:cf:00:5e:5c:43: ff:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:94:68:03:A3:F0:FF:C9:C9:34:B0:3F:2B:29:54:FC:30:84:F8:B7 X509v3 Authority Key Identifier: keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/tZRoA6Pw_8nJNLA_KylU_DCE-Lc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:7d80:fffe::/48 Signature Algorithm: sha256WithRSAEncryption 51:bc:d4:fe:91:e8:68:c4:0e:67:4e:b0:78:9c:22:bd:04:36: 7e:d5:99:5d:27:60:30:54:1b:91:58:c2:73:d1:4e:ed:96:70: 71:5a:6f:b3:0d:8d:b7:26:9e:0f:f1:0d:8c:7d:c1:da:b5:6e: ee:93:2f:96:b1:2d:7c:99:7c:f8:eb:7f:21:16:10:82:08:af: a9:81:9d:b1:0d:17:ef:30:72:bc:f4:8e:be:08:34:79:10:a0: 0c:f6:ee:fc:ca:de:8a:06:ff:76:94:2c:ef:7f:6c:9b:89:97: fc:ba:00:30:61:6a:88:13:b5:7d:d6:59:5d:29:98:93:bc:a9: 4b:72:fa:70:64:da:6f:d1:11:7d:23:5a:eb:b4:90:42:66:8f: 5c:7a:1c:5f:d9:79:e5:e9:0b:a9:a9:10:01:88:5a:d0:95:bc: 03:83:cd:48:70:6a:cc:6a:51:cc:d4:b7:75:de:7f:4d:32:e2: 96:3d:0e:4f:c8:27:ef:0d:2f:f8:43:03:da:4b:3b:00:c1:f0: b8:93:c1:dc:a7:4f:6c:60:4c:dd:d2:22:ea:15:1e:cb:35:5e: 40:41:0f:09:a8:40:4f:f4:48:23:0f:95:e1:2b:3f:63:ee:5d: 3e:42:44:0d:94:b4:14:b6:d0:67:f0:2e:a1:11:a5:77:fc:39: bb:96:5b:69 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIBTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMTk4 OUI0MDY5MDFBREY4ODEwQjlEQ0RDNEUwRkM5RTdFODVFRUI0MB4XDTI1MDgyMjA2 MzUwNVoXDTI2MDgyMDA3NDkxOFowMzExMC8GA1UEAxMoQjU5NDY4MDNBM0YwRkZD OUM5MzRCMDNGMkIyOTU0RkMzMDg0RjhCNzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAOLbJUksOrEe99NyEO24IKMtpYcTFrZcNaXB1oUStO0hhSQYF0+O AvmG13aqWIr9Vd7uJYQty82zAbgXioEEQqd2XCfaZ8kJkcWivi6afEivNM4NU+zO 4wRSZmOYRLXfkxLZvNpSboM4aLTbShf7GPr9lpktLK+67skuZ59Kada4CAEl7EcK oYHXqfoy9f4bgtJ+vJsGaikODf1nad4zGmPGKx5EXD6NR69DLWTs/FPVbHQ4m2Eb h7iayjEdhba1eOkCCWoc8MBadqkjjItsQ+O2qbRWxQkJOOL+g70FV5Wz1oMqEfKt MyBmVD4RbUOCBQlglj7Fhl0YNc8AXlxD/8ECAwEAAaOCAfYwggHyMB0GA1UdDgQW BBS1lGgDo/D/yck0sD8rKVT8MIT4tzAfBgNVHSMEGDAWgBTxmJtAaQGt+IELnc3E 4PyefoXutDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjMy LzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOFppYlFHa0JyZmlCQzUzTnhPRDhubjZGN3JRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIzMi90WlJvQTZQd184bkpO TEFfS3lsVV9EQ0UtTGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAJAJ9gP/+MA0GCSqGSIb3DQEBCwUAA4IBAQBRvNT+kehoxA5nTrB4nCK9BDZ+ 1ZldJ2AwVBuRWMJz0U7tlnBxWm+zDY23Jp4P8Q2MfcHatW7uky+WsS18mXz4638h FhCCCK+pgZ2xDRfvMHK89I6+CDR5EKAM9u78yt6KBv92lCzvf2ybiZf8ugAwYWqI E7V91lldKZiTvKlLcvpwZNpv0RF9I1rrtJBCZo9cehxf2Xnl6QupqRABiFrQlbwD g81IcGrMalHM1Ld13n9NMuKWPQ5PyCfvDS/4QwPaSzsAwfC4k8Hcp09sYEzd0iLq FR7LNV5AQQ8JqEBP9EgjD5XhKz9j7l0+QkQNlLQUttBn8C6hEaV3/Dm7lltp -----END CERTIFICATE-----Generated at Sun Aug 24 02:38:09 2025 by rpki-client