$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/21-A0JoGyCcKpZZ8vVoDWAAN40k.roa File: 21-A0JoGyCcKpZZ8vVoDWAAN40k.roa (raw, json) Hash identifier: 8uiQ7I4+StvGCzuamlF3pk33/0d3/cX2h6MOf+zIW2g= Subject key identifier: DB:5F:80:D0:9A:06:C8:27:0A:A5:96:7C:BD:5A:03:58:00:0D:E3:49 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 24E5 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/21-A0JoGyCcKpZZ8vVoDWAAN40k.roa Signing time: Sat 13 Sep 2025 03:08:48 +0000 ROA not before: Sat 13 Sep 2025 03:08:48 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 212237 IP address blocks: 2403:6380:40::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Oct 2025 23:37:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9445 (0x24e5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 13 03:08:48 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=DB5F80D09A06C8270AA5967CBD5A0358000DE349 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:f6:58:88:19:53:22:3e:c2:62:a5:e5:a4:ee: cd:df:f6:44:7c:8c:fa:f5:4b:a6:c4:98:0b:6e:31: 8c:f2:41:cf:13:08:76:ff:3a:12:0c:68:5e:bb:9e: b6:6d:e6:b0:6a:76:9a:cd:f0:08:22:0a:39:99:9a: 2c:25:02:eb:b8:5e:da:fa:03:e3:23:75:6b:e0:b1: 3e:92:9f:00:3c:5b:49:71:10:cc:66:1a:3e:64:cd: 66:23:27:41:b1:22:39:c5:04:9e:69:2a:ad:62:eb: f6:41:0a:62:60:7f:a4:19:08:4e:4f:9a:dd:93:03: 36:b3:11:16:0c:c2:b1:e3:87:e9:5b:32:da:49:ec: 54:b6:b8:35:95:eb:21:95:c5:9a:98:56:37:aa:b7: a4:dc:22:c2:22:97:c6:9a:99:7a:ee:d7:ec:ee:f4: bb:38:36:ec:8e:d8:bf:e8:74:82:0a:36:02:03:3c: 1a:4f:44:26:3d:6d:ec:0d:85:a1:42:33:d2:90:d5: fb:1a:53:b2:97:21:fe:15:b5:30:1b:97:ba:60:72: ad:df:ef:ba:9e:20:cb:60:d9:4d:2f:d8:91:51:de: ab:e7:01:eb:2d:cc:e7:fb:68:af:c9:41:fb:3a:db: cf:03:78:e5:43:4c:bd:97:fc:e9:ac:91:87:71:e4: c5:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:5F:80:D0:9A:06:C8:27:0A:A5:96:7C:BD:5A:03:58:00:0D:E3:49 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/21-A0JoGyCcKpZZ8vVoDWAAN40k.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380:40::/44 Signature Algorithm: sha256WithRSAEncryption c1:d1:1f:9c:a8:bc:51:76:09:13:d4:f0:5d:7d:b9:ad:f0:d5: ee:d1:93:42:30:e8:10:e6:12:b2:2c:a4:38:e2:d5:31:fc:4f: 7f:30:cb:6d:03:af:02:c3:8d:8f:53:22:60:dc:61:2b:67:6a: 20:6d:46:1d:b0:cf:f8:46:17:8b:77:c4:4f:b7:3a:28:12:e8: e1:6e:73:0d:8f:b8:61:28:ee:e7:3e:bc:88:6f:39:09:f9:a0: 56:af:0c:05:99:d8:4b:69:86:70:8e:27:5f:89:a6:68:01:a7: f1:0c:6b:94:e5:09:f7:bb:44:d2:f1:61:ff:35:ac:f0:d4:16: 34:be:08:80:e7:35:25:e7:60:2c:f5:d0:39:e0:c7:80:6b:d3: c9:c8:eb:b1:be:e4:2e:bd:0b:e4:60:a2:94:68:08:f3:d5:06: 4d:97:58:f6:6c:c6:8e:a4:a2:c0:33:2b:d0:12:e5:b4:3b:5f: ba:8a:2d:55:85:3a:22:08:11:e4:fd:38:a0:7e:8e:da:7a:e0: 7b:c4:31:b3:fb:0c:9f:55:58:ad:2f:f0:16:5e:95:9b:ff:aa: 2d:b5:12:b0:85:95:ba:f1:1b:c8:37:7f:d3:44:56:59:5a:4b: c6:1d:90:61:f1:ee:16:c3:03:a6:75:ba:6b:2b:9b:d6:36:be: 61:19:ae:10 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICJOUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTA5MTMw MzA4NDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKERCNUY4MEQwOUEwNkM4 MjcwQUE1OTY3Q0JENUEwMzU4MDAwREUzNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDR9liIGVMiPsJipeWk7s3f9kR8jPr1S6bEmAtuMYzyQc8TCHb/ OhIMaF67nrZt5rBqdprN8AgiCjmZmiwlAuu4Xtr6A+MjdWvgsT6SnwA8W0lxEMxm Gj5kzWYjJ0GxIjnFBJ5pKq1i6/ZBCmJgf6QZCE5Pmt2TAzazERYMwrHjh+lbMtpJ 7FS2uDWV6yGVxZqYVjeqt6TcIsIil8aamXru1+zu9Ls4NuyO2L/odIIKNgIDPBpP RCY9bewNhaFCM9KQ1fsaU7KXIf4VtTAbl7pgcq3f77qeIMtg2U0v2JFR3qvnAest zOf7aK/JQfs6288DeOVDTL2X/OmskYdx5MUnAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQU21+A0JoGyCcKpZZ8vVoDWAAN40kwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvMjEtQTBKb0d5Q2NL cFpaOHZWb0RXQUFONDBrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQDY4AAQDANBgkqhkiG9w0BAQsFAAOCAQEAwdEfnKi8UXYJE9TwXX25rfDV 7tGTQjDoEOYSsiykOOLVMfxPfzDLbQOvAsONj1MiYNxhK2dqIG1GHbDP+EYXi3fE T7c6KBLo4W5zDY+4YSju5z68iG85CfmgVq8MBZnYS2mGcI4nX4mmaAGn8QxrlOUJ 97tE0vFh/zWs8NQWNL4IgOc1JedgLPXQOeDHgGvTycjrsb7kLr0L5GCilGgI89UG TZdY9mzGjqSiwDMr0BLltDtfuootVYU6IggR5P04oH6O2nrge8Qxs/sMn1VYrS/w Fl6Vm/+qLbUSsIWVuvEbyDd/00RWWVpLxh2QYfHuFsMDpnW6ayub1ja+YRmuEA== -----END CERTIFICATE-----Generated at Sun Oct 19 20:11:08 2025 by rpki-client