$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/_BI4oBw2PH1jKyNw7eSWx8WZ3Ls.roa File: _BI4oBw2PH1jKyNw7eSWx8WZ3Ls.roa (raw, json) Hash identifier: y661gvlrhiLBEEp/Q83VdcU+ArTVsEsGnSbXIcIz+bU= Subject key identifier: FC:12:38:A0:1C:36:3C:7D:63:2B:23:70:ED:E4:96:C7:C5:99:DC:BB Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 24E0 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/_BI4oBw2PH1jKyNw7eSWx8WZ3Ls.roa Signing time: Sat 13 Sep 2025 03:08:47 +0000 ROA not before: Sat 13 Sep 2025 03:08:47 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 212237 IP address blocks: 2403:6380::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Oct 2025 23:37:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9440 (0x24e0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 13 03:08:47 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=FC1238A01C363C7D632B2370EDE496C7C599DCBB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:79:c9:e6:ed:52:63:57:78:bf:0c:36:9c:69: 79:ac:b7:d8:19:19:a2:3d:a7:b0:1e:6d:dc:85:04: 93:44:4a:3a:61:77:90:31:aa:86:54:51:32:e2:8f: fa:a1:29:b0:7b:be:9d:7d:62:df:5d:46:87:46:1a: 18:0c:6e:f4:89:48:02:76:88:03:58:d1:59:2b:3d: fc:91:4b:d2:ee:92:5c:9f:55:f9:4b:4e:57:7c:4d: 80:6c:04:b1:49:44:a0:35:8d:bd:5d:9d:93:9c:a7: a1:b5:8e:ed:1b:48:b7:a4:54:b3:ac:83:b7:4a:05: 32:72:49:32:2b:84:26:8b:86:ee:08:7e:20:04:ff: 51:bb:58:26:62:51:23:0b:e0:54:86:fb:4c:bc:c5: 63:67:be:bd:c9:f1:bd:fe:a8:82:5b:d5:8e:84:1a: 8a:1a:ea:01:45:ec:60:9f:98:fd:b7:80:42:b7:90: 28:5e:70:be:3f:eb:94:29:1d:18:43:20:92:c2:50: ff:2a:71:80:c5:30:15:42:56:16:1b:01:3f:bc:e2: ef:08:15:07:c9:e1:9e:45:c1:d2:a1:4e:14:23:44: 3e:84:41:8a:1a:7f:bc:c0:d8:a0:24:f9:05:43:2d: 20:9f:00:8b:bc:d3:2c:a6:85:b9:95:09:32:fe:53: 69:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:12:38:A0:1C:36:3C:7D:63:2B:23:70:ED:E4:96:C7:C5:99:DC:BB X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/_BI4oBw2PH1jKyNw7eSWx8WZ3Ls.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380::/44 Signature Algorithm: sha256WithRSAEncryption 78:73:27:d9:32:ad:74:03:54:5b:fa:1e:0b:dc:4d:35:40:39: 08:01:ce:1f:05:42:d7:41:1e:72:0a:e8:86:64:55:c6:d0:37: 27:09:b4:23:9b:ec:e8:96:47:99:aa:6a:ea:ac:cb:49:f3:10: ef:39:ce:9d:ea:84:cd:ef:84:16:25:da:b3:c5:f6:c2:62:f0: c5:78:c8:d6:66:42:8e:91:7d:44:c6:aa:52:15:71:28:9f:6b: b4:6c:cb:bb:eb:88:ec:7b:4e:a5:e9:0c:63:b9:1d:4e:e8:98: 54:71:da:cc:a1:e4:7c:c7:95:a7:8c:7e:cf:50:f4:fb:88:38: f2:35:0f:9c:f6:59:9b:b4:b6:60:17:fc:f3:87:49:5f:da:65: d1:25:16:b8:82:2e:02:d8:e2:99:3f:ae:f1:f7:9f:b8:1f:ba: 24:e9:03:df:2e:55:87:4d:55:c5:29:fc:bb:1f:60:dd:12:9a: f1:5a:f1:c7:76:41:2f:b2:97:a7:2b:f1:b8:d8:5e:12:27:73: df:89:31:b4:fa:7e:95:a4:b2:25:f5:5d:d9:06:75:ab:54:3f: 2d:c8:b5:ed:27:87:c0:f4:34:99:cb:e2:cd:33:02:fe:e7:2f: c8:0f:42:a5:ec:9f:30:8b:7a:24:c2:f2:62:76:51:3b:4c:41: 4e:b4:dc:b0 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICJOAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTA5MTMw MzA4NDdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEZDMTIzOEEwMUMzNjND N0Q2MzJCMjM3MEVERTQ5NkM3QzU5OURDQkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTecnm7VJjV3i/DDacaXmst9gZGaI9p7AebdyFBJNESjphd5Ax qoZUUTLij/qhKbB7vp19Yt9dRodGGhgMbvSJSAJ2iANY0VkrPfyRS9LuklyfVflL Tld8TYBsBLFJRKA1jb1dnZOcp6G1ju0bSLekVLOsg7dKBTJySTIrhCaLhu4IfiAE /1G7WCZiUSML4FSG+0y8xWNnvr3J8b3+qIJb1Y6EGooa6gFF7GCfmP23gEK3kChe cL4/65QpHRhDIJLCUP8qcYDFMBVCVhYbAT+84u8IFQfJ4Z5FwdKhThQjRD6EQYoa f7zA2KAk+QVDLSCfAIu80yymhbmVCTL+U2l3AgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQU/BI4oBw2PH1jKyNw7eSWx8WZ3LswHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvX0JJNG9CdzJQSDFq S3lOdzdlU1d4OFdaM0xzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQDY4AAADANBgkqhkiG9w0BAQsFAAOCAQEAeHMn2TKtdANUW/oeC9xNNUA5 CAHOHwVC10EecgrohmRVxtA3Jwm0I5vs6JZHmapq6qzLSfMQ7znOneqEze+EFiXa s8X2wmLwxXjI1mZCjpF9RMaqUhVxKJ9rtGzLu+uI7HtOpekMY7kdTuiYVHHazKHk fMeVp4x+z1D0+4g48jUPnPZZm7S2YBf884dJX9pl0SUWuIIuAtjimT+u8fefuB+6 JOkD3y5Vh01VxSn8ux9g3RKa8Vrxx3ZBL7KXpyvxuNheEidz34kxtPp+laSyJfVd 2QZ1q1Q/Lci17SeHwPQ0mcvizTMC/ucvyA9CpeyfMIt6JMLyYnZRO0xBTrTcsA== -----END CERTIFICATE-----Generated at Sun Oct 19 22:25:21 2025 by rpki-client