$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/igUDn-2X74WAn-QoN1HKSCfTb9A.roa File: igUDn-2X74WAn-QoN1HKSCfTb9A.roa (raw, json) Hash identifier: +iyhqDwdx42ZfAs49jpm3USPbcxKtBDxC0lYr+WcIf8= Subject key identifier: 8A:05:03:9F:ED:97:EF:85:80:9F:E4:28:37:51:CA:48:27:D3:6F:D0 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 24E7 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/igUDn-2X74WAn-QoN1HKSCfTb9A.roa Signing time: Sat 13 Sep 2025 03:08:49 +0000 ROA not before: Sat 13 Sep 2025 03:08:49 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 212237 IP address blocks: 2403:6380:12::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Oct 2025 23:37:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9447 (0x24e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 13 03:08:49 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=8A05039FED97EF85809FE4283751CA4827D36FD0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:db:bb:2d:a0:19:ff:d0:57:14:63:0f:f7:ef: c6:e6:4e:17:c3:3e:f0:b8:66:ec:d5:78:39:4d:d5: ce:c2:3b:c4:29:55:4c:79:bb:aa:ca:99:b0:7a:91: 33:45:df:82:e6:c2:12:6b:30:52:b3:db:89:f6:cd: 1d:15:53:0e:85:86:59:2c:7e:38:da:64:d4:31:c4: a7:76:fd:02:18:d4:54:c6:67:09:8c:86:98:e1:66: 07:91:6b:de:10:8c:c7:4f:2a:20:68:1e:9a:ec:06: e4:56:b9:cd:5a:4a:12:58:4c:b0:3a:c2:95:6b:39: b2:08:5c:8a:a9:c5:14:f2:fb:23:60:d5:6c:5a:d8: f3:0b:e3:b9:04:e7:63:e8:e0:fb:86:8d:2f:fa:54: fe:25:6a:c3:61:a4:aa:93:4d:84:c6:9c:10:8d:94: 8f:86:6f:8b:2f:52:6d:09:7d:f2:4d:39:39:47:b2: 50:fa:5d:eb:71:87:3f:10:cf:1c:7b:f7:13:a9:22: b7:83:96:41:98:69:6f:ef:2e:49:c7:bd:2d:69:d3: eb:e9:1f:c6:95:eb:f5:fe:9c:08:f7:1f:5b:f5:4c: 61:47:55:08:de:0b:90:b9:5f:c6:f1:19:ca:48:a0: 37:dc:ae:d4:0f:e1:85:ca:b7:f6:1a:8d:d2:de:6a: a9:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:05:03:9F:ED:97:EF:85:80:9F:E4:28:37:51:CA:48:27:D3:6F:D0 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/igUDn-2X74WAn-QoN1HKSCfTb9A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380:12::/48 Signature Algorithm: sha256WithRSAEncryption 51:45:59:03:e2:8f:98:16:d3:1c:a6:65:a3:72:c5:b9:a1:f8: a0:54:56:a2:c9:22:54:08:69:3b:30:22:ab:b0:6e:d8:cb:da: d9:c0:c0:49:59:e7:2a:c8:49:79:dd:9e:d6:5d:46:bc:5f:7b: 5e:60:4d:3c:df:2a:07:00:8f:83:59:ca:c0:91:ab:39:59:f9: 23:db:36:c6:35:7b:f6:63:26:e2:d6:45:07:92:ed:1d:bc:34: df:02:d6:3b:0e:e1:25:9c:4c:1a:ad:ae:76:19:a5:56:9d:ee: 00:cc:ae:12:a7:d6:1f:09:d5:1f:59:f2:c8:d1:0b:eb:ec:ea: 33:85:a6:86:f0:ab:2f:f2:48:eb:dc:e9:f2:57:2c:df:b8:3d: f6:aa:42:8e:d7:b0:d3:84:12:a7:90:c4:b3:b8:0b:c5:09:18: 3b:ad:74:1d:93:2f:c7:44:3e:ea:94:95:7b:29:36:dc:48:ee: 92:d8:59:c2:97:63:d5:51:60:7b:f1:fe:b3:65:9b:12:ff:31: 9d:b1:f6:16:2a:95:e0:68:63:a7:b9:aa:81:5f:54:27:6a:90: 27:0b:35:ac:2e:04:07:7c:0d:0c:1b:bc:a8:79:4d:16:e7:a6: eb:b9:ad:4f:dc:1d:a7:ec:0e:5f:ec:c3:2c:d4:81:d1:6c:75: 62:20:d3:1e -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICJOcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTA5MTMw MzA4NDlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDhBMDUwMzlGRUQ5N0VG ODU4MDlGRTQyODM3NTFDQTQ4MjdEMzZGRDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDU27stoBn/0FcUYw/378bmThfDPvC4ZuzVeDlN1c7CO8QpVUx5 u6rKmbB6kTNF34LmwhJrMFKz24n2zR0VUw6FhlksfjjaZNQxxKd2/QIY1FTGZwmM hpjhZgeRa94QjMdPKiBoHprsBuRWuc1aShJYTLA6wpVrObIIXIqpxRTy+yNg1Wxa 2PML47kE52Po4PuGjS/6VP4lasNhpKqTTYTGnBCNlI+Gb4svUm0JffJNOTlHslD6 Xetxhz8Qzxx79xOpIreDlkGYaW/vLknHvS1p0+vpH8aV6/X+nAj3H1v1TGFHVQje C5C5X8bxGcpIoDfcrtQP4YXKt/YajdLeaqlPAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUigUDn+2X74WAn+QoN1HKSCfTb9AwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvaWdVRG4tMlg3NFdB bi1Rb04xSEtTQ2ZUYjlBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQDY4AAEjANBgkqhkiG9w0BAQsFAAOCAQEAUUVZA+KPmBbTHKZlo3LFuaH4 oFRWoskiVAhpOzAiq7Bu2Mva2cDASVnnKshJed2e1l1GvF97XmBNPN8qBwCPg1nK wJGrOVn5I9s2xjV79mMm4tZFB5LtHbw03wLWOw7hJZxMGq2udhmlVp3uAMyuEqfW HwnVH1nyyNEL6+zqM4WmhvCrL/JI69zp8lcs37g99qpCjtew04QSp5DEs7gLxQkY O610HZMvx0Q+6pSVeyk23EjukthZwpdj1VFge/H+s2WbEv8xnbH2FiqV4Ghjp7mq gV9UJ2qQJws1rC4EB3wNDBu8qHlNFuem67mtT9wdp+wOX+zDLNSB0Wx1YiDTHg== -----END CERTIFICATE-----Generated at Sun Oct 19 20:05:47 2025 by rpki-client