$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/nIkgv8iTRjiXwVL9S2gtOD72tV0.roa File: nIkgv8iTRjiXwVL9S2gtOD72tV0.roa (raw, json) Hash identifier: oPNs2j4mmoIZwZos7nrN9JmyKp8fH3/kih8TnlfPeeM= Subject key identifier: 9C:89:20:BF:C8:93:46:38:97:C1:52:FD:4B:68:2D:38:3E:F6:B5:5D Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 24E2 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/nIkgv8iTRjiXwVL9S2gtOD72tV0.roa Signing time: Sat 13 Sep 2025 03:08:48 +0000 ROA not before: Sat 13 Sep 2025 03:08:48 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 212237 IP address blocks: 2403:6380:20::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Oct 2025 23:37:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9442 (0x24e2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 13 03:08:48 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=9C8920BFC893463897C152FD4B682D383EF6B55D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:89:9b:6d:4b:61:83:33:a6:7a:08:6a:05:8c: fb:df:78:de:a8:80:07:2e:12:e6:ff:a6:5b:5c:59: 97:fb:02:77:d8:24:ea:e2:b7:e7:f9:e9:a0:40:a7: 6f:6f:6a:f6:2d:cf:51:94:74:1b:0b:aa:7d:9c:3e: de:19:05:fa:7c:e6:fc:6c:4f:d8:31:47:cd:f4:ab: 58:bb:9e:94:6e:96:c5:56:e0:77:1c:e2:ef:d7:a9: b0:c4:98:0b:d8:24:45:97:39:6d:32:68:58:9d:6c: bb:36:84:85:71:09:84:ea:63:f7:7e:3a:9e:50:46: 47:7b:f6:40:0a:ba:65:e7:ec:08:96:87:29:88:36: 0c:71:5e:43:70:4d:e8:bb:7b:16:72:f0:ed:c2:f2: 20:1d:2e:04:91:21:a8:81:83:d1:92:27:dc:64:3e: 81:53:9d:be:37:be:4f:31:08:ed:3a:e5:e6:82:d6: 54:39:c3:4f:0f:39:a4:41:14:9f:f1:4e:d5:7f:64: 59:28:a8:0f:6c:70:a5:4d:5d:84:47:d7:7e:d9:36: bd:6c:78:94:a1:d7:55:da:aa:3b:56:19:e4:c1:41: 70:36:1c:3c:63:41:94:22:55:fa:86:a0:a1:5f:2b: b3:db:8f:94:28:6d:ac:08:c7:6f:de:3a:b5:6a:02: f7:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:89:20:BF:C8:93:46:38:97:C1:52:FD:4B:68:2D:38:3E:F6:B5:5D X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/nIkgv8iTRjiXwVL9S2gtOD72tV0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380:20::/44 Signature Algorithm: sha256WithRSAEncryption b3:7a:be:2f:66:06:32:d3:c4:81:d3:57:d3:7f:98:bc:43:59: f9:53:dc:bf:1c:6a:04:f1:73:b5:a5:21:d1:4e:cf:0f:a6:08: f2:f9:0a:68:06:57:ce:63:75:bd:f5:7c:c7:4f:9f:41:13:2e: c6:79:e7:38:4f:c4:07:8e:02:de:93:66:89:45:10:e0:35:64: 08:55:b4:0b:d1:89:04:0a:e8:5f:d4:77:af:f9:79:43:d9:fa: 8b:9c:0f:18:56:11:bd:1b:fc:8f:39:16:09:71:46:4e:9f:51: d7:ff:05:24:65:20:bd:d2:ed:a1:10:fa:cd:bd:46:24:ff:70: 07:b3:59:02:42:34:34:e2:3b:54:c2:42:82:d2:fa:b9:fd:7e: 97:b2:15:5b:82:88:8e:c3:e1:0e:28:e7:92:b6:63:28:bd:79: 0b:4c:38:ca:70:cf:75:80:f6:da:4c:fb:da:01:16:04:29:21: fe:8e:76:34:e3:40:be:6b:97:aa:d1:c1:d1:12:4c:3c:f7:8f: af:88:78:37:e0:66:32:47:42:35:33:11:b5:87:55:8e:45:50: 60:4e:67:b3:1d:64:5c:5e:53:d1:7c:9a:73:36:9b:a5:09:55: 50:e7:6b:27:0c:57:b4:db:e5:c9:c0:fb:9d:5c:11:a3:63:c5: 0e:46:e3:72 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICJOIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTA5MTMw MzA4NDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDlDODkyMEJGQzg5MzQ2 Mzg5N0MxNTJGRDRCNjgyRDM4M0VGNkI1NUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCaiZttS2GDM6Z6CGoFjPvfeN6ogAcuEub/pltcWZf7AnfYJOri t+f56aBAp29vavYtz1GUdBsLqn2cPt4ZBfp85vxsT9gxR830q1i7npRulsVW4Hcc 4u/XqbDEmAvYJEWXOW0yaFidbLs2hIVxCYTqY/d+Op5QRkd79kAKumXn7AiWhymI NgxxXkNwTei7exZy8O3C8iAdLgSRIaiBg9GSJ9xkPoFTnb43vk8xCO065eaC1lQ5 w08POaRBFJ/xTtV/ZFkoqA9scKVNXYRH137ZNr1seJSh11XaqjtWGeTBQXA2HDxj QZQiVfqGoKFfK7Pbj5QobawIx2/eOrVqAvfVAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUnIkgv8iTRjiXwVL9S2gtOD72tV0wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvbklrZ3Y4aVRSamlY d1ZMOVMyZ3RPRDcydFYwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQDY4AAIDANBgkqhkiG9w0BAQsFAAOCAQEAs3q+L2YGMtPEgdNX03+YvENZ +VPcvxxqBPFztaUh0U7PD6YI8vkKaAZXzmN1vfV8x0+fQRMuxnnnOE/EB44C3pNm iUUQ4DVkCFW0C9GJBAroX9R3r/l5Q9n6i5wPGFYRvRv8jzkWCXFGTp9R1/8FJGUg vdLtoRD6zb1GJP9wB7NZAkI0NOI7VMJCgtL6uf1+l7IVW4KIjsPhDijnkrZjKL15 C0w4ynDPdYD22kz72gEWBCkh/o52NONAvmuXqtHB0RJMPPePr4h4N+BmMkdCNTMR tYdVjkVQYE5nsx1kXF5T0XyaczabpQlVUOdrJwxXtNvlycD7nVwRo2PFDkbjcg== -----END CERTIFICATE-----Generated at Sun Oct 19 20:11:08 2025 by rpki-client