$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/r-lkf1RnNaAL-vwYsP1QvyJIyDA.roa File: r-lkf1RnNaAL-vwYsP1QvyJIyDA.roa (raw, json) Hash identifier: 73+P8YEnOnkREsJ9G9W/yLGjc3wGXBcX8195o/XNStU= Subject key identifier: AF:E9:64:7F:54:67:35:A0:0B:FA:FC:18:B0:FD:50:BF:22:48:C8:30 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 24E6 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/r-lkf1RnNaAL-vwYsP1QvyJIyDA.roa Signing time: Sat 13 Sep 2025 03:08:48 +0000 ROA not before: Sat 13 Sep 2025 03:08:48 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 212237 IP address blocks: 2403:6380::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Oct 2025 23:37:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9446 (0x24e6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 13 03:08:48 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=AFE9647F546735A00BFAFC18B0FD50BF2248C830 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:df:b1:f4:99:94:b8:48:f6:8c:0a:15:ef:60: df:e6:cf:1e:bd:a7:8f:83:12:a6:ac:49:6c:3c:ce: 61:54:c7:5e:fa:c4:5c:5b:95:b9:16:d1:96:47:26: e7:3e:96:5d:78:44:6e:99:fd:cf:63:2a:2e:53:29: fa:5a:01:9e:e6:15:c3:55:da:4d:0a:58:65:c1:d5: 63:47:32:45:f5:cf:89:5c:00:7a:b3:e7:53:a9:6e: bc:16:cf:27:7f:aa:81:73:66:86:62:38:19:86:02: f3:28:eb:a4:c6:51:50:bc:24:9d:82:64:bb:f3:c0: 87:85:89:60:13:d5:b7:ed:77:fa:2f:ae:bf:e1:56: df:3e:cd:1c:7e:00:38:d8:34:bf:d7:19:7e:9c:4a: 6d:73:e3:3d:77:8d:26:dc:74:54:46:a2:af:a0:64: 0a:45:1d:19:c1:d7:28:fa:d8:15:f7:98:96:fc:0f: be:f1:0c:86:ba:86:52:21:ef:fc:a2:4b:df:7d:df: 93:f0:8a:07:92:9c:56:81:3c:1c:40:6a:45:65:7d: 8b:7c:92:1a:d4:d4:8d:9e:17:2c:88:99:cf:e5:88: f5:b9:d9:45:f7:d2:06:cc:c9:94:3c:34:71:8a:a3: fb:6a:83:d5:53:b7:b5:58:3f:bd:70:ee:12:b0:fa: 8b:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:E9:64:7F:54:67:35:A0:0B:FA:FC:18:B0:FD:50:BF:22:48:C8:30 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/r-lkf1RnNaAL-vwYsP1QvyJIyDA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380::/40 Signature Algorithm: sha256WithRSAEncryption 0a:6f:93:82:1e:35:3e:17:99:d4:84:98:89:4a:d0:ad:66:66: 6e:dd:e4:c1:98:c2:01:23:27:56:b2:f1:cf:85:90:bd:3b:a4: 89:f2:4e:92:85:bd:e4:1a:b5:cc:cb:60:5b:59:6f:86:b6:bd: dd:2c:05:cd:de:c2:2c:80:a3:d3:ae:da:47:3c:19:9f:36:e7: b9:a9:f1:d5:7c:57:2d:a5:a3:87:de:4f:28:60:ae:cb:66:c8: 1b:57:bd:6e:f2:f8:d3:3e:21:a3:d1:2e:20:0a:dd:03:39:aa: 8d:38:a6:ca:7b:54:83:6a:66:74:42:84:38:00:74:dd:af:00: 13:35:e4:2f:40:69:bb:17:19:db:48:e2:c6:b6:15:31:b5:df: 6c:15:43:48:9d:68:a7:a0:43:ea:7e:f7:e3:10:b4:7a:d6:f2: 7f:e4:eb:df:08:58:60:d8:0e:37:76:0d:a4:80:5e:3f:9c:f8: a3:03:a0:9b:35:86:03:31:6e:8a:1d:ac:8c:fb:67:00:d3:42: 9a:9c:e3:18:33:49:8c:05:9f:e3:a6:00:3b:1e:b3:58:34:4a: 2c:67:6d:6e:4e:33:d8:40:04:90:cd:48:f2:10:0a:d2:a3:89: 6e:0b:f2:c1:81:15:5a:72:1d:7a:5e:ff:66:bd:da:bf:6f:82: 94:6d:45:b6 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICJOYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTA5MTMw MzA4NDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEFGRTk2NDdGNTQ2NzM1 QTAwQkZBRkMxOEIwRkQ1MEJGMjI0OEM4MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDU37H0mZS4SPaMChXvYN/mzx69p4+DEqasSWw8zmFUx176xFxb lbkW0ZZHJuc+ll14RG6Z/c9jKi5TKfpaAZ7mFcNV2k0KWGXB1WNHMkX1z4lcAHqz 51OpbrwWzyd/qoFzZoZiOBmGAvMo66TGUVC8JJ2CZLvzwIeFiWAT1bftd/ovrr/h Vt8+zRx+ADjYNL/XGX6cSm1z4z13jSbcdFRGoq+gZApFHRnB1yj62BX3mJb8D77x DIa6hlIh7/yiS99935PwigeSnFaBPBxAakVlfYt8khrU1I2eFyyImc/liPW52UX3 0gbMyZQ8NHGKo/tqg9VTt7VYP71w7hKw+ovVAgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQUr+lkf1RnNaAL+vwYsP1QvyJIyDAwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvci1sa2YxUm5OYUFM LXZ3WXNQMVF2eUpJeURBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIw CAMGACQDY4AAMA0GCSqGSIb3DQEBCwUAA4IBAQAKb5OCHjU+F5nUhJiJStCtZmZu 3eTBmMIBIydWsvHPhZC9O6SJ8k6Shb3kGrXMy2BbWW+Gtr3dLAXN3sIsgKPTrtpH PBmfNue5qfHVfFctpaOH3k8oYK7LZsgbV71u8vjTPiGj0S4gCt0DOaqNOKbKe1SD amZ0QoQ4AHTdrwATNeQvQGm7FxnbSOLGthUxtd9sFUNInWinoEPqfvfjELR61vJ/ 5OvfCFhg2A43dg2kgF4/nPijA6CbNYYDMW6KHayM+2cA00KanOMYM0mMBZ/jpgA7 HrNYNEosZ21uTjPYQASQzUjyEArSo4luC/LBgRVach16Xv9mvdq/b4KUbUW2 -----END CERTIFICATE-----Generated at Sun Oct 19 20:11:12 2025 by rpki-client