$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/8ypWC-ydp4xXcqy2gTFAqdh61HU.roa File: 8ypWC-ydp4xXcqy2gTFAqdh61HU.roa (raw, json) Hash identifier: g3uVKvV3ChCu619q82Y0FOakVd+GS7pJK/pnr7R0GZo= Subject key identifier: F3:2A:56:0B:EC:9D:A7:8C:57:72:AC:B6:81:31:40:A9:D8:7A:D4:75 Certificate issuer: /CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Certificate serial: 2096 Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/8ypWC-ydp4xXcqy2gTFAqdh61HU.roa Signing time: Sat 13 Sep 2025 03:10:30 +0000 ROA not before: Sat 13 Sep 2025 03:10:30 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23650 IP address blocks: 2404:6380::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8342 (0x2096) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Validity Not Before: Sep 13 03:10:30 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=F32A560BEC9DA78C5772ACB6813140A9D87AD475 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:1b:49:eb:9c:37:04:82:89:0e:33:66:ba:63: c7:6e:62:31:73:65:08:8d:78:83:b1:cd:9d:0d:2f: 3b:0f:53:85:01:5e:90:8d:4d:84:ea:a5:ac:e0:c4: 92:be:11:a5:ed:00:06:ef:20:5c:94:95:d8:ea:31: ac:be:13:92:77:a9:58:f5:68:c1:21:77:c8:c5:d3: b9:6c:ea:4e:a1:f3:6e:6a:77:a4:d0:60:85:6c:70: e9:fb:01:27:d7:c9:fe:a9:cb:bd:e9:74:e7:27:f2: 0c:d3:70:cd:50:48:10:cf:cd:6f:b3:f8:99:9d:56: 23:1e:ab:02:ad:74:07:82:0b:ad:51:ad:94:e9:97: c9:21:2e:d9:55:28:94:8c:44:61:99:c2:84:92:a5: a9:ba:c7:ef:17:a4:c5:6c:ba:0b:81:11:22:e4:ce: a6:dd:f0:d1:25:99:40:e2:32:75:0f:b9:6a:30:e0: 4b:9f:c7:f4:25:40:55:47:4d:68:d2:f8:50:b2:b8: 6b:91:8c:84:90:0b:7d:81:9a:00:31:af:8f:0c:63: ce:ed:b4:81:e9:95:3a:7b:14:37:46:b6:54:55:04: fd:70:fd:da:d5:8b:17:47:06:bc:22:d1:c4:b4:3d: 0c:6a:4a:63:58:82:64:1c:69:fa:7e:ba:90:bc:c4: 58:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:2A:56:0B:EC:9D:A7:8C:57:72:AC:B6:81:31:40:A9:D8:7A:D4:75 X509v3 Authority Key Identifier: keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/8ypWC-ydp4xXcqy2gTFAqdh61HU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:6380::/32 Signature Algorithm: sha256WithRSAEncryption af:9b:81:52:49:4d:cc:46:c6:0b:79:1b:e0:9c:3e:5c:5e:ef: 52:42:70:18:de:cf:a7:b4:10:72:15:b0:56:b0:33:a3:c8:be: 16:94:2f:57:ff:fc:24:ae:d6:26:d0:fd:20:56:68:aa:6b:e3: 28:1a:e5:ce:75:26:2f:4a:26:f0:8f:57:11:13:46:5b:e3:95: 20:5b:b6:a8:6c:c1:e7:26:ba:2d:5e:fb:4f:d4:8c:4a:b7:a1: 57:6b:49:c3:ab:b2:4b:10:9c:6b:50:de:25:11:bd:e7:3d:76: a6:79:48:0d:ea:ff:17:11:f1:1a:8e:67:d0:aa:26:0b:bb:37: 39:2d:bb:33:ba:30:c0:21:48:07:13:67:80:6c:ba:a5:0f:a6: a0:34:45:c7:f8:3d:dc:45:3a:e6:51:79:33:36:e6:3b:2a:2f: af:e7:00:00:d1:aa:42:77:12:2e:c9:74:59:69:e5:2a:e5:f9: 9a:56:e5:07:a0:7b:9c:f6:79:2c:bf:3c:51:ec:9c:46:b8:a5: 1b:4e:30:1f:18:00:2c:b9:32:fe:1e:a6:63:cc:15:51:6a:1e: 64:8b:33:f9:1f:5f:eb:a1:99:11:2d:dd:e0:53:61:2a:e7:be: d8:fd:08:c5:6b:f7:d5:c6:4a:1f:f8:34:31:22:71:73:e9:76: 4a:7c:fe:9d -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICIJYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNTA5MTMw MzEwMzBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEYzMkE1NjBCRUM5REE3 OEM1NzcyQUNCNjgxMzE0MEE5RDg3QUQ0NzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/G0nrnDcEgokOM2a6Y8duYjFzZQiNeIOxzZ0NLzsPU4UBXpCN TYTqpazgxJK+EaXtAAbvIFyUldjqMay+E5J3qVj1aMEhd8jF07ls6k6h825qd6TQ YIVscOn7ASfXyf6py73pdOcn8gzTcM1QSBDPzW+z+JmdViMeqwKtdAeCC61RrZTp l8khLtlVKJSMRGGZwoSSpam6x+8XpMVsuguBESLkzqbd8NElmUDiMnUPuWow4Euf x/QlQFVHTWjS+FCyuGuRjISQC32BmgAxr48MY87ttIHplTp7FDdGtlRVBP1w/drV ixdHBrwi0cS0PQxqSmNYgmQcafp+upC8xFgnAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQU8ypWC+ydp4xXcqy2gTFAqdh61HUwHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ +wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvOHlwV0MteWRwNHhY Y3F5MmdURkFxZGg2MUhVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQEY4AwDQYJKoZIhvcNAQELBQADggEBAK+bgVJJTcxGxgt5G+CcPlxe71JC cBjez6e0EHIVsFawM6PIvhaUL1f//CSu1ibQ/SBWaKpr4yga5c51Ji9KJvCPVxET RlvjlSBbtqhswecmui1e+0/UjEq3oVdrScOrsksQnGtQ3iURvec9dqZ5SA3q/xcR 8RqOZ9CqJgu7NzktuzO6MMAhSAcTZ4BsuqUPpqA0Rcf4PdxFOuZReTM25jsqL6/n AADRqkJ3Ei7JdFlp5Srl+ZpW5Qege5z2eSy/PFHsnEa4pRtOMB8YACy5Mv4epmPM FVFqHmSLM/kfX+uhmREt3eBTYSrnvtj9CMVr99XGSh/4NDEicXPpdkp8/p0= -----END CERTIFICATE-----Generated at Mon Oct 20 11:19:02 2025 by rpki-client