$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/IRr695QzmDBgZ8NqzXfvfrq0UR0.roa File: IRr695QzmDBgZ8NqzXfvfrq0UR0.roa (raw, json) Hash identifier: j7aSVgDTArk2OXLoDcCl1YiisNUMwRrqK4XtzD3t5RM= Subject key identifier: 21:1A:FA:F7:94:33:98:30:60:67:C3:6A:CD:77:EF:7E:BA:B4:51:1D Certificate issuer: /CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Certificate serial: 2094 Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/IRr695QzmDBgZ8NqzXfvfrq0UR0.roa Signing time: Sat 13 Sep 2025 03:10:29 +0000 ROA not before: Sat 13 Sep 2025 03:10:29 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 138950 IP address blocks: 2404:6380::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8340 (0x2094) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Validity Not Before: Sep 13 03:10:29 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=211AFAF7943398306067C36ACD77EF7EBAB4511D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:df:f7:3b:0d:9e:4b:8b:7a:23:62:df:48:63: 61:8d:55:f3:de:7f:ca:c5:55:7e:3c:b1:4d:98:5e: 91:48:33:79:14:d9:72:a8:0a:b6:ed:1b:27:4c:b2: b7:9c:f7:0d:ce:41:fd:b3:63:10:fe:1a:2a:1e:4c: 27:13:bd:f2:4f:98:a7:e7:d6:55:20:58:25:4f:56: fb:24:d7:1f:18:39:3a:78:fa:7a:c8:f3:e9:8e:48: 00:45:22:12:ea:67:5c:fe:13:eb:2b:56:53:cc:74: 41:b9:5b:f2:36:e4:c7:f5:9d:ee:36:ca:e5:63:33: 1f:76:55:d5:07:b6:bd:72:c3:90:34:0f:44:6f:cf: 3c:a0:8c:be:51:06:3f:a3:b3:a5:01:54:2b:f7:ad: af:51:d6:d2:3a:63:f9:f2:4f:5d:fa:c9:0f:cf:85: 9f:1d:2f:4d:f3:b8:e4:a4:26:5a:68:23:84:ee:59: 70:16:08:d0:0e:b3:76:27:bc:f8:8c:6a:15:9e:23: 73:a1:72:70:ac:77:50:20:e1:f6:6a:38:23:f8:bc: 8c:e8:8a:fe:02:42:d9:04:71:59:b1:af:f4:5c:d3: c3:5c:32:6b:2d:e1:48:04:6c:26:82:e6:aa:3f:6a: 20:64:d6:23:6e:07:0a:a0:8a:dd:ab:22:75:a0:5f: 71:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:1A:FA:F7:94:33:98:30:60:67:C3:6A:CD:77:EF:7E:BA:B4:51:1D X509v3 Authority Key Identifier: keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/IRr695QzmDBgZ8NqzXfvfrq0UR0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:6380::/32 Signature Algorithm: sha256WithRSAEncryption b3:9a:5c:74:ae:67:59:b8:dd:af:cc:a0:53:2d:53:21:65:12: b2:9d:56:86:4d:e6:cf:dd:c1:a3:c7:fb:66:c7:14:f5:f5:79: 29:3f:e7:78:37:20:e6:9d:68:f6:a3:a7:fa:b3:f8:30:b3:fd: 86:d9:cd:63:49:5d:a4:3f:51:e0:94:d0:e1:0e:b0:13:b3:ad: 1a:bd:b8:38:b6:95:6a:85:77:a6:f5:48:9b:ad:8f:2c:c0:53: 03:4f:44:a2:fe:4d:83:1b:2b:ae:24:10:2d:6b:c7:53:46:c9: 9d:56:06:7c:32:9e:b5:9a:dc:a1:e9:93:13:5b:a8:44:f6:79: 06:9b:f1:6f:31:3d:3e:70:a6:e3:c9:4f:18:36:41:c7:38:07: 0e:8c:f0:a4:d5:25:e7:98:3d:64:37:72:1a:21:c7:28:3d:c6: 87:b5:16:df:88:b0:f5:35:de:9c:c6:21:ba:25:03:45:a9:e9: 6b:a3:79:e8:fe:59:df:c4:2e:2d:c0:81:3c:29:22:bf:0e:8d: 21:d3:a9:c3:6a:7f:29:a0:f9:72:04:78:d3:da:3c:7f:24:d0: 26:f2:44:79:65:a7:bf:09:ba:ac:32:b1:1f:52:26:fc:8e:f1: 80:f7:02:3e:57:7f:c0:6a:4e:61:07:0c:a6:49:2a:e6:b9:f1: 00:f9:08:63 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICIJQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNTA5MTMw MzEwMjlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDIxMUFGQUY3OTQzMzk4 MzA2MDY3QzM2QUNENzdFRjdFQkFCNDUxMUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCo3/c7DZ5Li3ojYt9IY2GNVfPef8rFVX48sU2YXpFIM3kU2XKo CrbtGydMsrec9w3OQf2zYxD+GioeTCcTvfJPmKfn1lUgWCVPVvsk1x8YOTp4+nrI 8+mOSABFIhLqZ1z+E+srVlPMdEG5W/I25Mf1ne42yuVjMx92VdUHtr1yw5A0D0Rv zzygjL5RBj+js6UBVCv3ra9R1tI6Y/nyT136yQ/PhZ8dL03zuOSkJlpoI4TuWXAW CNAOs3YnvPiMahWeI3OhcnCsd1Ag4fZqOCP4vIzoiv4CQtkEcVmxr/Rc08NcMmst 4UgEbCaC5qo/aiBk1iNuBwqgit2rInWgX3HBAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUIRr695QzmDBgZ8NqzXfvfrq0UR0wHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ +wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvSVJyNjk1UXptREJn WjhOcXpYZnZmcnEwVVIwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQEY4AwDQYJKoZIhvcNAQELBQADggEBALOaXHSuZ1m43a/MoFMtUyFlErKd VoZN5s/dwaPH+2bHFPX1eSk/53g3IOadaPajp/qz+DCz/YbZzWNJXaQ/UeCU0OEO sBOzrRq9uDi2lWqFd6b1SJutjyzAUwNPRKL+TYMbK64kEC1rx1NGyZ1WBnwynrWa 3KHpkxNbqET2eQab8W8xPT5wpuPJTxg2Qcc4Bw6M8KTVJeeYPWQ3chohxyg9xoe1 Ft+IsPU13pzGIbolA0Wp6Wujeej+Wd/ELi3AgTwpIr8OjSHTqcNqfymg+XIEeNPa PH8k0CbyRHllp78JuqwysR9SJvyO8YD3Aj5Xf8BqTmEHDKZJKua58QD5CGM= -----END CERTIFICATE-----Generated at Mon Oct 20 11:18:46 2025 by rpki-client