$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2522/y_hqEei13C9t2vq8rsaCvl9-lgs.roa File: y_hqEei13C9t2vq8rsaCvl9-lgs.roa (raw, json) Hash identifier: fMZ/YnCG7pCMsciyeqx0E4p7I1WQhy9tpLxN3uIBH8s= Subject key identifier: CB:F8:6A:11:E8:B5:DC:2F:6D:DA:FA:BC:AE:C6:82:BE:5F:7E:96:0B Certificate issuer: /CN=4087DAB67172836B082075CE18BE5E5FA45D5E95 Certificate serial: 207F Authority key identifier: 40:87:DA:B6:71:72:83:6B:08:20:75:CE:18:BE:5E:5F:A4:5D:5E:95 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/y_hqEei13C9t2vq8rsaCvl9-lgs.roa Signing time: Sat 13 Sep 2025 03:04:34 +0000 ROA not before: Sat 13 Sep 2025 03:04:34 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 131567 IP address blocks: 2401:7240::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8319 (0x207f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4087DAB67172836B082075CE18BE5E5FA45D5E95 Validity Not Before: Sep 13 03:04:34 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CBF86A11E8B5DC2F6DDAFABCAEC682BE5F7E960B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:8d:e2:2c:05:62:22:e8:17:9c:cf:18:13:b3: a0:bd:8f:dd:c2:4e:e4:a6:0e:39:6d:c1:2e:90:27: 1c:ec:c4:5a:8e:74:0f:18:d6:49:51:22:0f:a7:b3: 76:24:cd:a3:90:f3:9a:80:2c:10:a7:b7:23:60:d3: 6d:0e:d9:4d:d5:ee:72:c7:0e:83:6a:60:15:39:8a: a7:86:3a:7f:9b:75:e0:2c:8d:c9:62:0b:b2:9f:96: 1b:23:4c:3f:06:a2:b7:58:64:c8:86:0c:5f:62:d6: ab:c8:3f:5b:84:7b:61:4c:d3:ce:69:23:1f:ea:f0: 81:fb:61:1c:4b:23:af:e3:0b:48:d7:74:7f:8f:29: 1d:09:ba:09:f3:cb:f1:45:af:1f:9d:50:43:6f:d9: 93:07:20:4d:8f:7a:6e:82:84:a7:54:bb:78:1a:13: 75:4a:9d:ce:1b:82:43:03:58:b3:61:9e:a5:bf:06: fd:f5:e9:3b:4a:ce:98:c7:38:a4:f8:96:fb:03:6d: 11:5b:78:fa:93:65:5f:57:d2:19:e5:82:84:57:8d: fb:43:cc:a5:40:00:9a:0b:84:0e:a3:2c:34:27:67: c1:c3:48:1a:8e:8d:fc:83:64:a3:21:12:7d:24:33: 9c:dd:0e:91:6f:0d:77:c4:ae:1e:95:63:a9:92:56: 5f:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:F8:6A:11:E8:B5:DC:2F:6D:DA:FA:BC:AE:C6:82:BE:5F:7E:96:0B X509v3 Authority Key Identifier: keyid:40:87:DA:B6:71:72:83:6B:08:20:75:CE:18:BE:5E:5F:A4:5D:5E:95 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/y_hqEei13C9t2vq8rsaCvl9-lgs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:7240::/32 Signature Algorithm: sha256WithRSAEncryption b2:5c:1c:b1:b1:bb:6c:92:2f:62:3e:3f:a0:e2:b6:01:ef:23: 41:a5:db:41:70:b2:90:95:52:5d:7f:d8:23:1f:91:5b:36:0c: 38:d3:7d:b0:a2:a8:b0:23:d0:33:34:54:cc:c7:96:93:73:e3: e9:4a:16:7a:73:80:e4:0b:6c:d3:b1:2d:e0:e9:8d:7c:1d:c9: 0e:bc:d6:81:e0:82:e6:69:05:f8:70:d4:46:c9:40:38:2d:94: 32:d2:df:e6:d7:27:b2:8d:59:95:bd:f8:8e:03:37:aa:2c:8f: 2b:db:4b:02:e5:de:1e:45:9d:0a:77:41:b0:e0:eb:ef:70:0a: 1e:5f:92:b7:ea:9c:a7:96:32:9a:5a:23:5b:76:69:f3:c0:de: 30:66:ec:b6:46:8a:66:78:5b:22:cb:44:4a:3f:70:23:f1:a6: d1:5d:17:93:82:5c:d1:5c:68:2f:13:41:a2:49:c0:35:eb:4e: 15:53:12:c6:5f:8f:ef:53:1a:0b:3a:ff:f9:d8:15:31:d0:8d: e9:fe:47:3f:17:61:01:8b:ff:b5:a2:68:d2:69:8d:6b:08:55: 07:58:18:c6:b3:d0:64:6a:d1:c6:0c:9c:26:b3:74:52:a0:92: 1f:0d:57:9e:49:40:68:4a:7b:61:c6:ac:08:86:6d:e7:f3:18: 48:99:7e:3f -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICIH8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDA4 N0RBQjY3MTcyODM2QjA4MjA3NUNFMThCRTVFNUZBNDVENUU5NTAeFw0yNTA5MTMw MzA0MzRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENCRjg2QTExRThCNURD MkY2RERBRkFCQ0FFQzY4MkJFNUY3RTk2MEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9jeIsBWIi6BeczxgTs6C9j93CTuSmDjltwS6QJxzsxFqOdA8Y 1klRIg+ns3YkzaOQ85qALBCntyNg020O2U3V7nLHDoNqYBU5iqeGOn+bdeAsjcli C7KflhsjTD8GordYZMiGDF9i1qvIP1uEe2FM085pIx/q8IH7YRxLI6/jC0jXdH+P KR0Jugnzy/FFrx+dUENv2ZMHIE2Pem6ChKdUu3gaE3VKnc4bgkMDWLNhnqW/Bv31 6TtKzpjHOKT4lvsDbRFbePqTZV9X0hnlgoRXjftDzKVAAJoLhA6jLDQnZ8HDSBqO jfyDZKMhEn0kM5zdDpFvDXfErh6VY6mSVl/RAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUy/hqEei13C9t2vq8rsaCvl9+lgswHwYDVR0jBBgwFoAUQIfatnFyg2sIIHXO GL5eX6RdXpUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUy Mi9RSWZhdG5GeWcyc0lJSFhPR0w1ZVg2UmRYcFUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1FJZmF0bkZ5ZzJzSUlIWE9HTDVlWDZSZFhwVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MjIveV9ocUVlaTEzQzl0 MnZxOHJzYUN2bDktbGdzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQBckAwDQYJKoZIhvcNAQELBQADggEBALJcHLGxu2ySL2I+P6DitgHvI0Gl 20FwspCVUl1/2CMfkVs2DDjTfbCiqLAj0DM0VMzHlpNz4+lKFnpzgOQLbNOxLeDp jXwdyQ681oHgguZpBfhw1EbJQDgtlDLS3+bXJ7KNWZW9+I4DN6osjyvbSwLl3h5F nQp3QbDg6+9wCh5fkrfqnKeWMppaI1t2afPA3jBm7LZGimZ4WyLLREo/cCPxptFd F5OCXNFcaC8TQaJJwDXrThVTEsZfj+9TGgs6//nYFTHQjen+Rz8XYQGL/7WiaNJp jWsIVQdYGMaz0GRq0cYMnCazdFKgkh8NV55JQGhKe2HGrAiGbefzGEiZfj8= -----END CERTIFICATE-----Generated at Mon Oct 20 22:35:25 2025 by rpki-client