$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/27/aVTN-qNwRozZt36ArshpmDXx0vM.roa File: aVTN-qNwRozZt36ArshpmDXx0vM.roa (raw, json) Hash identifier: CYQAt9Bb/xP653vpZ4vy+xW+gUj2bdrDgCV5WzAbI34= Subject key identifier: 69:54:CD:FA:A3:70:46:8C:D9:B7:7E:80:AE:C8:69:98:35:F1:D2:F3 Certificate issuer: /CN=39E47899249325DB499BFC6910919D2F36003E9A Certificate serial: 1F84 Authority key identifier: 39:E4:78:99:24:93:25:DB:49:9B:FC:69:10:91:9D:2F:36:00:3E:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OeR4mSSTJdtJm_xpEJGdLzYAPpo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27/aVTN-qNwRozZt36ArshpmDXx0vM.roa Signing time: Sat 13 Sep 2025 03:05:47 +0000 ROA not before: Sat 13 Sep 2025 03:05:47 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 17964 IP address blocks: 2403:8880::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27/OeR4mSSTJdtJm_xpEJGdLzYAPpo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27/OeR4mSSTJdtJm_xpEJGdLzYAPpo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OeR4mSSTJdtJm_xpEJGdLzYAPpo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:05:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8068 (0x1f84) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39E47899249325DB499BFC6910919D2F36003E9A Validity Not Before: Sep 13 03:05:47 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=6954CDFAA370468CD9B77E80AEC8699835F1D2F3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:68:6e:a2:b0:35:bc:9f:b5:58:07:b9:45:30: 1b:70:5d:01:92:d1:29:51:71:38:6e:88:9d:f0:c5: e8:e8:cf:b9:8c:cd:53:3d:27:8d:b6:e0:a3:a9:57: d0:ba:47:92:a2:a0:3e:2e:3e:55:2d:b0:d8:ac:5e: 9d:ba:6a:99:e8:f9:f1:22:b4:4d:5c:14:62:67:12: 00:85:fd:24:20:78:39:1a:9d:26:23:e0:f8:27:af: 93:86:ab:a8:a4:9d:43:85:e4:c0:80:fb:51:06:7e: 1d:61:e4:a4:be:c1:20:90:2b:1e:52:10:14:04:73: 07:9c:7d:c0:1a:ed:24:53:4f:4a:8f:3c:48:6d:7b: 12:76:ba:90:ed:4e:89:9b:25:9e:33:ab:10:f2:99: 16:23:01:78:62:e0:35:a3:6b:eb:ff:12:bf:b8:da: 44:95:e7:29:df:bf:d6:71:db:6b:e6:82:a5:70:fb: 4e:f4:a3:62:97:ae:90:4d:ba:83:45:ee:83:c5:98: 91:eb:2a:61:e8:19:37:e9:c2:b9:18:33:46:72:4e: 5b:7f:06:85:d5:6f:75:fd:1c:4f:a9:75:b8:dc:55: 95:b3:81:a6:d7:76:60:c3:c0:f9:05:4f:42:15:30: 86:e8:47:05:66:62:25:78:b4:91:dd:92:a8:3a:f3: 09:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:54:CD:FA:A3:70:46:8C:D9:B7:7E:80:AE:C8:69:98:35:F1:D2:F3 X509v3 Authority Key Identifier: keyid:39:E4:78:99:24:93:25:DB:49:9B:FC:69:10:91:9D:2F:36:00:3E:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27/OeR4mSSTJdtJm_xpEJGdLzYAPpo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OeR4mSSTJdtJm_xpEJGdLzYAPpo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27/aVTN-qNwRozZt36ArshpmDXx0vM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:8880::/32 Signature Algorithm: sha256WithRSAEncryption 4b:78:4b:9c:c2:0a:5d:33:d5:2b:a4:16:40:9e:64:c2:8f:4b: 30:e5:d5:59:01:03:59:24:4a:dc:12:09:5f:e6:28:73:3a:18: 52:2d:66:a2:07:d9:b5:1e:1c:72:b0:f5:22:e4:1a:87:40:95: f7:77:66:7f:9d:40:7f:29:3e:a7:97:5c:40:fd:45:1d:e6:04: 97:e3:bf:22:03:e8:1c:8c:07:ff:cd:09:48:69:cb:25:0a:6e: db:d1:59:07:94:b5:68:0d:2b:2a:5b:37:f2:09:77:a2:84:eb: 50:6e:7c:cc:54:c7:c4:8b:c9:b5:93:45:6c:dc:16:36:1c:62: 97:f8:3d:74:e1:99:8d:5e:10:ca:6f:ca:bf:be:17:1a:51:2f: 3d:2b:95:4d:05:d0:2d:db:a8:f3:01:40:e8:e6:c2:75:8f:e1: a4:6f:16:d0:7c:b2:e2:b3:2b:c8:a7:98:7f:76:07:0a:a5:c9: 3c:b5:c6:a6:75:6b:04:21:9b:d1:e4:77:38:4d:19:29:e3:48: 7f:fd:3f:c8:d9:fb:da:42:35:ea:5c:68:3f:c4:70:24:d9:9c: 70:12:9b:a2:40:15:48:8c:43:3b:4f:4e:fc:b3:27:a2:a7:4e: b0:b2:5f:99:7f:06:9f:88:32:48:9f:6a:37:5d:21:af:ec:f3: 46:a2:30:c6 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICH4QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF NDc4OTkyNDkzMjVEQjQ5OUJGQzY5MTA5MTlEMkYzNjAwM0U5QTAeFw0yNTA5MTMw MzA1NDdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDY5NTRDREZBQTM3MDQ2 OENEOUI3N0U4MEFFQzg2OTk4MzVGMUQyRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpaG6isDW8n7VYB7lFMBtwXQGS0SlRcThuiJ3wxejoz7mMzVM9 J4224KOpV9C6R5KioD4uPlUtsNisXp26apno+fEitE1cFGJnEgCF/SQgeDkanSYj 4Pgnr5OGq6iknUOF5MCA+1EGfh1h5KS+wSCQKx5SEBQEcwecfcAa7SRTT0qPPEht exJ2upDtTombJZ4zqxDymRYjAXhi4DWja+v/Er+42kSV5ynfv9Zx22vmgqVw+070 o2KXrpBNuoNF7oPFmJHrKmHoGTfpwrkYM0ZyTlt/BoXVb3X9HE+pdbjcVZWzgabX dmDDwPkFT0IVMIboRwVmYiV4tJHdkqg68wkNAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUaVTN+qNwRozZt36ArshpmDXx0vMwHwYDVR0jBBgwFoAUOeR4mSSTJdtJm/xp EJGdLzYAPpowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcv T2VSNG1TU1RKZHRKbV94cEVKR2RMellBUHBvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9PZVI0bVNTVEpkdEptX3hwRUpHZEx6WUFQcG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNy9hVlROLXFOd1Jvelp0MzZB cnNocG1EWHgwdk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA JAOIgDANBgkqhkiG9w0BAQsFAAOCAQEAS3hLnMIKXTPVK6QWQJ5kwo9LMOXVWQED WSRK3BIJX+YoczoYUi1mogfZtR4ccrD1IuQah0CV93dmf51Afyk+p5dcQP1FHeYE l+O/IgPoHIwH/80JSGnLJQpu29FZB5S1aA0rKls38gl3ooTrUG58zFTHxIvJtZNF bNwWNhxil/g9dOGZjV4Qym/Kv74XGlEvPSuVTQXQLduo8wFA6ObCdY/hpG8W0Hyy 4rMryKeYf3YHCqXJPLXGpnVrBCGb0eR3OE0ZKeNIf/0/yNn72kI16lxoP8RwJNmc cBKbokAVSIxDO09O/LMnoqdOsLJfmX8Gn4gySJ9qN10hr+zzRqIwxg== -----END CERTIFICATE-----Generated at Mon Oct 20 17:59:00 2025 by rpki-client