$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2738/s_MU91GHNpBhlTzN1HTTn59KNKQ.roa File: s_MU91GHNpBhlTzN1HTTn59KNKQ.roa (raw, json) Hash identifier: IgVjsa+d0mY9flUNFa23ishGosZBgOtinh3QUA1XnD8= Subject key identifier: B3:F3:14:F7:51:87:36:90:61:95:3C:CD:D4:74:D3:9F:9F:4A:34:A4 Certificate issuer: /CN=8E3E027142C633D56598418DF6DEBC01BDD8008C Certificate serial: 1740 Authority key identifier: 8E:3E:02:71:42:C6:33:D5:65:98:41:8D:F6:DE:BC:01:BD:D8:00:8C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/jj4CcULGM9VlmEGN9t68Ab3YAIw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2738/s_MU91GHNpBhlTzN1HTTn59KNKQ.roa Signing time: Sat 13 Sep 2025 03:04:13 +0000 ROA not before: Sat 13 Sep 2025 03:04:13 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137798 IP address blocks: 2402:f8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2738/jj4CcULGM9VlmEGN9t68Ab3YAIw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2738/jj4CcULGM9VlmEGN9t68Ab3YAIw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/jj4CcULGM9VlmEGN9t68Ab3YAIw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5952 (0x1740) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8E3E027142C633D56598418DF6DEBC01BDD8008C Validity Not Before: Sep 13 03:04:13 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=B3F314F75187369061953CCDD474D39F9F4A34A4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:68:90:d0:1a:08:62:98:33:31:ae:b1:91:20: 8b:da:a7:ff:89:90:d4:46:0d:bc:f5:d2:a0:2c:2d: 30:27:c4:1e:60:69:2d:4a:cc:7e:60:70:63:72:00: 4c:a6:82:2d:9c:24:c8:3f:be:f5:be:5f:75:2e:54: f1:4e:19:0d:10:49:b3:78:54:31:c3:dd:66:59:dc: 18:ab:a5:c5:30:fd:59:d5:15:06:49:bb:d1:9f:d7: 1b:f6:ed:a1:11:5d:22:0a:01:cd:a5:db:3d:03:7d: b7:67:1e:6b:47:1e:69:4c:fe:b5:96:2a:8e:2c:64: 82:89:98:e7:d5:6e:7c:68:73:82:00:39:1f:35:36: 17:5b:20:7c:a8:d4:8c:b7:71:dc:d8:18:e4:73:26: c6:2d:e5:8a:73:09:90:f8:41:c9:38:21:ed:2c:ff: 1a:d0:43:95:29:31:d9:54:76:e7:69:d8:54:43:dd: c4:94:72:71:3d:74:66:84:50:f4:af:c8:8a:a9:c1: 16:33:21:f6:ba:fc:47:9b:62:ca:bb:81:d0:5f:54: 95:b1:44:3d:86:5f:19:f3:96:37:e9:43:bf:f2:c1: 8b:d2:36:31:a2:be:e8:1c:54:68:9f:89:01:51:47: d3:05:ee:7a:f6:f7:3b:e6:ff:de:08:22:ef:06:a2: 8e:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:F3:14:F7:51:87:36:90:61:95:3C:CD:D4:74:D3:9F:9F:4A:34:A4 X509v3 Authority Key Identifier: keyid:8E:3E:02:71:42:C6:33:D5:65:98:41:8D:F6:DE:BC:01:BD:D8:00:8C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2738/jj4CcULGM9VlmEGN9t68Ab3YAIw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/jj4CcULGM9VlmEGN9t68Ab3YAIw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2738/s_MU91GHNpBhlTzN1HTTn59KNKQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:f8c0::/48 Signature Algorithm: sha256WithRSAEncryption d8:85:42:cb:c7:b3:95:94:38:8b:70:4c:6a:82:10:b0:70:0a: 2f:cf:d2:30:c6:43:c3:5e:30:4d:80:42:df:19:93:5a:59:0c: d6:0a:9c:2d:6c:d2:12:0c:ad:d8:a7:06:63:ec:03:cb:ed:05: 36:89:55:65:b6:9b:48:08:44:33:14:31:2e:43:1d:69:19:c6: ff:a6:0f:b1:dd:9f:33:c8:97:42:0a:0f:d9:e9:51:98:af:ab: 7f:88:9e:16:9e:64:bc:3f:ed:db:c9:8d:57:c0:73:66:f8:91: 09:95:26:f5:a3:00:d8:f0:01:56:ec:42:9d:52:c8:17:87:b8: 23:c7:38:34:f7:13:96:7e:e1:38:d6:80:60:b5:cf:de:53:0c: 6d:1b:51:a1:e7:0c:9a:ee:f4:0e:46:4f:e2:6d:af:ad:06:1d: a7:72:34:ba:1e:21:4d:58:d8:78:60:17:f6:99:72:e2:ea:ee: 53:8c:df:fb:a0:92:73:62:8a:79:08:e2:bf:a1:ae:4a:35:86: 01:92:80:1c:24:9b:4e:4b:d2:85:17:44:78:89:4f:a7:2c:be: 61:df:a7:fb:3e:dd:84:56:49:c9:74:79:22:a9:71:a2:87:2c: 87:0d:4b:74:aa:2c:ef:84:67:40:b2:e3:f4:cf:61:f0:ac:ed: b4:03:86:7a -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICF0AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEUz RTAyNzE0MkM2MzNENTY1OTg0MThERjZERUJDMDFCREQ4MDA4QzAeFw0yNTA5MTMw MzA0MTNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEIzRjMxNEY3NTE4NzM2 OTA2MTk1M0NDREQ0NzREMzlGOUY0QTM0QTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtaJDQGghimDMxrrGRIIvap/+JkNRGDbz10qAsLTAnxB5gaS1K zH5gcGNyAEymgi2cJMg/vvW+X3UuVPFOGQ0QSbN4VDHD3WZZ3BirpcUw/VnVFQZJ u9Gf1xv27aERXSIKAc2l2z0DfbdnHmtHHmlM/rWWKo4sZIKJmOfVbnxoc4IAOR81 NhdbIHyo1Iy3cdzYGORzJsYt5YpzCZD4Qck4Ie0s/xrQQ5UpMdlUdudp2FRD3cSU cnE9dGaEUPSvyIqpwRYzIfa6/EebYsq7gdBfVJWxRD2GXxnzljfpQ7/ywYvSNjGi vugcVGifiQFRR9MF7nr29zvm/94IIu8Goo63AgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUs/MU91GHNpBhlTzN1HTTn59KNKQwHwYDVR0jBBgwFoAUjj4CcULGM9VlmEGN 9t68Ab3YAIwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcz OC9qajRDY1VMR005VmxtRUdOOXQ2OEFiM1lBSXcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2pqNENjVUxHTTlWbG1FR045dDY4QWIzWUFJdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3Mzgvc19NVTkxR0hOcEJo bFR6TjFIVFRuNTlLTktRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQC+MAAADANBgkqhkiG9w0BAQsFAAOCAQEA2IVCy8ezlZQ4i3BMaoIQsHAK L8/SMMZDw14wTYBC3xmTWlkM1gqcLWzSEgyt2KcGY+wDy+0FNolVZbabSAhEMxQx LkMdaRnG/6YPsd2fM8iXQgoP2elRmK+rf4ieFp5kvD/t28mNV8BzZviRCZUm9aMA 2PABVuxCnVLIF4e4I8c4NPcTln7hONaAYLXP3lMMbRtRoecMmu70DkZP4m2vrQYd p3I0uh4hTVjYeGAX9ply4uruU4zf+6CSc2KKeQjiv6GuSjWGAZKAHCSbTkvShRdE eIlPpyy+Yd+n+z7dhFZJyXR5Iqlxoocshw1LdKos74RnQLLj9M9h8KzttAOGeg== -----END CERTIFICATE-----Generated at Mon Oct 20 19:50:44 2025 by rpki-client