$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2823/8TE8v6sgfvpd1X_6IRmdk76NkzI.roa File: 8TE8v6sgfvpd1X_6IRmdk76NkzI.roa (raw, json) Hash identifier: 98Ina/yIlrXeQWrycGAO4zbBvXtTzx9+i/347cLxVDc= Subject key identifier: F1:31:3C:BF:AB:20:7E:FA:5D:D5:7F:FA:21:19:9D:93:BE:8D:93:32 Certificate issuer: /CN=6647DAB6455116964FAC00012CCC83174D4E46E1 Certificate serial: 173F Authority key identifier: 66:47:DA:B6:45:51:16:96:4F:AC:00:01:2C:CC:83:17:4D:4E:46:E1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZkfatkVRFpZPrAABLMyDF01ORuE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/8TE8v6sgfvpd1X_6IRmdk76NkzI.roa Signing time: Sat 13 Sep 2025 03:03:05 +0000 ROA not before: Sat 13 Sep 2025 03:03:05 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137730 IP address blocks: 2403:d9c0::/48 maxlen: 48 2403:d9c0:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/ZkfatkVRFpZPrAABLMyDF01ORuE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/ZkfatkVRFpZPrAABLMyDF01ORuE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZkfatkVRFpZPrAABLMyDF01ORuE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:04:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5951 (0x173f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6647DAB6455116964FAC00012CCC83174D4E46E1 Validity Not Before: Sep 13 03:03:05 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=F1313CBFAB207EFA5DD57FFA21199D93BE8D9332 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:a7:72:a6:13:c1:df:07:07:41:6e:9f:41:c3: 81:b0:fb:fc:7a:82:ce:49:aa:66:26:63:74:37:05: 79:c6:cd:0c:ed:ac:3b:c6:41:16:e1:98:6c:63:20: 2c:de:8e:8f:b0:a4:a2:26:bc:38:47:49:40:d4:f7: 02:23:cf:fb:6b:67:e3:9d:39:20:05:28:2f:87:aa: 00:ee:1c:ce:8f:b3:2a:9a:5f:f1:cf:d2:c8:78:ac: 01:7e:b9:c5:12:29:6a:a2:78:07:c2:e4:63:0d:6f: f0:7d:20:c0:01:a0:82:c6:a1:6b:69:11:80:1b:e4: ba:78:be:c6:e5:ac:08:b6:19:32:6f:ae:f6:53:61: 27:4d:0b:1b:61:19:52:2f:30:a2:c3:65:15:9c:03: 78:16:5a:c6:61:a9:e8:14:f8:06:8c:50:c4:fb:fe: 47:c4:bb:07:ff:8b:a7:e0:03:b7:c2:09:27:f7:bb: c7:bf:c4:6e:87:ab:cf:97:f9:9d:06:82:eb:48:40: 27:e1:5c:88:41:da:50:a6:80:a4:eb:61:80:e3:4b: 48:0f:35:28:16:1e:9a:95:6b:cf:6d:2a:16:61:a0: 86:0e:f3:f5:d0:30:bd:20:79:4a:2b:34:d2:7a:e8: a7:ea:c5:3b:4a:dd:32:e4:11:95:22:47:d6:a6:6a: 77:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:31:3C:BF:AB:20:7E:FA:5D:D5:7F:FA:21:19:9D:93:BE:8D:93:32 X509v3 Authority Key Identifier: keyid:66:47:DA:B6:45:51:16:96:4F:AC:00:01:2C:CC:83:17:4D:4E:46:E1 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/ZkfatkVRFpZPrAABLMyDF01ORuE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZkfatkVRFpZPrAABLMyDF01ORuE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/8TE8v6sgfvpd1X_6IRmdk76NkzI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:d9c0::/48 2403:d9c0:2::/48 Signature Algorithm: sha256WithRSAEncryption 9e:cc:e0:d6:f4:b1:9d:84:ad:19:4f:a0:e4:91:91:da:a2:22: ad:bc:85:89:1c:1a:2a:a1:f5:fd:c1:a1:ae:3e:35:30:10:04: 98:7a:c3:9d:4c:c5:be:bf:00:b5:b8:66:e6:72:d5:c5:5e:40: 43:d8:ed:47:09:af:85:b1:02:0c:a7:6e:a8:a3:84:ae:bc:95: 4c:ea:08:f2:87:7c:8a:c3:e9:12:61:86:a8:26:32:12:e1:6a: f8:59:ef:90:44:89:6e:77:53:b8:e0:bd:c9:af:ba:dc:ef:f7: 93:fa:32:19:5f:42:17:cf:3a:09:05:0d:2b:7a:49:81:9b:b4: 35:8a:3a:9f:93:b6:cf:55:a8:f2:31:ed:8e:13:0b:b6:8f:d3: 73:32:d1:46:e7:78:b5:fd:ce:5f:18:2e:b5:9b:fe:8c:2b:7c: 9c:c9:3e:74:6e:ec:cc:90:30:04:bb:6d:8d:ee:16:af:45:2b: ab:d0:15:44:a5:97:10:14:56:13:17:41:3b:f9:72:91:68:98: 74:49:05:dd:27:63:e0:97:25:a8:d2:c7:9c:d5:ea:1e:c3:80: a2:d6:17:c4:89:38:d5:95:3d:f9:23:51:cf:99:8b:43:a9:72: 36:da:bf:2e:f4:ac:1f:94:a5:ab:08:e3:04:20:0b:f0:65:d6: 8e:bb:8f:7d -----BEGIN CERTIFICATE----- MIIE4zCCA8ugAwIBAgICFz8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjY0 N0RBQjY0NTUxMTY5NjRGQUMwMDAxMkNDQzgzMTc0RDRFNDZFMTAeFw0yNTA5MTMw MzAzMDVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEYxMzEzQ0JGQUIyMDdF RkE1REQ1N0ZGQTIxMTk5RDkzQkU4RDkzMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpp3KmE8HfBwdBbp9Bw4Gw+/x6gs5JqmYmY3Q3BXnGzQztrDvG QRbhmGxjICzejo+wpKImvDhHSUDU9wIjz/trZ+OdOSAFKC+HqgDuHM6PsyqaX/HP 0sh4rAF+ucUSKWqieAfC5GMNb/B9IMABoILGoWtpEYAb5Lp4vsblrAi2GTJvrvZT YSdNCxthGVIvMKLDZRWcA3gWWsZhqegU+AaMUMT7/kfEuwf/i6fgA7fCCSf3u8e/ xG6Hq8+X+Z0GgutIQCfhXIhB2lCmgKTrYYDjS0gPNSgWHpqVa89tKhZhoIYO8/XQ ML0geUorNNJ66KfqxTtK3TLkEZUiR9amanfbAgMBAAGjggH/MIIB+zAdBgNVHQ4E FgQU8TE8v6sgfvpd1X/6IRmdk76NkzIwHwYDVR0jBBgwFoAUZkfatkVRFpZPrAAB LMyDF01ORuEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgy My9aa2ZhdGtWUkZwWlByQUFCTE15REYwMU9SdUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1prZmF0a1ZSRnBaUHJBQUJMTXlERjAxT1J1RS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MjMvOFRFOHY2c2dmdnBk MVhfNklSbWRrNzZOa3pJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAIw EgMHACQD2cAAAAMHACQD2cAAAjANBgkqhkiG9w0BAQsFAAOCAQEAnszg1vSxnYSt GU+g5JGR2qIirbyFiRwaKqH1/cGhrj41MBAEmHrDnUzFvr8Atbhm5nLVxV5AQ9jt RwmvhbECDKduqKOErryVTOoI8od8isPpEmGGqCYyEuFq+FnvkESJbndTuOC9ya+6 3O/3k/oyGV9CF886CQUNK3pJgZu0NYo6n5O2z1Wo8jHtjhMLto/TczLRRud4tf3O XxgutZv+jCt8nMk+dG7szJAwBLttje4Wr0Urq9AVRKWXEBRWExdBO/lykWiYdEkF 3Sdj4JclqNLHnNXqHsOAotYXxIk41ZU9+SNRz5mLQ6lyNtq/LvSsH5SlqwjjBCAL 8GXWjruPfQ== -----END CERTIFICATE-----Generated at Mon Oct 20 16:09:02 2025 by rpki-client