$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2894/8sM2BhPnO8PPejYybHxyhsAxBcc.roa File: 8sM2BhPnO8PPejYybHxyhsAxBcc.roa (raw, json) Hash identifier: /WMKJ8JzBl7rq5jagi2aE247eKQsHeZTEan6TkwFRGE= Subject key identifier: F2:C3:36:06:13:E7:3B:C3:CF:7A:36:32:6C:7C:72:86:C0:31:05:C7 Certificate issuer: /CN=839F557B9F9F2F6CDD75AFB4ABA8A2A796C610E8 Certificate serial: 18ED Authority key identifier: 83:9F:55:7B:9F:9F:2F:6C:DD:75:AF:B4:AB:A8:A2:A7:96:C6:10:E8 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g59Ve5-fL2zdda-0q6iip5bGEOg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/8sM2BhPnO8PPejYybHxyhsAxBcc.roa Signing time: Sat 06 Sep 2025 08:03:22 +0000 ROA not before: Sat 06 Sep 2025 08:03:22 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 146834 IP address blocks: 2404:e5c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/g59Ve5-fL2zdda-0q6iip5bGEOg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/g59Ve5-fL2zdda-0q6iip5bGEOg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g59Ve5-fL2zdda-0q6iip5bGEOg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:06:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6381 (0x18ed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=839F557B9F9F2F6CDD75AFB4ABA8A2A796C610E8 Validity Not Before: Sep 6 08:03:22 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=F2C3360613E73BC3CF7A36326C7C7286C03105C7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:51:3d:73:b8:d1:90:75:72:18:f9:c5:02:11: d4:b8:26:0f:f4:7c:c1:c3:f0:15:54:e0:55:59:45: 41:91:46:13:5b:47:45:a8:23:d0:a7:ce:e6:7c:75: 89:1f:c6:bd:83:d7:17:3f:dc:2b:a0:95:39:44:b9: 08:39:b6:fc:f3:78:91:ec:7b:60:58:90:3f:f6:28: 27:2b:73:29:09:33:ce:fe:3b:16:bc:53:69:0a:1d: 59:2a:44:bc:a0:12:66:d7:13:15:72:38:02:9b:bc: a1:6b:04:65:cc:30:c7:1c:eb:77:b7:91:61:ed:10: 29:39:ac:5a:a5:a7:c5:78:60:8f:04:88:d5:2c:ab: c1:39:72:01:10:b9:90:50:a2:b2:37:70:8f:bf:4f: c0:b8:42:f9:44:0d:de:28:d7:cf:46:fe:4a:bb:d2: 8a:fa:c3:ec:f9:3a:7c:a2:bf:a7:e5:e0:16:af:d6: c3:ba:d3:d4:7c:f0:4f:a4:31:07:33:2c:5e:f4:85: 72:0a:12:df:a5:5a:7d:3a:05:12:64:fd:99:0e:ee: c3:d0:f1:98:3b:96:46:c9:5b:15:26:02:50:d4:bf: 21:2c:7f:a6:c6:00:d5:c2:85:c3:2c:67:4d:5d:65: 9b:13:69:65:2d:5d:46:89:2e:79:22:18:ef:6e:ab: ed:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:C3:36:06:13:E7:3B:C3:CF:7A:36:32:6C:7C:72:86:C0:31:05:C7 X509v3 Authority Key Identifier: keyid:83:9F:55:7B:9F:9F:2F:6C:DD:75:AF:B4:AB:A8:A2:A7:96:C6:10:E8 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/g59Ve5-fL2zdda-0q6iip5bGEOg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g59Ve5-fL2zdda-0q6iip5bGEOg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2894/8sM2BhPnO8PPejYybHxyhsAxBcc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:e5c0::/32 Signature Algorithm: sha256WithRSAEncryption 9b:d1:a7:58:56:59:3c:e3:43:5f:db:5f:a1:70:b9:98:e6:74: 04:48:55:08:54:23:10:c9:64:dc:4e:e1:bf:ac:c8:8d:b1:a4: 24:8b:c3:8c:8f:cb:11:bd:e2:d4:b2:56:1c:ee:7b:0e:b2:21: e1:03:38:9b:bd:cc:60:46:f1:34:3f:d1:39:61:84:43:ed:6e: d2:1a:0c:9f:09:76:70:d5:70:a7:94:2d:cb:c2:5a:6f:56:74: e3:67:48:6b:05:4c:32:fa:89:8d:4f:77:d3:7b:e9:96:83:c7: d8:0a:03:b1:cc:9d:03:b7:41:fc:77:51:2c:5b:ba:65:b6:f9: d3:e0:1c:01:75:8e:22:02:9c:8a:a0:f9:2c:f6:cb:89:26:58: 1e:f0:0b:1a:5b:ae:c5:c4:7f:25:01:da:2b:c3:f3:a7:21:08: 68:3a:70:34:f8:8a:bd:b2:5c:89:c7:8d:dd:32:96:f7:93:1e: 8a:80:3f:1b:fe:50:ab:ac:ff:95:f9:e9:61:d4:6e:13:a4:b4: d0:6f:70:8a:12:bd:a7:a7:83:7f:16:07:79:e0:fc:69:29:34: a7:ec:52:bb:c7:50:06:43:50:95:73:91:dd:79:b8:b5:cd:53: 89:48:ec:1e:78:71:4b:8c:e5:95:8a:58:2f:c6:62:51:6a:14: a8:ef:65:33 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICGO0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODM5 RjU1N0I5RjlGMkY2Q0RENzVBRkI0QUJBOEEyQTc5NkM2MTBFODAeFw0yNTA5MDYw ODAzMjJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEYyQzMzNjA2MTNFNzNC QzNDRjdBMzYzMjZDN0M3Mjg2QzAzMTA1QzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC3UT1zuNGQdXIY+cUCEdS4Jg/0fMHD8BVU4FVZRUGRRhNbR0Wo I9CnzuZ8dYkfxr2D1xc/3CuglTlEuQg5tvzzeJHse2BYkD/2KCcrcykJM87+Oxa8 U2kKHVkqRLygEmbXExVyOAKbvKFrBGXMMMcc63e3kWHtECk5rFqlp8V4YI8EiNUs q8E5cgEQuZBQorI3cI+/T8C4QvlEDd4o189G/kq70or6w+z5Onyiv6fl4Bav1sO6 09R88E+kMQczLF70hXIKEt+lWn06BRJk/ZkO7sPQ8Zg7lkbJWxUmAlDUvyEsf6bG ANXChcMsZ01dZZsTaWUtXUaJLnkiGO9uq+2XAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQU8sM2BhPnO8PPejYybHxyhsAxBccwHwYDVR0jBBgwFoAUg59Ve5+fL2zdda+0 q6iip5bGEOgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg5 NC9nNTlWZTUtZkwyemRkYS0wcTZpaXA1YkdFT2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2c1OVZlNS1mTDJ6ZGRhLTBxNmlpcDViR0VPZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4OTQvOHNNMkJoUG5POFBQ ZWpZeWJIeHloc0F4QmNjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQE5cAwDQYJKoZIhvcNAQELBQADggEBAJvRp1hWWTzjQ1/bX6FwuZjmdARI VQhUIxDJZNxO4b+syI2xpCSLw4yPyxG94tSyVhzuew6yIeEDOJu9zGBG8TQ/0Tlh hEPtbtIaDJ8JdnDVcKeULcvCWm9WdONnSGsFTDL6iY1Pd9N76ZaDx9gKA7HMnQO3 Qfx3USxbumW2+dPgHAF1jiICnIqg+Sz2y4kmWB7wCxpbrsXEfyUB2ivD86chCGg6 cDT4ir2yXInHjd0ylveTHoqAPxv+UKus/5X56WHUbhOktNBvcIoSvaeng38WB3ng /GkpNKfsUrvHUAZDUJVzkd15uLXNU4lI7B54cUuM5ZWKWC/GYlFqFKjvZTM= -----END CERTIFICATE-----Generated at Mon Oct 20 16:58:12 2025 by rpki-client