$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2943/FkJpjdke1fIHURDzYE13_xW85Lg.roa File: FkJpjdke1fIHURDzYE13_xW85Lg.roa (raw, json) Hash identifier: m0WvvnMrqGB8ABEUOGujEt1Mq6tuAs96LMnlJwDYqWk= Subject key identifier: 16:42:69:8D:D9:1E:D5:F2:07:51:10:F3:60:4D:77:FF:15:BC:E4:B8 Certificate issuer: /CN=D5C2CE1261E59FD76D3E3FB00E5EBA8E44DA30C9 Certificate serial: 06D2 Authority key identifier: D5:C2:CE:12:61:E5:9F:D7:6D:3E:3F:B0:0E:5E:BA:8E:44:DA:30:C9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1cLOEmHln9dtPj-wDl66jkTaMMk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2943/FkJpjdke1fIHURDzYE13_xW85Lg.roa Signing time: Tue 30 Sep 2025 04:34:02 +0000 ROA not before: Tue 30 Sep 2025 04:34:02 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139148 IP address blocks: 2405:78c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2943/1cLOEmHln9dtPj-wDl66jkTaMMk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2943/1cLOEmHln9dtPj-wDl66jkTaMMk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1cLOEmHln9dtPj-wDl66jkTaMMk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1746 (0x6d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D5C2CE1261E59FD76D3E3FB00E5EBA8E44DA30C9 Validity Not Before: Sep 30 04:34:02 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=1642698DD91ED5F2075110F3604D77FF15BCE4B8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:17:72:e9:ce:40:96:78:ba:96:a5:f0:4c:35: e7:19:39:20:83:30:c8:ea:2b:cb:a6:e9:30:b5:6e: 23:1a:8d:5c:23:d1:19:c2:5b:11:6e:89:79:f8:1c: e2:1d:02:00:9c:56:78:96:34:3d:b5:3f:c4:75:86: b1:b5:18:1e:92:af:df:9c:70:51:4e:c7:90:d2:fb: a9:9e:d4:69:9b:4a:1a:a4:ef:a3:da:e7:d2:21:70: 5e:06:f7:c2:ba:55:f0:21:c6:4e:1f:12:a7:f6:08: 31:bf:0e:46:c2:25:a7:38:96:cc:f9:2d:54:2d:02: 0d:c3:bd:d0:1e:15:cf:9a:85:22:eb:a4:33:f3:f8: 49:f3:27:0a:05:c4:f0:1b:d1:9b:fa:6d:47:a9:eb: f2:fc:09:fa:f2:3f:3b:e1:64:29:4b:79:ea:ad:b1: 28:d8:2c:0c:f0:22:51:5f:64:9f:39:35:2e:1c:f7: 3a:f8:1b:59:79:4b:a0:d5:26:27:e3:33:4e:80:1e: 54:7c:31:47:30:e5:2b:87:72:4c:9f:e8:af:0d:b4: ba:ae:e2:0f:53:6a:ef:20:66:5f:8b:35:b2:6d:08: df:45:a7:de:87:d5:4f:30:84:96:3c:c6:83:56:88: ac:24:37:ae:11:68:d6:d6:69:1f:b6:e6:30:30:f1: 4b:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:42:69:8D:D9:1E:D5:F2:07:51:10:F3:60:4D:77:FF:15:BC:E4:B8 X509v3 Authority Key Identifier: keyid:D5:C2:CE:12:61:E5:9F:D7:6D:3E:3F:B0:0E:5E:BA:8E:44:DA:30:C9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2943/1cLOEmHln9dtPj-wDl66jkTaMMk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1cLOEmHln9dtPj-wDl66jkTaMMk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2943/FkJpjdke1fIHURDzYE13_xW85Lg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2405:78c0::/32 Signature Algorithm: sha256WithRSAEncryption 3c:4c:72:7b:a9:b7:8e:35:9a:86:02:8f:7a:d3:43:06:de:c3: 43:22:96:e1:52:31:98:bb:60:cb:89:41:19:0e:59:11:1a:1a: c1:4b:2d:a7:b8:84:d5:76:ba:0a:de:d5:5a:3a:a9:bd:ad:52: f0:7b:2c:06:a3:16:27:3f:67:9f:f3:68:fb:5d:35:b2:c3:fa: 83:ce:18:4a:01:18:47:5c:d1:2e:d9:7e:a9:54:bc:18:d0:d8: 6a:16:99:92:72:1f:eb:4b:72:91:d4:1d:3d:70:79:d5:82:80: 0f:54:26:a6:d2:58:2c:43:d9:dd:70:ed:52:22:11:f5:4a:ee: 8b:a0:cf:d1:72:ce:fe:e6:93:85:4b:e7:8f:a6:9e:cd:03:6a: 9b:a4:29:7c:49:35:bd:b1:49:56:cd:f0:5c:47:b4:6f:36:94: e3:8d:98:75:f8:d1:7e:ae:89:35:59:7e:f9:91:03:7a:aa:e7: 06:91:c6:fc:f3:ac:e2:76:0c:81:16:53:8c:bf:f8:11:25:54: e0:b7:23:0a:cd:86:4e:3b:dd:d6:0d:9b:5c:d9:51:c8:93:0e: 61:de:a7:72:98:48:26:a8:2c:63:38:b3:9e:47:55:79:e2:74: 86:5c:63:2b:ff:16:c2:19:04:bc:84:b0:ee:d5:a0:5c:3a:8f: c5:21:cb:34 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICBtIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDVD MkNFMTI2MUU1OUZENzZEM0UzRkIwMEU1RUJBOEU0NERBMzBDOTAeFw0yNTA5MzAw NDM0MDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDE2NDI2OThERDkxRUQ1 RjIwNzUxMTBGMzYwNEQ3N0ZGMTVCQ0U0QjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6F3LpzkCWeLqWpfBMNecZOSCDMMjqK8um6TC1biMajVwj0RnC WxFuiXn4HOIdAgCcVniWND21P8R1hrG1GB6Sr9+ccFFOx5DS+6me1GmbShqk76Pa 59IhcF4G98K6VfAhxk4fEqf2CDG/DkbCJac4lsz5LVQtAg3DvdAeFc+ahSLrpDPz +EnzJwoFxPAb0Zv6bUep6/L8CfryPzvhZClLeeqtsSjYLAzwIlFfZJ85NS4c9zr4 G1l5S6DVJifjM06AHlR8MUcw5SuHckyf6K8NtLqu4g9Tau8gZl+LNbJtCN9Fp96H 1U8whJY8xoNWiKwkN64RaNbWaR+25jAw8UsnAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUFkJpjdke1fIHURDzYE13/xW85LgwHwYDVR0jBBgwFoAU1cLOEmHln9dtPj+w Dl66jkTaMMkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk0 My8xY0xPRW1IbG45ZHRQai13RGw2NmprVGFNTWsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzFjTE9FbUhsbjlkdFBqLXdEbDY2amtUYU1Nay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5NDMvRmtKcGpka2UxZklI VVJEellFMTNfeFc4NUxnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQFeMAwDQYJKoZIhvcNAQELBQADggEBADxMcnupt441moYCj3rTQwbew0Mi luFSMZi7YMuJQRkOWREaGsFLLae4hNV2ugre1Vo6qb2tUvB7LAajFic/Z5/zaPtd NbLD+oPOGEoBGEdc0S7ZfqlUvBjQ2GoWmZJyH+tLcpHUHT1wedWCgA9UJqbSWCxD 2d1w7VIiEfVK7ougz9Fyzv7mk4VL54+mns0DapukKXxJNb2xSVbN8FxHtG82lOON mHX40X6uiTVZfvmRA3qq5waRxvzzrOJ2DIEWU4y/+BElVOC3IwrNhk473dYNm1zZ UciTDmHep3KYSCaoLGM4s55HVXnidIZcYyv/FsIZBLyEsO7VoFw6j8UhyzQ= -----END CERTIFICATE-----Generated at Mon Oct 20 19:56:03 2025 by rpki-client