$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2972/rQKvb1lXH1c4bNEw10BfeeCllHs.roa File: rQKvb1lXH1c4bNEw10BfeeCllHs.roa (raw, json) Hash identifier: 8OQWQtkZaG38Cf7QP4OxXvHEUWrAzh4iUe3Z9rIcvNk= Subject key identifier: AD:02:AF:6F:59:57:1F:57:38:6C:D1:30:D7:40:5F:79:E0:A5:94:7B Certificate issuer: /CN=A8EBEAD4B13A791850CAF7914EA30D0F5036C3E7 Certificate serial: 05 Authority key identifier: A8:EB:EA:D4:B1:3A:79:18:50:CA:F7:91:4E:A3:0D:0F:50:36:C3:E7 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qOvq1LE6eRhQyveRTqMND1A2w-c.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2972/rQKvb1lXH1c4bNEw10BfeeCllHs.roa Signing time: Wed 15 Oct 2025 07:43:33 +0000 ROA not before: Wed 15 Oct 2025 07:43:33 +0000 ROA not after: Thu 15 Oct 2026 07:34:23 +0000 asID: 139138 IP address blocks: 2406:b640:100::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2972/qOvq1LE6eRhQyveRTqMND1A2w-c.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2972/qOvq1LE6eRhQyveRTqMND1A2w-c.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qOvq1LE6eRhQyveRTqMND1A2w-c.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 04:07:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5 (0x5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A8EBEAD4B13A791850CAF7914EA30D0F5036C3E7 Validity Not Before: Oct 15 07:43:33 2025 GMT Not After : Oct 15 07:34:23 2026 GMT Subject: CN=AD02AF6F59571F57386CD130D7405F79E0A5947B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:43:f7:09:69:14:cb:a5:a3:e5:68:f0:ab:fe: 00:f3:a8:70:20:cf:47:27:28:15:f9:51:5a:e8:9d: 89:c4:9b:2d:e8:ce:2d:92:b4:74:ae:a5:99:9d:1f: e5:ae:e1:01:df:a3:f3:25:77:18:f7:58:aa:10:55: 18:07:dc:12:1b:57:7a:13:97:91:2f:14:ec:36:05: 64:ce:ea:d4:a3:a2:bd:bb:8e:e0:2e:01:7a:4a:a8: f7:d6:67:e1:39:d8:59:f9:43:07:9b:6f:db:81:c8: 9b:92:a5:e5:23:59:12:43:25:d8:d6:06:10:3b:ef: 4f:6c:4d:83:bc:d1:37:a1:7c:38:60:57:9c:de:fb: 89:a5:69:e2:ab:80:e6:10:e9:c9:a7:b9:45:d8:52: 1f:2c:44:c3:52:fb:ba:41:d9:82:8a:18:c2:4f:19: 05:73:41:7a:64:c4:19:54:28:70:54:76:6a:d2:06: b6:84:00:af:fe:23:00:f3:59:6b:cf:75:07:26:b8: 88:4c:08:f6:ba:5a:78:2f:38:97:c8:a1:28:7c:6d: 43:73:c3:7a:0a:e7:39:d9:dc:19:e0:81:04:cf:34: 3c:be:ca:2f:82:f4:9d:86:af:3b:a8:80:be:d7:53: 69:b7:f7:67:d8:e4:4c:42:b9:20:e1:3f:19:85:ed: ba:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:02:AF:6F:59:57:1F:57:38:6C:D1:30:D7:40:5F:79:E0:A5:94:7B X509v3 Authority Key Identifier: keyid:A8:EB:EA:D4:B1:3A:79:18:50:CA:F7:91:4E:A3:0D:0F:50:36:C3:E7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2972/qOvq1LE6eRhQyveRTqMND1A2w-c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qOvq1LE6eRhQyveRTqMND1A2w-c.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2972/rQKvb1lXH1c4bNEw10BfeeCllHs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:b640:100::/48 Signature Algorithm: sha256WithRSAEncryption 04:a7:a4:80:dd:c5:09:bd:88:d0:23:50:82:f3:4b:31:bb:e1: f5:d9:42:4b:db:42:fe:99:69:84:24:58:11:3f:aa:bd:2a:a7: 1d:3c:5f:ec:8b:0a:41:0a:fb:12:03:43:2a:95:6b:f3:d5:42: 6e:d7:a7:60:7d:5d:0f:3d:df:7a:ef:5e:69:97:67:32:37:da: e9:10:66:cb:1f:48:33:6d:f8:aa:81:53:c6:0c:4a:a8:76:f9: a2:57:d4:21:16:5a:1b:fd:e2:af:7b:e6:34:3e:0a:b0:cd:09: 75:1c:bf:0d:20:50:23:ea:8f:25:6c:12:bd:be:b3:df:97:a2: 09:e4:53:9a:e3:12:45:aa:cd:82:8b:f2:c0:2d:95:21:8f:23: f6:15:6f:a3:7f:a6:c5:36:f5:58:6d:50:b4:68:15:3a:cc:23: 47:80:e7:36:13:2d:e3:11:fc:ac:d1:b7:ad:ad:e5:0a:a0:37: 82:af:01:c1:29:5c:ec:fd:02:d2:56:21:fa:43:00:98:6c:ba: 25:48:79:77:1c:ba:f5:e2:61:45:52:36:0e:e2:f0:ea:2f:16: 16:67:3d:6b:94:9d:ff:73:cf:c1:3c:17:0a:98:ac:a6:bc:79: 71:e2:ff:50:bb:fc:9a:c3:ab:9f:a7:a1:3d:bb:1e:29:92:a4: 1a:d7:a9:09 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIBBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBOEVC RUFENEIxM0E3OTE4NTBDQUY3OTE0RUEzMEQwRjUwMzZDM0U3MB4XDTI1MTAxNTA3 NDMzM1oXDTI2MTAxNTA3MzQyM1owMzExMC8GA1UEAxMoQUQwMkFGNkY1OTU3MUY1 NzM4NkNEMTMwRDc0MDVGNzlFMEE1OTQ3QjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANBD9wlpFMulo+Vo8Kv+APOocCDPRycoFflRWuidicSbLejOLZK0 dK6lmZ0f5a7hAd+j8yV3GPdYqhBVGAfcEhtXehOXkS8U7DYFZM7q1KOivbuO4C4B ekqo99Zn4TnYWflDB5tv24HIm5Kl5SNZEkMl2NYGEDvvT2xNg7zRN6F8OGBXnN77 iaVp4quA5hDpyae5RdhSHyxEw1L7ukHZgooYwk8ZBXNBemTEGVQocFR2atIGtoQA r/4jAPNZa891Bya4iEwI9rpaeC84l8ihKHxtQ3PDegrnOdncGeCBBM80PL7KL4L0 nYavO6iAvtdTabf3Z9jkTEK5IOE/GYXturUCAwEAAaOCAfYwggHyMB0GA1UdDgQW BBStAq9vWVcfVzhs0TDXQF954KWUezAfBgNVHSMEGDAWgBSo6+rUsTp5GFDK95FO ow0PUDbD5zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yOTcy L3FPdnExTEU2ZVJoUXl2ZVJUcU1ORDFBMnctYy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvcU92cTFMRTZlUmhReXZlUlRxTU5EMUEydy1jLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk3Mi9yUUt2YjFsWEgxYzRi TkV3MTBCZmVlQ2xsSHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAJAa2QAEAMA0GCSqGSIb3DQEBCwUAA4IBAQAEp6SA3cUJvYjQI1CC80sxu+H1 2UJL20L+mWmEJFgRP6q9KqcdPF/siwpBCvsSA0MqlWvz1UJu16dgfV0PPd96715p l2cyN9rpEGbLH0gzbfiqgVPGDEqodvmiV9QhFlob/eKve+Y0PgqwzQl1HL8NIFAj 6o8lbBK9vrPfl6IJ5FOa4xJFqs2Ci/LALZUhjyP2FW+jf6bFNvVYbVC0aBU6zCNH gOc2Ey3jEfys0betreUKoDeCrwHBKVzs/QLSViH6QwCYbLolSHl3HLr14mFFUjYO 4vDqLxYWZz1rlJ3/c8/BPBcKmKymvHlx4v9Qu/yaw6ufp6E9ux4pkqQa16kJ -----END CERTIFICATE-----Generated at Mon Oct 20 01:55:21 2025 by rpki-client