$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/7kLaRkHSmk9FaIeZ9oqI6e4fEsA.roa File: 7kLaRkHSmk9FaIeZ9oqI6e4fEsA.roa (raw, json) Hash identifier: l7vT3x/Y9LqsoHI32O0Jgooo5alWA0xNagrRT3pm/fk= Subject key identifier: EE:42:DA:46:41:D2:9A:4F:45:68:87:99:F6:8A:88:E9:EE:1F:12:C0 Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB Certificate serial: 267E Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/7kLaRkHSmk9FaIeZ9oqI6e4fEsA.roa Signing time: Sat 13 Sep 2025 03:08:54 +0000 ROA not before: Sat 13 Sep 2025 03:08:54 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139139 IP address blocks: 2406:3340::/36 maxlen: 36 2406:3340:1000::/36 maxlen: 36 2406:3340:2000::/36 maxlen: 36 2406:3340:3000::/36 maxlen: 36 2406:3340:4000::/36 maxlen: 36 2406:3340:5000::/36 maxlen: 36 2406:3340:6000::/36 maxlen: 36 2406:3340:7000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 04:07:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9854 (0x267e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB Validity Not Before: Sep 13 03:08:54 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=EE42DA4641D29A4F45688799F68A88E9EE1F12C0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:cd:2f:03:de:9e:d9:06:cc:27:78:8f:2e:a5: 63:9a:91:3d:c5:a8:c1:1c:3d:2e:24:30:22:b6:66: f1:19:41:28:0a:ec:1d:c9:01:14:fd:bc:72:57:52: 3b:44:b5:fb:ce:32:2f:b0:a8:bc:de:d4:a6:79:e3: 84:74:c7:b4:db:6e:90:e0:58:f1:68:5e:d7:b2:e3: 6c:de:3b:99:2f:f1:18:36:f7:f7:49:44:06:b0:00: 07:69:9f:b6:4a:8c:2e:b3:67:09:24:7c:3f:c9:12: 6d:61:6e:8c:d6:04:a0:32:e0:35:e8:6f:95:80:40: 8f:33:28:bd:52:8a:81:36:22:80:64:fb:2e:eb:e6: 93:34:53:1a:16:0b:fd:24:76:ac:5a:fb:22:ca:93: 34:11:a5:de:5a:64:e5:96:a7:91:95:61:a4:d4:6a: 12:49:0d:65:db:c5:aa:de:ba:d4:c6:b2:3b:b7:40: 6a:d0:c9:3b:2b:f7:c0:27:f2:60:27:27:b6:76:a6: a7:fa:f3:cc:c8:7c:7e:97:70:60:15:55:b1:e2:0b: 8e:7e:8d:7c:92:16:42:64:6b:d1:78:80:c2:c5:f5: 95:7b:08:01:a1:c8:8d:bf:f9:1c:a4:8c:86:ef:f3: a4:f7:49:e6:91:65:70:81:26:ac:4c:af:9e:f6:2b: b4:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:42:DA:46:41:D2:9A:4F:45:68:87:99:F6:8A:88:E9:EE:1F:12:C0 X509v3 Authority Key Identifier: keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/7kLaRkHSmk9FaIeZ9oqI6e4fEsA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:3340::/33 Signature Algorithm: sha256WithRSAEncryption 89:4e:f0:32:b6:4c:7a:6f:ae:0c:18:27:f5:43:e4:29:b9:34: a4:1d:34:b7:8a:a3:91:5b:47:5f:ee:34:41:ca:2b:f3:9f:0b: e2:af:bb:f2:2a:2a:2b:5c:2c:ad:71:9e:57:4c:91:20:bf:9a: 00:7a:75:b2:5b:36:1c:50:7d:09:35:d2:e0:b7:71:20:af:6d: fa:34:91:0c:c0:2f:f1:3b:e0:a5:2d:27:86:69:94:49:70:4c: 86:e2:09:cb:9b:5c:df:e5:d8:40:06:62:0e:a8:0b:66:55:41: 2c:a9:58:74:fc:6d:7f:38:a7:21:c5:fb:4f:45:03:fe:0c:59: d6:c4:32:8e:96:bf:4b:8e:fa:54:8b:19:da:35:d9:0c:90:e2: 5c:8b:b8:23:d2:56:68:99:a4:c6:19:bc:d6:22:09:e0:4a:79: a8:71:52:f7:a0:37:4a:6b:06:8b:6e:5c:6d:b9:5d:29:87:34: 86:94:79:0e:57:26:d8:54:3c:a4:ef:71:d0:c1:74:42:d0:5f: 59:2d:e4:d6:36:33:0d:12:a6:da:73:88:31:2d:00:06:da:d1: 87:d0:c7:4c:a0:75:b5:2c:46:82:da:2c:77:13:db:18:7c:7c: 56:00:50:34:2a:01:98:60:db:1e:fd:9e:1e:8b:b1:f1:f9:fe: 39:52:36:3b -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICJn4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNTA5MTMw MzA4NTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEVFNDJEQTQ2NDFEMjlB NEY0NTY4ODc5OUY2OEE4OEU5RUUxRjEyQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDuzS8D3p7ZBswneI8upWOakT3FqMEcPS4kMCK2ZvEZQSgK7B3J ART9vHJXUjtEtfvOMi+wqLze1KZ544R0x7TbbpDgWPFoXtey42zeO5kv8Rg29/dJ RAawAAdpn7ZKjC6zZwkkfD/JEm1hbozWBKAy4DXob5WAQI8zKL1SioE2IoBk+y7r 5pM0UxoWC/0kdqxa+yLKkzQRpd5aZOWWp5GVYaTUahJJDWXbxareutTGsju3QGrQ yTsr98An8mAnJ7Z2pqf688zIfH6XcGAVVbHiC45+jXySFkJka9F4gMLF9ZV7CAGh yI2/+RykjIbv86T3SeaRZXCBJqxMr572K7SzAgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQU7kLaRkHSmk9FaIeZ9oqI6e4fEsAwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4 OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvN2tMYVJrSFNtazlG YUllWjlvcUk2ZTRmRXNBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIw CAMGByQGM0AAMA0GCSqGSIb3DQEBCwUAA4IBAQCJTvAytkx6b64MGCf1Q+QpuTSk HTS3iqORW0df7jRByivznwvir7vyKiorXCytcZ5XTJEgv5oAenWyWzYcUH0JNdLg t3Egr236NJEMwC/xO+ClLSeGaZRJcEyG4gnLm1zf5dhABmIOqAtmVUEsqVh0/G1/ OKchxftPRQP+DFnWxDKOlr9LjvpUixnaNdkMkOJci7gj0lZomaTGGbzWIgngSnmo cVL3oDdKawaLblxtuV0phzSGlHkOVybYVDyk73HQwXRC0F9ZLeTWNjMNEqbac4gx LQAG2tGH0MdMoHW1LEaC2ix3E9sYfHxWAFA0KgGYYNse/Z4ei7Hx+f45UjY7 -----END CERTIFICATE-----Generated at Tue Oct 21 02:28:20 2025 by rpki-client