$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3027/8COYu9w4VilrwhRPXnD2GOb4HqY.roa File: 8COYu9w4VilrwhRPXnD2GOb4HqY.roa (raw, json) Hash identifier: DCTT7n4r1jtqDJT+oK/JdlvytI6Xe3jmy1cbSkTcILk= Subject key identifier: F0:23:98:BB:DC:38:56:29:6B:C2:14:4F:5E:70:F6:18:E6:F8:1E:A6 Certificate issuer: /CN=EED0E76665272FAF95C3104EAE182BD2D5A0800B Certificate serial: 1755 Authority key identifier: EE:D0:E7:66:65:27:2F:AF:95:C3:10:4E:AE:18:2B:D2:D5:A0:80:0B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7tDnZmUnL6-VwxBOrhgr0tWggAs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3027/8COYu9w4VilrwhRPXnD2GOb4HqY.roa Signing time: Sat 13 Sep 2025 03:07:44 +0000 ROA not before: Sat 13 Sep 2025 03:07:44 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139119 IP address blocks: 2406:a7c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3027/7tDnZmUnL6-VwxBOrhgr0tWggAs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3027/7tDnZmUnL6-VwxBOrhgr0tWggAs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7tDnZmUnL6-VwxBOrhgr0tWggAs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5973 (0x1755) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EED0E76665272FAF95C3104EAE182BD2D5A0800B Validity Not Before: Sep 13 03:07:44 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=F02398BBDC3856296BC2144F5E70F618E6F81EA6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:e6:1f:2d:ed:21:34:e7:e3:55:3a:70:4b:e3: 7b:8f:a7:6f:94:36:9c:73:31:fb:3f:5e:54:01:0e: 1f:01:2b:52:53:88:d9:60:e1:33:bf:7c:c2:66:5b: c5:f3:62:7c:78:3d:66:2d:18:89:34:b4:f8:d6:bf: 32:0c:ba:14:71:6f:a5:24:0e:dd:31:bf:30:71:39: ef:54:19:14:4a:a0:85:6b:37:64:94:18:5e:89:0e: 83:1a:2e:be:e6:4e:19:a0:54:2c:f9:6c:4d:2f:06: b5:2c:81:7c:58:cc:40:f9:ba:71:1f:19:8b:07:bc: 06:ae:36:54:27:b3:32:80:af:ac:0b:a2:c4:08:70: a1:1d:25:0f:cb:60:4a:4c:f7:2b:09:75:4e:33:c8: 42:5a:dd:8c:5c:50:16:70:1c:4b:c4:16:16:bd:81: 1f:1b:85:02:ca:78:d6:38:4e:67:0c:6d:c4:ef:9c: ef:49:2c:60:75:e8:90:76:d7:35:c3:d4:cf:9c:03: 75:82:84:05:02:4c:0c:09:53:68:ed:f7:ec:40:a9: 1b:85:34:91:be:40:5c:aa:5d:dc:7e:44:7b:bc:fd: 1d:51:d7:fc:d0:82:81:d1:ac:c7:9d:e9:9d:d9:08: dc:84:5f:8a:89:60:e1:6f:bc:85:61:50:60:ce:85: fe:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:23:98:BB:DC:38:56:29:6B:C2:14:4F:5E:70:F6:18:E6:F8:1E:A6 X509v3 Authority Key Identifier: keyid:EE:D0:E7:66:65:27:2F:AF:95:C3:10:4E:AE:18:2B:D2:D5:A0:80:0B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3027/7tDnZmUnL6-VwxBOrhgr0tWggAs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7tDnZmUnL6-VwxBOrhgr0tWggAs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3027/8COYu9w4VilrwhRPXnD2GOb4HqY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:a7c0::/48 Signature Algorithm: sha256WithRSAEncryption 9c:11:e1:9e:75:19:e2:b5:28:3e:36:35:08:31:34:ea:b4:4e: e1:4d:23:db:c9:3a:91:1d:b8:96:12:a2:7c:f9:cc:c4:c9:cb: 12:0e:c3:89:fc:9a:33:39:3e:ae:68:50:fc:43:2a:13:b9:96: dc:b2:07:1e:1e:eb:a7:10:f9:1b:a1:f2:34:59:57:c5:48:7d: 9c:b7:7d:16:b7:a0:e3:ec:33:81:51:c4:cf:a0:2d:15:d3:2c: 6d:57:67:b9:f0:e5:8e:86:03:0f:e9:05:3f:2c:82:2f:fc:11: e2:7d:95:10:a6:93:d7:ea:d1:2f:b9:4b:2b:6f:27:51:13:7b: 1d:be:57:5f:7c:67:de:e4:38:80:69:fe:a8:af:20:12:49:7b: f3:0a:dc:f6:aa:32:9e:62:b7:29:ee:bf:87:ac:9a:b9:6e:ee: 2b:ed:2f:29:4b:6d:07:fa:cd:35:35:0b:6f:0f:5e:e7:9c:41: 46:05:ba:fe:a5:1d:ab:ff:40:dc:26:06:12:9c:8d:5e:b0:8c: e0:d5:e6:47:06:7a:d2:3c:02:97:48:3b:fc:b7:56:68:9f:a0: e6:fa:ea:4b:cd:93:6d:32:75:f5:8f:0c:c2:50:c3:f8:41:6b: 75:da:5a:c4:81:87:37:69:de:25:ef:7b:40:e6:78:ef:03:15: ef:38:8b:65 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICF1UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUVE MEU3NjY2NTI3MkZBRjk1QzMxMDRFQUUxODJCRDJENUEwODAwQjAeFw0yNTA5MTMw MzA3NDRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEYwMjM5OEJCREMzODU2 Mjk2QkMyMTQ0RjVFNzBGNjE4RTZGODFFQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC65h8t7SE05+NVOnBL43uPp2+UNpxzMfs/XlQBDh8BK1JTiNlg 4TO/fMJmW8XzYnx4PWYtGIk0tPjWvzIMuhRxb6UkDt0xvzBxOe9UGRRKoIVrN2SU GF6JDoMaLr7mThmgVCz5bE0vBrUsgXxYzED5unEfGYsHvAauNlQnszKAr6wLosQI cKEdJQ/LYEpM9ysJdU4zyEJa3YxcUBZwHEvEFha9gR8bhQLKeNY4TmcMbcTvnO9J LGB16JB21zXD1M+cA3WChAUCTAwJU2jt9+xAqRuFNJG+QFyqXdx+RHu8/R1R1/zQ goHRrMed6Z3ZCNyEX4qJYOFvvIVhUGDOhf6fAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQU8COYu9w4VilrwhRPXnD2GOb4HqYwHwYDVR0jBBgwFoAU7tDnZmUnL6+VwxBO rhgr0tWggAswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAy Ny83dERuWm1Vbkw2LVZ3eEJPcmhncjB0V2dnQXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzd0RG5abVVuTDYtVnd4Qk9yaGdyMHRXZ2dBcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMjcvOENPWXU5dzRWaWxy d2hSUFhuRDJHT2I0SHFZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQGp8AAADANBgkqhkiG9w0BAQsFAAOCAQEAnBHhnnUZ4rUoPjY1CDE06rRO 4U0j28k6kR24lhKifPnMxMnLEg7DifyaMzk+rmhQ/EMqE7mW3LIHHh7rpxD5G6Hy NFlXxUh9nLd9Freg4+wzgVHEz6AtFdMsbVdnufDljoYDD+kFPyyCL/wR4n2VEKaT 1+rRL7lLK28nURN7Hb5XX3xn3uQ4gGn+qK8gEkl78wrc9qoynmK3Ke6/h6yauW7u K+0vKUttB/rNNTULbw9e55xBRgW6/qUdq/9A3CYGEpyNXrCM4NXmRwZ60jwCl0g7 /LdWaJ+g5vrqS82TbTJ19Y8MwlDD+EFrddpaxIGHN2neJe97QOZ47wMV7ziLZQ== -----END CERTIFICATE-----Generated at Mon Oct 20 20:13:42 2025 by rpki-client