$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3040/Yeos6qoEoZyvn80CP5PGukWOrMs.roa File: Yeos6qoEoZyvn80CP5PGukWOrMs.roa (raw, json) Hash identifier: r71WtNa+I8bfaVOiBP+blP0kzS4weCrffiRbS7nJI0Q= Subject key identifier: 61:EA:2C:EA:AA:04:A1:9C:AF:9F:CD:02:3F:93:C6:BA:45:8E:AC:CB Certificate issuer: /CN=03F075D9C6F18DC09BDA62B7087EA80DC5B711C5 Certificate serial: 2410 Authority key identifier: 03:F0:75:D9:C6:F1:8D:C0:9B:DA:62:B7:08:7E:A8:0D:C5:B7:11:C5 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/Yeos6qoEoZyvn80CP5PGukWOrMs.roa Signing time: Sat 13 Sep 2025 03:08:45 +0000 ROA not before: Sat 13 Sep 2025 03:08:45 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 131484 IP address blocks: 2406:d140::/32 maxlen: 48 2406:d140:8000::/34 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/A_B12cbxjcCb2mK3CH6oDcW3EcU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/A_B12cbxjcCb2mK3CH6oDcW3EcU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9232 (0x2410) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=03F075D9C6F18DC09BDA62B7087EA80DC5B711C5 Validity Not Before: Sep 13 03:08:45 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=61EA2CEAAA04A19CAF9FCD023F93C6BA458EACCB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:2e:f6:07:e4:cc:a1:da:f2:32:23:45:5e:29: a1:34:de:e5:43:ff:c2:af:7a:66:83:2f:34:58:34: 07:af:ae:7b:11:7f:da:98:7d:66:93:69:36:62:5c: 14:17:70:0a:b4:86:65:ae:84:25:93:75:2a:8f:06: 77:be:33:a6:59:f7:18:8e:33:05:f2:aa:39:5b:22: a1:dc:76:fa:c2:b5:37:e7:b5:a7:47:1a:78:70:a1: b9:b0:36:ab:53:da:dd:f2:56:7f:39:77:b4:71:a8: 48:3e:a3:d5:47:7e:b8:3e:de:7c:41:61:f0:b9:6f: 06:23:bc:bc:cb:09:08:93:df:49:0a:d4:3a:a7:b7: fc:8b:76:0f:a1:5e:dc:af:d2:0e:0e:30:9a:65:dc: 16:e1:d9:94:05:2a:e0:bd:d0:37:fa:96:39:1d:24: 36:02:75:3b:df:59:a1:cb:4e:14:97:10:9f:df:9d: c9:47:4d:ee:d1:0a:5c:20:84:8b:42:97:07:ce:96: 07:af:2d:10:6a:be:9a:b6:4f:28:13:93:12:d4:c7: 99:ec:a1:97:aa:3d:0c:0a:53:c9:c9:6c:26:8e:4c: 8f:11:ce:f1:00:5e:23:5e:8d:81:c5:c5:62:91:41: 92:88:b2:19:4d:88:52:c4:8d:8f:2e:34:65:bf:6a: de:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:EA:2C:EA:AA:04:A1:9C:AF:9F:CD:02:3F:93:C6:BA:45:8E:AC:CB X509v3 Authority Key Identifier: keyid:03:F0:75:D9:C6:F1:8D:C0:9B:DA:62:B7:08:7E:A8:0D:C5:B7:11:C5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/A_B12cbxjcCb2mK3CH6oDcW3EcU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/Yeos6qoEoZyvn80CP5PGukWOrMs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:d140::/32 Signature Algorithm: sha256WithRSAEncryption 8f:5b:79:e6:92:fa:e8:62:03:67:38:82:c6:a3:b6:ee:5b:dd: 09:97:06:c9:79:f6:e0:8d:17:71:48:d4:f1:2d:ac:bb:e1:72: 32:1a:17:10:da:e7:4e:4a:ba:b1:95:1d:25:bb:a1:20:d7:d3: 26:04:69:77:e9:f5:f3:8c:db:78:95:78:96:41:29:5a:2b:68: b3:80:bf:de:63:fd:6f:fd:9f:ae:ce:49:33:29:65:bf:32:8e: 3e:0a:f5:50:a0:57:f5:fb:d4:75:61:67:d4:16:fc:a2:c1:b8: 69:09:6e:d3:a1:fb:be:7e:f7:76:f4:40:0a:22:f2:98:fe:94: 11:45:6c:a6:ad:d6:6b:f5:1e:4c:56:1a:cb:e4:63:fc:8c:32: 1b:f4:09:72:d9:dd:bb:dc:98:6f:01:a8:51:62:18:d6:09:13: 13:79:ee:7d:96:3f:17:12:fa:93:c9:32:75:7b:e9:ab:98:62: 22:a8:87:75:bd:36:2a:9d:c3:45:d5:46:0e:a5:04:3d:23:65: b5:fa:2d:3f:22:9c:92:e3:39:b6:7e:91:1d:d3:bb:47:54:8e: 2d:08:ae:53:d2:e3:48:b4:05:a5:cd:f4:38:c3:47:59:84:60: 34:f0:1f:1c:ac:e0:eb:fa:f2:ee:6b:1c:f9:5b:f9:30:90:91: 72:49:ca:17 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICJBAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDNG MDc1RDlDNkYxOERDMDlCREE2MkI3MDg3RUE4MERDNUI3MTFDNTAeFw0yNTA5MTMw MzA4NDVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDYxRUEyQ0VBQUEwNEEx OUNBRjlGQ0QwMjNGOTNDNkJBNDU4RUFDQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPLvYH5Myh2vIyI0VeKaE03uVD/8KvemaDLzRYNAevrnsRf9qY fWaTaTZiXBQXcAq0hmWuhCWTdSqPBne+M6ZZ9xiOMwXyqjlbIqHcdvrCtTfntadH GnhwobmwNqtT2t3yVn85d7RxqEg+o9VHfrg+3nxBYfC5bwYjvLzLCQiT30kK1Dqn t/yLdg+hXtyv0g4OMJpl3Bbh2ZQFKuC90Df6ljkdJDYCdTvfWaHLThSXEJ/fnclH Te7RClwghItClwfOlgevLRBqvpq2TygTkxLUx5nsoZeqPQwKU8nJbCaOTI8RzvEA XiNejYHFxWKRQZKIshlNiFLEjY8uNGW/at7jAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUYeos6qoEoZyvn80CP5PGukWOrMswHwYDVR0jBBgwFoAUA/B12cbxjcCb2mK3 CH6oDcW3EcUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 MC9BX0IxMmNieGpjQ2IybUszQ0g2b0RjVzNFY1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FfQjEyY2J4amNDYjJtSzNDSDZvRGNXM0VjVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDAvWWVvczZxb0VvWnl2 bjgwQ1A1UEd1a1dPck1zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQG0UAwDQYJKoZIhvcNAQELBQADggEBAI9beeaS+uhiA2c4gsajtu5b3QmX Bsl59uCNF3FI1PEtrLvhcjIaFxDa505KurGVHSW7oSDX0yYEaXfp9fOM23iVeJZB KVoraLOAv95j/W/9n67OSTMpZb8yjj4K9VCgV/X71HVhZ9QW/KLBuGkJbtOh+75+ 93b0QAoi8pj+lBFFbKat1mv1HkxWGsvkY/yMMhv0CXLZ3bvcmG8BqFFiGNYJExN5 7n2WPxcS+pPJMnV76auYYiKoh3W9Niqdw0XVRg6lBD0jZbX6LT8inJLjObZ+kR3T u0dUji0IrlPS40i0BaXN9DjDR1mEYDTwHxys4Ov68u5rHPlb+TCQkXJJyhc= -----END CERTIFICATE-----Generated at Mon Oct 20 19:50:41 2025 by rpki-client