$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/XGoKwUMQogcQFSKg0HVndGSM_C4.roa File: XGoKwUMQogcQFSKg0HVndGSM_C4.roa (raw, json) Hash identifier: +REXPccvZJLbJeGJLWy8ggUgi4bhBUx4B/VkZS3CImI= Subject key identifier: 5C:6A:0A:C1:43:10:A2:07:10:15:22:A0:D0:75:67:74:64:8C:FC:2E Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21CC Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/XGoKwUMQogcQFSKg0HVndGSM_C4.roa Signing time: Sat 13 Sep 2025 03:09:00 +0000 ROA not before: Sat 13 Sep 2025 03:09:00 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4811 IP address blocks: 2406:d440:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8652 (0x21cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:00 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=5C6A0AC14310A207101522A0D0756774648CFC2E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:6c:37:6a:94:a6:1f:72:ce:d4:43:22:64:8d: a8:e8:ad:da:cb:42:f6:65:57:54:1b:99:a2:5e:86: 9a:5f:4e:e9:42:bd:14:d3:f2:94:7e:ea:51:7b:7a: 5a:73:31:bb:07:e1:be:98:4d:f0:ca:a1:66:22:3d: f7:53:57:b1:28:e3:11:c0:9d:0a:56:0b:2a:b9:56: 94:68:bf:5f:d4:29:ac:c7:ea:e0:fb:28:a2:50:3e: a1:01:c0:a6:34:6e:b0:51:5e:da:30:aa:12:60:1c: 16:a7:a6:b3:d3:c1:a8:f3:fa:67:d7:07:59:13:4b: e6:5c:84:05:39:ba:ef:65:72:ae:71:2e:fb:88:ba: e5:bb:09:3a:80:10:fc:5a:c5:6b:3f:72:0d:ea:52: 6e:a2:74:cb:40:45:16:fd:31:ec:2b:00:54:f8:36: f8:5e:e1:8f:c1:d6:4a:b6:8e:64:00:7b:7e:24:e9: b3:de:16:c7:be:8c:44:43:eb:b6:7d:c4:3c:90:b4: 47:56:4b:4a:39:66:9d:56:f2:5d:f3:60:57:d8:36: 84:21:93:fd:ea:38:5d:2a:df:3f:c0:24:45:8a:7d: 8c:ef:f2:c3:84:10:0a:0f:f5:af:04:36:c3:28:d1: 2a:7e:2c:98:e5:50:e4:41:bd:19:ee:4b:04:3a:a8: ed:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:6A:0A:C1:43:10:A2:07:10:15:22:A0:D0:75:67:74:64:8C:FC:2E X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/XGoKwUMQogcQFSKg0HVndGSM_C4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:d440:ff00::/48 Signature Algorithm: sha256WithRSAEncryption a7:bd:f6:5e:78:e3:f6:f6:90:09:9c:9f:ea:74:09:f8:29:63: e9:95:53:bf:3f:56:da:3f:fb:6d:28:54:cc:a1:37:b5:f8:14: e1:d6:48:2d:cb:24:d4:ab:b3:28:bb:52:54:13:a5:5b:16:55: 77:f4:bc:4f:5c:df:cc:82:cd:7b:f1:a1:89:6c:14:e1:84:57: 95:98:21:4d:98:70:93:4f:e6:6b:b3:1d:ac:a5:8e:6d:9c:83: 9b:29:ea:b9:76:08:b7:28:a1:c9:39:d7:47:78:d6:60:5b:6a: 1b:75:ad:c6:ca:dc:f9:b7:0f:0c:f0:9f:b8:1d:a6:91:54:ee: 3d:39:10:e6:c6:f3:20:47:d3:29:d2:85:bf:15:32:0a:c5:43: c6:4e:5c:96:ae:dd:74:d7:68:38:15:97:ca:3d:8c:70:bd:d1: 40:3f:ee:53:a0:bc:ef:17:1d:7d:fb:9f:10:c2:fd:56:5b:4b: 9e:48:26:9d:4c:c5:a2:fa:13:6d:ff:f7:16:12:8d:7d:04:32: e9:7f:a8:fb:79:87:d3:95:fc:f8:f0:5b:e3:31:d1:5a:62:00: 61:e5:41:41:10:57:01:a2:38:79:d8:0f:85:8c:dc:a7:ca:19: f2:cf:32:0e:af:d4:0c:e0:f3:a3:65:3d:85:52:35:ae:40:6b: 57:55:f0:02 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICIcwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDVDNkEwQUMxNDMxMEEy MDcxMDE1MjJBMEQwNzU2Nzc0NjQ4Q0ZDMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtbDdqlKYfcs7UQyJkjajordrLQvZlV1QbmaJehppfTulCvRTT 8pR+6lF7elpzMbsH4b6YTfDKoWYiPfdTV7Eo4xHAnQpWCyq5VpRov1/UKazH6uD7 KKJQPqEBwKY0brBRXtowqhJgHBanprPTwajz+mfXB1kTS+ZchAU5uu9lcq5xLvuI uuW7CTqAEPxaxWs/cg3qUm6idMtARRb9MewrAFT4Nvhe4Y/B1kq2jmQAe34k6bPe Fse+jERD67Z9xDyQtEdWS0o5Zp1W8l3zYFfYNoQhk/3qOF0q3z/AJEWKfYzv8sOE EAoP9a8ENsMo0Sp+LJjlUORBvRnuSwQ6qO2jAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUXGoKwUMQogcQFSKg0HVndGSM/C4wHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvWEdvS3dVTVFvZ2NR RlNLZzBIVm5kR1NNX0M0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQG1ED/ADANBgkqhkiG9w0BAQsFAAOCAQEAp732Xnjj9vaQCZyf6nQJ+Clj 6ZVTvz9W2j/7bShUzKE3tfgU4dZILcsk1KuzKLtSVBOlWxZVd/S8T1zfzILNe/Gh iWwU4YRXlZghTZhwk0/ma7MdrKWObZyDmynquXYItyihyTnXR3jWYFtqG3Wtxsrc +bcPDPCfuB2mkVTuPTkQ5sbzIEfTKdKFvxUyCsVDxk5clq7ddNdoOBWXyj2McL3R QD/uU6C87xcdffufEML9VltLnkgmnUzFovoTbf/3FhKNfQQy6X+o+3mH05X8+PBb 4zHRWmIAYeVBQRBXAaI4edgPhYzcp8oZ8s8yDq/UDODzo2U9hVI1rkBrV1XwAg== -----END CERTIFICATE-----Generated at Mon Oct 20 16:22:36 2025 by rpki-client