$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3252/jqYKIkgN3mLrUGv3j7h4MHGyHxE.roa File: jqYKIkgN3mLrUGv3j7h4MHGyHxE.roa (raw, json) Hash identifier: pjQKF+vhTJTdN7GMINgnPTHnfpaIUYkQVDoDaWgGlj8= Subject key identifier: 8E:A6:0A:22:48:0D:DE:62:EB:50:6B:F7:8F:B8:78:30:71:B2:1F:11 Certificate issuer: /CN=EA1DD0A5BE3961989984E1C447C241FFC16DAA33 Certificate serial: 0BFC Authority key identifier: EA:1D:D0:A5:BE:39:61:98:99:84:E1:C4:47:C2:41:FF:C1:6D:AA:33 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6h3Qpb45YZiZhOHER8JB_8FtqjM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/jqYKIkgN3mLrUGv3j7h4MHGyHxE.roa Signing time: Sat 13 Sep 2025 03:04:29 +0000 ROA not before: Sat 13 Sep 2025 03:04:29 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63538 IP address blocks: 2401:70e0::/32 maxlen: 128 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/6h3Qpb45YZiZhOHER8JB_8FtqjM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/6h3Qpb45YZiZhOHER8JB_8FtqjM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6h3Qpb45YZiZhOHER8JB_8FtqjM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3068 (0xbfc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EA1DD0A5BE3961989984E1C447C241FFC16DAA33 Validity Not Before: Sep 13 03:04:29 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=8EA60A22480DDE62EB506BF78FB8783071B21F11 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:dc:62:bc:2d:eb:4e:3b:36:e1:43:04:25:b5: 13:e6:26:90:e5:36:bd:4b:d4:03:07:5e:b1:7a:2b: 64:e9:dc:df:ac:ca:6a:53:d5:2a:14:4d:1b:2b:73: 5c:a0:80:28:74:9e:2d:ab:fb:bd:84:d7:d4:19:2c: 98:00:9c:01:f4:89:7e:bc:32:3a:2f:60:d0:cc:75: 79:82:52:c8:88:83:da:97:4e:01:4d:27:51:96:1a: a1:7a:98:43:f1:27:9c:dc:4d:b6:af:55:46:e3:28: b6:34:9e:03:64:f0:3e:fd:88:39:06:09:87:c1:19: e4:48:1e:76:38:88:1f:64:f0:c0:7b:02:2b:54:6f: aa:88:a8:91:82:71:59:c6:db:3a:de:13:22:75:3b: 7c:e8:e3:f4:e4:57:5b:db:10:9c:87:34:d9:39:e8: d1:7a:0f:f9:34:ef:bf:07:f3:71:50:9a:4a:c2:f4: 7c:ec:a4:73:bd:53:91:2f:1f:ef:09:25:72:0a:49: 06:45:ef:ee:dd:fc:80:02:a1:27:c0:02:60:fd:f1: 53:8f:8f:e0:2f:48:d0:83:8d:a9:f6:30:50:dc:e6: 1a:d6:3a:db:ad:7d:b5:e5:ef:8a:8e:47:a3:c3:d5: 71:b9:fb:e4:a6:83:26:7c:06:ef:57:2f:08:06:82: 0f:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:A6:0A:22:48:0D:DE:62:EB:50:6B:F7:8F:B8:78:30:71:B2:1F:11 X509v3 Authority Key Identifier: keyid:EA:1D:D0:A5:BE:39:61:98:99:84:E1:C4:47:C2:41:FF:C1:6D:AA:33 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/6h3Qpb45YZiZhOHER8JB_8FtqjM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6h3Qpb45YZiZhOHER8JB_8FtqjM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/jqYKIkgN3mLrUGv3j7h4MHGyHxE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:70e0::/32 Signature Algorithm: sha256WithRSAEncryption b7:2c:ce:57:9f:4f:22:6a:4e:51:68:be:bb:09:25:7b:c2:c9: a4:cf:45:e9:da:42:88:24:c3:b2:23:a5:9a:58:83:1b:1d:5b: 02:33:17:a9:2e:3c:81:a4:81:56:8f:67:eb:56:20:71:84:32: 81:2c:46:01:a3:ca:4d:6f:db:02:71:1e:c6:6f:be:af:8c:69: 4b:c1:c7:2b:1f:1b:25:1e:72:cd:16:15:f9:b9:3c:1a:1c:61: 5f:d4:e0:c5:b0:0d:88:4a:f0:95:a1:95:59:c3:43:5e:ec:36: 63:8b:c2:b3:2a:8b:d4:88:b7:70:32:7a:52:eb:87:4e:d0:c8: 1b:11:56:5d:d2:0b:51:d5:63:ed:11:8c:d0:58:1d:1f:d7:aa: 0a:50:0f:19:07:79:9f:2f:25:d3:18:39:37:5e:bf:63:9b:63: e6:97:d3:83:67:1a:e6:41:09:e2:22:3a:60:3e:9b:b4:05:62: bc:d3:aa:ca:5e:29:d5:d9:78:3b:42:c7:5a:8c:98:39:0d:e2: f9:81:2f:31:a3:47:d7:33:4c:7f:13:00:b4:a6:9c:cf:ab:db: 39:b3:8c:30:a7:95:8a:0b:1f:8d:de:d1:77:7c:b1:10:0d:42: 00:48:17:1a:65:f2:74:7e:db:44:89:d0:13:83:af:27:52:ac: 76:84:35:f4 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICC/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUEx REQwQTVCRTM5NjE5ODk5ODRFMUM0NDdDMjQxRkZDMTZEQUEzMzAeFw0yNTA5MTMw MzA0MjlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDhFQTYwQTIyNDgwRERF NjJFQjUwNkJGNzhGQjg3ODMwNzFCMjFGMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCj3GK8LetOOzbhQwQltRPmJpDlNr1L1AMHXrF6K2Tp3N+sympT 1SoUTRsrc1yggCh0ni2r+72E19QZLJgAnAH0iX68MjovYNDMdXmCUsiIg9qXTgFN J1GWGqF6mEPxJ5zcTbavVUbjKLY0ngNk8D79iDkGCYfBGeRIHnY4iB9k8MB7AitU b6qIqJGCcVnG2zreEyJ1O3zo4/TkV1vbEJyHNNk56NF6D/k0778H83FQmkrC9Hzs pHO9U5EvH+8JJXIKSQZF7+7d/IACoSfAAmD98VOPj+AvSNCDjan2MFDc5hrWOtut fbXl74qOR6PD1XG5++SmgyZ8Bu9XLwgGgg+FAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUjqYKIkgN3mLrUGv3j7h4MHGyHxEwHwYDVR0jBBgwFoAU6h3Qpb45YZiZhOHE R8JB/8FtqjMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 Mi82aDNRcGI0NVlaaVpoT0hFUjhKQl84RnRxak0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzZoM1FwYjQ1WVppWmhPSEVSOEpCXzhGdHFqTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTIvanFZS0lrZ04zbUxy VUd2M2o3aDRNSEd5SHhFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQBcOAwDQYJKoZIhvcNAQELBQADggEBALcszlefTyJqTlFovrsJJXvCyaTP RenaQogkw7IjpZpYgxsdWwIzF6kuPIGkgVaPZ+tWIHGEMoEsRgGjyk1v2wJxHsZv vq+MaUvBxysfGyUecs0WFfm5PBocYV/U4MWwDYhK8JWhlVnDQ17sNmOLwrMqi9SI t3AyelLrh07QyBsRVl3SC1HVY+0RjNBYHR/XqgpQDxkHeZ8vJdMYOTdev2ObY+aX 04NnGuZBCeIiOmA+m7QFYrzTqspeKdXZeDtCx1qMmDkN4vmBLzGjR9czTH8TALSm nM+r2zmzjDCnlYoLH43e0Xd8sRANQgBIFxpl8nR+20SJ0BODrydSrHaENfQ= -----END CERTIFICATE-----Generated at Mon Oct 20 19:56:02 2025 by rpki-client