$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3262/vM3t1yqTcd-yXxJwae4w07DMRLQ.roa File: vM3t1yqTcd-yXxJwae4w07DMRLQ.roa (raw, json) Hash identifier: 6hdsCyq7k24vbAR1IpHQmLh39ow0B4Jaht++jsAXiC8= Subject key identifier: BC:CD:ED:D7:2A:93:71:DF:B2:5F:12:70:69:EE:30:D3:B0:CC:44:B4 Certificate issuer: /CN=E5C6CEFC8782F89731A2C72966EDC181DAB5AE22 Certificate serial: 0AEF Authority key identifier: E5:C6:CE:FC:87:82:F8:97:31:A2:C7:29:66:ED:C1:81:DA:B5:AE:22 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5cbO_IeC-JcxoscpZu3Bgdq1riI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/vM3t1yqTcd-yXxJwae4w07DMRLQ.roa Signing time: Fri 15 Aug 2025 01:17:18 +0000 ROA not before: Fri 15 Aug 2025 01:17:18 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 37969 IP address blocks: 2400:8fc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/5cbO_IeC-JcxoscpZu3Bgdq1riI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/5cbO_IeC-JcxoscpZu3Bgdq1riI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5cbO_IeC-JcxoscpZu3Bgdq1riI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:02:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2799 (0xaef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E5C6CEFC8782F89731A2C72966EDC181DAB5AE22 Validity Not Before: Aug 15 01:17:18 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=BCCDEDD72A9371DFB25F127069EE30D3B0CC44B4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:c6:57:d0:c8:01:1e:76:b2:6d:a1:6f:da:81: 8b:48:b2:f2:18:e2:8a:42:ee:52:b6:fc:be:f2:a0: 1f:25:6a:a8:90:be:f1:2e:d0:08:5f:2d:8b:fd:34: a8:c2:d8:2f:7b:ae:27:db:97:d2:7f:1e:8e:17:d1: fc:e3:4f:9a:4d:2c:29:83:b8:ea:1f:15:d3:27:7b: f4:e2:58:2e:57:cd:12:8f:84:2b:f6:54:f5:c1:10: 06:07:10:99:b8:1f:c7:88:3d:c5:ba:7e:d0:1a:04: 1b:65:fd:04:04:17:9c:67:0f:1f:93:25:d7:64:d9: cf:35:4d:02:62:6c:5b:d0:5e:be:e8:40:c4:6c:46: 85:85:37:f8:ed:61:7d:62:56:b4:39:15:63:3b:14: cf:a2:55:17:92:6a:d7:0b:64:56:5e:7c:f4:66:d1: 2d:7f:b8:c3:a8:73:a0:93:26:71:2a:f1:68:bb:e7: fd:52:72:fe:68:e7:d2:b6:c3:64:2e:14:c3:ca:e9: 57:c5:69:f7:9f:2b:f4:ab:60:71:a3:90:84:cd:c9: 0e:26:8d:27:37:40:3a:38:5d:ad:68:06:c6:b2:a6: dc:d8:64:34:56:75:49:34:a0:8d:db:43:d4:26:c0: 89:57:47:78:3d:15:f0:53:88:e6:26:88:73:a7:da: d4:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:CD:ED:D7:2A:93:71:DF:B2:5F:12:70:69:EE:30:D3:B0:CC:44:B4 X509v3 Authority Key Identifier: keyid:E5:C6:CE:FC:87:82:F8:97:31:A2:C7:29:66:ED:C1:81:DA:B5:AE:22 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/5cbO_IeC-JcxoscpZu3Bgdq1riI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5cbO_IeC-JcxoscpZu3Bgdq1riI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/vM3t1yqTcd-yXxJwae4w07DMRLQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:8fc0::/32 Signature Algorithm: sha256WithRSAEncryption d8:ea:06:69:37:16:48:e9:59:b7:28:14:8a:5b:60:44:8b:16: 92:35:92:d2:8c:54:6f:fd:5f:c9:47:05:43:a2:01:99:98:ad: 7b:e8:bd:82:0f:bb:b4:12:79:76:a3:b5:0a:e3:03:0d:4a:df: 12:ad:05:50:da:f1:81:6e:d1:32:be:dc:75:df:b7:fc:1c:fb: 3c:5a:24:55:29:fb:57:bc:b0:fa:c4:2d:f7:cf:d6:7f:7a:01: 75:10:4b:60:b0:ea:26:dc:9a:14:2a:9b:a1:61:1e:a9:bd:b0: e2:b6:eb:d6:27:50:ae:43:f6:28:de:cc:d0:ff:08:62:30:42: 09:b4:08:42:4e:bc:f3:17:a6:5f:61:e1:ac:49:91:92:47:d8: 41:4a:92:3f:78:8b:4c:5c:3a:fa:ad:e9:01:52:44:26:02:6c: 31:75:00:ef:7f:d2:e4:cc:89:57:02:b1:84:c1:1b:0c:2c:18: 06:a2:34:51:c8:60:15:9c:d3:d1:3f:da:e4:db:9d:7f:8e:87: 01:5d:4d:42:78:3f:2a:04:d1:c4:05:b9:d3:97:40:0a:b2:66: 7f:b5:87:16:60:62:2f:49:85:54:34:e0:fa:9f:49:c1:05:ea: cf:e2:3c:09:d5:45:a3:d3:6e:ae:88:54:f1:8d:4f:c5:4f:c5: e5:af:86:60 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICCu8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTVD NkNFRkM4NzgyRjg5NzMxQTJDNzI5NjZFREMxODFEQUI1QUUyMjAeFw0yNTA4MTUw MTE3MThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEJDQ0RFREQ3MkE5Mzcx REZCMjVGMTI3MDY5RUUzMEQzQjBDQzQ0QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQxlfQyAEedrJtoW/agYtIsvIY4opC7lK2/L7yoB8laqiQvvEu 0AhfLYv9NKjC2C97rifbl9J/Ho4X0fzjT5pNLCmDuOofFdMne/TiWC5XzRKPhCv2 VPXBEAYHEJm4H8eIPcW6ftAaBBtl/QQEF5xnDx+TJddk2c81TQJibFvQXr7oQMRs RoWFN/jtYX1iVrQ5FWM7FM+iVReSatcLZFZefPRm0S1/uMOoc6CTJnEq8Wi75/1S cv5o59K2w2QuFMPK6VfFafefK/SrYHGjkITNyQ4mjSc3QDo4Xa1oBsayptzYZDRW dUk0oI3bQ9QmwIlXR3g9FfBTiOYmiHOn2tT5AgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUvM3t1yqTcd+yXxJwae4w07DMRLQwHwYDVR0jBBgwFoAU5cbO/IeC+Jcxoscp Zu3Bgdq1riIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 Mi81Y2JPX0llQy1KY3hvc2NwWnUzQmdkcTFyaUkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzVjYk9fSWVDLUpjeG9zY3BadTNCZ2RxMXJpSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjIvdk0zdDF5cVRjZC15 WHhKd2FlNHcwN0RNUkxRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQAj8AwDQYJKoZIhvcNAQELBQADggEBANjqBmk3FkjpWbcoFIpbYESLFpI1 ktKMVG/9X8lHBUOiAZmYrXvovYIPu7QSeXajtQrjAw1K3xKtBVDa8YFu0TK+3HXf t/wc+zxaJFUp+1e8sPrELffP1n96AXUQS2Cw6ibcmhQqm6FhHqm9sOK269YnUK5D 9ijezND/CGIwQgm0CEJOvPMXpl9h4axJkZJH2EFKkj94i0xcOvqt6QFSRCYCbDF1 AO9/0uTMiVcCsYTBGwwsGAaiNFHIYBWc09E/2uTbnX+OhwFdTUJ4PyoE0cQFudOX QAqyZn+1hxZgYi9JhVQ04PqfScEF6s/iPAnVRaPTbq6IVPGNT8VPxeWvhmA= -----END CERTIFICATE-----Generated at Sun Aug 24 11:39:41 2025 by rpki-client