$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/40/aDJMSli9BvYR-TM2eJeLBMHxuRg.roa File: aDJMSli9BvYR-TM2eJeLBMHxuRg.roa (raw, json) Hash identifier: 7l9/6ahCOvmnNA/ml3z5Ycx20i9RV3+76YATC6eBUR0= Subject key identifier: 68:32:4C:4A:58:BD:06:F6:11:F9:33:36:78:97:8B:04:C1:F1:B9:18 Certificate issuer: /CN=AECCCCB79DFE6C466CCADB39896710ECAC37B847 Certificate serial: 1CE8 Authority key identifier: AE:CC:CC:B7:9D:FE:6C:46:6C:CA:DB:39:89:67:10:EC:AC:37:B8:47 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rszMt53-bEZsyts5iWcQ7Kw3uEc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/aDJMSli9BvYR-TM2eJeLBMHxuRg.roa Signing time: Sat 13 Sep 2025 03:09:44 +0000 ROA not before: Sat 13 Sep 2025 03:09:44 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 17429 IP address blocks: 2403:4300::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/rszMt53-bEZsyts5iWcQ7Kw3uEc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/rszMt53-bEZsyts5iWcQ7Kw3uEc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rszMt53-bEZsyts5iWcQ7Kw3uEc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7400 (0x1ce8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AECCCCB79DFE6C466CCADB39896710ECAC37B847 Validity Not Before: Sep 13 03:09:44 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=68324C4A58BD06F611F9333678978B04C1F1B918 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:3b:40:2b:02:85:ae:00:43:14:cb:7e:65:68: 05:f2:9a:bb:a7:80:b1:d6:de:bd:57:c5:6a:65:c8: f6:5a:b3:ce:ee:e6:a9:3d:30:32:82:ce:73:8a:f1: aa:8b:c1:1e:33:46:12:08:88:d7:5a:b2:ca:0c:a7: ee:a6:35:ec:c8:4c:22:b4:20:48:d8:41:59:39:51: 86:57:75:d1:a9:61:c1:42:e7:ed:45:9f:fb:d6:e9: c4:25:02:17:2a:25:a4:d9:9a:d0:41:49:47:38:6e: 71:6d:4e:7a:ea:ad:ef:39:a1:af:9c:01:fd:7e:1a: d2:2b:dc:31:bc:c0:e9:5e:ff:b1:29:03:88:ec:5c: 38:4a:d0:66:58:81:db:06:1c:2d:dd:32:d6:74:02: 1e:27:bf:fb:e4:04:6a:e0:88:75:79:d4:d4:ad:ce: 2f:47:70:2e:70:d6:02:97:8b:ad:bf:ea:1b:27:48: 80:e8:73:d6:e2:0d:9d:7f:63:2a:1c:10:7f:d7:28: 7d:cb:9b:34:de:fd:5b:44:2d:cc:33:ec:5d:57:01: db:95:ce:87:ae:e7:6a:1f:45:f3:bd:67:9a:21:c9: 84:f0:b2:91:f7:9d:e8:a7:6d:20:34:8c:1a:08:f4: b5:02:91:79:00:2c:38:36:75:1f:6d:8e:9b:5c:92: 48:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:32:4C:4A:58:BD:06:F6:11:F9:33:36:78:97:8B:04:C1:F1:B9:18 X509v3 Authority Key Identifier: keyid:AE:CC:CC:B7:9D:FE:6C:46:6C:CA:DB:39:89:67:10:EC:AC:37:B8:47 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/rszMt53-bEZsyts5iWcQ7Kw3uEc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rszMt53-bEZsyts5iWcQ7Kw3uEc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/aDJMSli9BvYR-TM2eJeLBMHxuRg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:4300::/32 Signature Algorithm: sha256WithRSAEncryption a1:a2:2b:60:d6:3e:a5:22:ba:39:47:19:57:c2:78:21:41:ad: 97:6d:ae:f2:3b:fe:b3:9c:09:fb:67:54:0c:b4:28:83:f3:1f: 17:d9:82:32:1c:a7:d3:74:71:f6:49:94:ee:71:7f:63:9e:77: f2:e2:f3:b9:ba:b3:d2:34:5a:de:f7:a1:e5:08:e3:cf:9e:8f: 43:27:3c:a8:51:78:91:35:4d:0f:71:4f:c8:cd:43:75:f2:72: 7a:1a:4e:35:cd:dc:de:d3:2c:72:a4:4e:60:5e:0f:51:53:66: 1f:66:21:db:c9:b1:83:9a:63:07:97:8a:fb:0e:97:13:38:d5: e6:e2:12:41:a4:67:52:73:01:57:e5:66:7c:32:e6:2c:0d:b5: 7b:8e:28:19:be:30:1f:59:84:cb:33:c7:8b:77:7e:ea:6e:f5: 0d:a8:2f:db:0d:5e:d8:f9:e4:42:7c:98:d5:90:8a:6b:c4:7a: 8d:32:87:53:34:c4:a6:09:60:02:66:c7:1a:27:dc:93:50:a1: 00:e2:d6:9a:9d:89:00:23:93:86:78:bd:f0:73:f3:1a:a6:ab: 6c:9b:70:e1:94:6d:59:4b:f4:be:00:2e:bc:f7:0f:66:ba:cb: f4:7f:67:b3:8d:3e:8f:bc:fd:e8:83:4d:7d:42:cd:ed:83:37: c5:0d:a0:b3 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICHOgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUVD Q0NDQjc5REZFNkM0NjZDQ0FEQjM5ODk2NzEwRUNBQzM3Qjg0NzAeFw0yNTA5MTMw MzA5NDRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDY4MzI0QzRBNThCRDA2 RjYxMUY5MzMzNjc4OTc4QjA0QzFGMUI5MTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVO0ArAoWuAEMUy35laAXymrungLHW3r1XxWplyPZas87u5qk9 MDKCznOK8aqLwR4zRhIIiNdassoMp+6mNezITCK0IEjYQVk5UYZXddGpYcFC5+1F n/vW6cQlAhcqJaTZmtBBSUc4bnFtTnrqre85oa+cAf1+GtIr3DG8wOle/7EpA4js XDhK0GZYgdsGHC3dMtZ0Ah4nv/vkBGrgiHV51NStzi9HcC5w1gKXi62/6hsnSIDo c9biDZ1/YyocEH/XKH3LmzTe/VtELcwz7F1XAduVzoeu52ofRfO9Z5ohyYTwspH3 neinbSA0jBoI9LUCkXkALDg2dR9tjptckkglAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUaDJMSli9BvYR+TM2eJeLBMHxuRgwHwYDVR0jBBgwFoAUrszMt53+bEZsyts5 iWcQ7Kw3uEcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDAv cnN6TXQ1My1iRVpzeXRzNWlXY1E3S3czdUVjLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9yc3pNdDUzLWJFWnN5dHM1aVdjUTdLdzN1RWMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC80MC9hREpNU2xpOUJ2WVItVE0y ZUplTEJNSHh1Umcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA JANDADANBgkqhkiG9w0BAQsFAAOCAQEAoaIrYNY+pSK6OUcZV8J4IUGtl22u8jv+ s5wJ+2dUDLQog/MfF9mCMhyn03Rx9kmU7nF/Y5538uLzubqz0jRa3veh5Qjjz56P Qyc8qFF4kTVND3FPyM1DdfJyehpONc3c3tMscqROYF4PUVNmH2Yh28mxg5pjB5eK +w6XEzjV5uISQaRnUnMBV+VmfDLmLA21e44oGb4wH1mEyzPHi3d+6m71Dagv2w1e 2PnkQnyY1ZCKa8R6jTKHUzTEpglgAmbHGifck1ChAOLWmp2JACOThni98HPzGqar bJtw4ZRtWUv0vgAuvPcPZrrL9H9ns40+j7z96INNfULN7YM3xQ2gsw== -----END CERTIFICATE-----Generated at Mon Oct 20 16:40:10 2025 by rpki-client