$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/ATFgBCH-z5QwRsnoWUaXSMjPZOU.roa File: ATFgBCH-z5QwRsnoWUaXSMjPZOU.roa (raw, json) Hash identifier: n4Foqq5hqjB+GZgEyMGUY5DmIYYJeu8QK9AwouJdyOs= Subject key identifier: 01:31:60:04:21:FE:CF:94:30:46:C9:E8:59:46:97:48:C8:CF:64:E5 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E05 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ATFgBCH-z5QwRsnoWUaXSMjPZOU.roa Signing time: Sat 13 Sep 2025 03:04:47 +0000 ROA not before: Sat 13 Sep 2025 03:04:47 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59083 IP address blocks: 2403:1b80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7685 (0x1e05) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:04:47 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=0131600421FECF943046C9E859469748C8CF64E5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:70:11:0d:74:b2:c5:7b:be:77:7b:e3:f6:ce: 8f:8e:fb:9c:fd:c1:b0:dc:ab:c4:bb:79:e2:41:44: cb:e2:56:46:b0:1f:36:ed:c7:56:79:51:c3:d7:b6: a2:41:b6:21:0e:ea:f3:0d:28:2d:91:c1:ec:85:32: 9a:93:1e:fb:33:03:af:52:cd:ac:3b:83:99:bf:ad: f8:0b:f8:d9:cd:ca:d3:1f:2f:de:9d:92:ca:df:fc: e9:cc:17:f4:15:a5:91:11:e1:57:37:66:6b:c2:12: 6e:d5:46:b1:fb:fd:3f:cd:29:45:9a:5a:6e:e3:11: 1b:2c:6e:30:4b:6c:59:07:eb:f4:eb:0f:6b:6b:8c: 96:2c:20:0f:fc:c9:b3:35:e8:e0:5c:4a:04:3e:9f: b3:94:ba:1a:2e:0b:01:f5:3f:9f:ee:42:48:18:b2: 78:05:fd:d5:61:3b:e3:d5:01:dd:69:4b:e9:48:fc: 76:a6:41:36:c0:37:fc:5c:ca:e6:5c:d6:a7:e4:3f: 1e:3f:c8:36:86:0f:dc:86:7c:f7:a6:52:94:30:1d: 2a:5b:08:ff:bd:ff:2a:47:20:4f:21:3c:5a:74:5b: 0a:f6:0d:bc:14:24:11:dc:dd:6f:9a:74:6b:93:bd: ec:5c:73:9c:77:4b:41:13:95:b8:3c:99:58:d2:8b: a8:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:31:60:04:21:FE:CF:94:30:46:C9:E8:59:46:97:48:C8:CF:64:E5 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ATFgBCH-z5QwRsnoWUaXSMjPZOU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:1b80::/48 Signature Algorithm: sha256WithRSAEncryption 8d:4b:9a:57:d4:1a:59:76:d2:7e:e6:a0:68:da:ad:0a:7a:ab: 89:1b:55:c5:44:be:af:74:04:02:95:6f:9b:bb:7d:86:64:5e: c7:df:8a:84:06:d9:d4:4c:23:74:c6:3e:b4:84:29:66:79:06: 1d:38:96:5d:7c:ee:cd:72:22:27:25:2d:bd:84:62:62:28:90: 46:26:90:d7:2e:07:87:ff:16:06:ec:68:05:71:f9:7c:6f:90: 13:5e:c6:a3:0c:96:61:ba:be:d0:6a:0b:8a:13:db:b2:04:ea: 36:38:db:7e:64:f8:d6:90:02:6e:8d:73:b1:68:16:05:e2:1b: 56:68:d2:7d:75:7d:f9:52:21:b0:63:7a:c8:8a:f4:c6:07:78: e4:22:14:6c:87:d1:c7:6f:8f:9c:4a:0d:44:f4:63:40:03:ba: 6f:32:1e:65:0e:2d:16:8f:69:51:27:d1:d3:2c:d6:78:8a:c6: 49:5e:82:e9:db:fc:ec:17:c3:e6:e9:0e:7a:8e:de:9e:ad:34: b7:21:7c:2e:59:8a:49:e4:bb:cb:44:a1:42:8f:ad:69:c6:01: 26:c4:2a:09:bf:b2:51:b5:b3:4f:58:ae:aa:90:29:2f:10:3a: 3f:6e:b8:0a:0b:50:5f:40:b2:89:10:ee:87:45:f9:18:5e:b4: a9:bc:61:6f -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICHgUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA0NDdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDAxMzE2MDA0MjFGRUNG OTQzMDQ2QzlFODU5NDY5NzQ4QzhDRjY0RTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD1cBENdLLFe753e+P2zo+O+5z9wbDcq8S7eeJBRMviVkawHzbt x1Z5UcPXtqJBtiEO6vMNKC2RweyFMpqTHvszA69Szaw7g5m/rfgL+NnNytMfL96d ksrf/OnMF/QVpZER4Vc3ZmvCEm7VRrH7/T/NKUWaWm7jERssbjBLbFkH6/TrD2tr jJYsIA/8ybM16OBcSgQ+n7OUuhouCwH1P5/uQkgYsngF/dVhO+PVAd1pS+lI/Ham QTbAN/xcyuZc1qfkPx4/yDaGD9yGfPemUpQwHSpbCP+9/ypHIE8hPFp0Wwr2DbwU JBHc3W+adGuTvexcc5x3S0ETlbg8mVjSi6gfAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUATFgBCH+z5QwRsnoWUaXSMjPZOUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0FURmdCQ0gtejVRd1Jz bm9XVWFYU01qUFpPVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD BwAkAxuAAAAwDQYJKoZIhvcNAQELBQADggEBAI1LmlfUGll20n7moGjarQp6q4kb VcVEvq90BAKVb5u7fYZkXsffioQG2dRMI3TGPrSEKWZ5Bh04ll187s1yIiclLb2E YmIokEYmkNcuB4f/FgbsaAVx+XxvkBNexqMMlmG6vtBqC4oT27IE6jY4235k+NaQ Am6Nc7FoFgXiG1Zo0n11fflSIbBjesiK9MYHeOQiFGyH0cdvj5xKDUT0Y0ADum8y HmUOLRaPaVEn0dMs1niKxklegunb/OwXw+bpDnqO3p6tNLchfC5Ziknku8tEoUKP rWnGASbEKgm/slG1s09YrqqQKS8QOj9uuAoLUF9AsokQ7odF+RhetKm8YW8= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:49 2025 by rpki-client