$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/h8B2FQTZvh8cfHd4ACjp8LDWoX4.roa File: h8B2FQTZvh8cfHd4ACjp8LDWoX4.roa (raw, json) Hash identifier: iF+HyCSymkoHwgwgGGxKAoo6kMDeJhFG1zxCMV1RTXQ= Subject key identifier: 87:C0:76:15:04:D9:BE:1F:1C:7C:77:78:00:28:E9:F0:B0:D6:A1:7E Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Certificate serial: 0A20 Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/h8B2FQTZvh8cfHd4ACjp8LDWoX4.roa Signing time: Sat 13 Sep 2025 03:02:33 +0000 ROA not before: Sat 13 Sep 2025 03:02:33 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 58834 IP address blocks: 2407:9f00::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 08:36:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2592 (0xa20) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Validity Not Before: Sep 13 03:02:33 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=87C0761504D9BE1F1C7C77780028E9F0B0D6A17E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:98:52:42:47:4e:48:de:90:04:4b:4a:c0:2e: 34:18:70:47:09:44:c9:07:09:fc:ac:c7:c0:74:9f: 5a:f4:d4:c0:e1:49:33:90:42:6a:cd:c1:6e:09:d0: 38:29:d2:24:e0:0b:69:cc:e5:2b:cd:c1:dd:21:91: e7:4b:62:f1:a2:8b:f5:52:1b:ea:cc:04:da:6b:b2: 64:c7:b8:c3:41:e7:2b:71:02:91:34:c8:e5:b8:61: 40:c7:5f:47:df:d5:9b:4d:2c:aa:83:4d:c2:48:4f: 25:17:7d:7a:22:50:ba:73:a9:96:bb:83:58:98:5c: e6:43:03:ff:26:60:7c:a0:22:49:25:e4:23:69:45: b3:51:7e:e7:fe:18:2d:73:40:99:a2:e1:4e:a9:c7: 46:76:9b:99:89:62:67:e6:51:d1:a6:2b:82:af:92: cd:93:2c:89:93:2e:fa:61:79:5d:fb:93:9a:17:8a: 9d:96:bd:a2:f9:72:f7:42:b9:86:1a:fa:a7:97:0d: 9a:22:d3:dd:67:ad:19:8e:a9:1d:80:62:68:cb:1e: 43:f0:a8:a2:c2:3e:26:09:67:2a:f3:1e:4b:24:8c: 37:87:83:41:45:e3:f7:44:e1:21:50:87:0f:c4:36: 56:d6:e0:5c:be:97:20:e8:f0:11:46:ec:83:83:4b: 15:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:C0:76:15:04:D9:BE:1F:1C:7C:77:78:00:28:E9:F0:B0:D6:A1:7E X509v3 Authority Key Identifier: keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/h8B2FQTZvh8cfHd4ACjp8LDWoX4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9f00::/32 Signature Algorithm: sha256WithRSAEncryption 5f:5f:23:2c:aa:0e:bc:92:07:bc:c0:09:53:29:2f:be:68:54: 1f:c5:82:40:1a:5f:07:4c:48:dd:83:ba:67:c7:b9:87:d4:45: fd:08:d9:69:5e:13:1f:2b:e7:2d:78:50:a5:b8:29:28:f2:c4: 8d:0e:3d:bd:c5:a0:c6:0a:5e:73:1d:08:1e:15:89:01:58:7a: 72:4f:44:31:ae:10:1e:4d:23:5b:66:3e:5c:e8:d8:29:f8:2a: 15:57:77:17:42:6d:eb:63:b2:8d:00:5c:c8:be:73:a0:30:74: f6:0b:02:2c:81:40:ca:2d:3c:ca:fb:64:48:d3:36:c0:fc:1e: 0e:9b:1a:dd:b0:d1:c9:80:59:bc:ef:4e:6f:2c:7e:b4:05:ce: 55:a4:a8:71:e3:75:c1:60:61:dc:77:64:6a:25:5f:39:74:0f: 7c:8d:f8:71:1d:0a:69:88:a9:d6:f2:35:f8:da:94:66:7d:2a: a1:24:39:9e:d2:08:27:a3:f3:a0:18:66:15:a8:bd:ca:66:2a: ad:8f:06:23:5a:c5:df:ce:78:aa:3b:70:5f:8e:94:78:17:75: 4c:34:6a:c3:bb:1f:3d:eb:fd:76:25:36:99:2a:2c:97:59:fc: 24:90:b8:5c:75:09:1f:26:ee:4d:f2:ba:7a:7d:fb:05:b5:c3: a2:ed:95:80 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICCiAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC RkM5MDBFREMzNEY4MURBNDgyN0YxRjlGNjNEMDRFMEUyRjc1NjAeFw0yNTA5MTMw MzAyMzNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDg3QzA3NjE1MDREOUJF MUYxQzdDNzc3ODAwMjhFOUYwQjBENkExN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2mFJCR05I3pAES0rALjQYcEcJRMkHCfysx8B0n1r01MDhSTOQ QmrNwW4J0Dgp0iTgC2nM5SvNwd0hkedLYvGii/VSG+rMBNprsmTHuMNB5ytxApE0 yOW4YUDHX0ff1ZtNLKqDTcJITyUXfXoiULpzqZa7g1iYXOZDA/8mYHygIkkl5CNp RbNRfuf+GC1zQJmi4U6px0Z2m5mJYmfmUdGmK4Kvks2TLImTLvpheV37k5oXip2W vaL5cvdCuYYa+qeXDZoi091nrRmOqR2AYmjLHkPwqKLCPiYJZyrzHkskjDeHg0FF 4/dE4SFQhw/ENlbW4Fy+lyDo8BFG7IODSxXzAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUh8B2FQTZvh8cfHd4ACjp8LDWoX4wHwYDVR0jBBgwFoAU3r/JAO3DT4HaSCfx +fY9BODi91YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIz LzNyX0pBTzNEVDRIYVNDZngtZlk5Qk9EaTkxWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvM3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIzL2g4QjJGUVRadmg4Y2ZI ZDRBQ2pwOExEV29YNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD BQAkB58AMA0GCSqGSIb3DQEBCwUAA4IBAQBfXyMsqg68kge8wAlTKS++aFQfxYJA Gl8HTEjdg7pnx7mH1EX9CNlpXhMfK+cteFCluCko8sSNDj29xaDGCl5zHQgeFYkB WHpyT0QxrhAeTSNbZj5c6Ngp+CoVV3cXQm3rY7KNAFzIvnOgMHT2CwIsgUDKLTzK +2RI0zbA/B4OmxrdsNHJgFm8705vLH60Bc5VpKhx43XBYGHcd2RqJV85dA98jfhx HQppiKnW8jX42pRmfSqhJDme0ggno/OgGGYVqL3KZiqtjwYjWsXfzniqO3BfjpR4 F3VMNGrDux896/12JTaZKiyXWfwkkLhcdQkfJu5N8rp6ffsFtcOi7ZWA -----END CERTIFICATE-----Generated at Tue Oct 21 06:43:55 2025 by rpki-client