$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/3rrh6Q4Ab0f0IwN6eJXSZrXq87g.roa File: 3rrh6Q4Ab0f0IwN6eJXSZrXq87g.roa (raw, json) Hash identifier: m1GrQUY3NH1MYDu7gyDtrRIZVZ5lrV6InlgxmD1ECRw= Subject key identifier: DE:BA:E1:E9:0E:00:6F:47:F4:23:03:7A:78:95:D2:66:B5:EA:F3:B8 Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Certificate serial: 14D4 Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/3rrh6Q4Ab0f0IwN6eJXSZrXq87g.roa Signing time: Thu 11 Sep 2025 06:16:10 +0000 ROA not before: Thu 11 Sep 2025 06:16:10 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23853 IP address blocks: 2404:7600:800::/37 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:34:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5332 (0x14d4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Validity Not Before: Sep 11 06:16:10 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=DEBAE1E90E006F47F423037A7895D266B5EAF3B8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:7e:bb:97:f7:7b:e2:36:aa:e0:d5:22:17:c1: 63:4e:02:6e:1e:da:cf:14:80:2a:0d:9a:90:d1:ed: 57:90:b6:96:71:24:bc:4b:c0:f4:03:bc:7a:30:ba: 50:02:cc:44:61:46:14:4a:60:c0:32:c3:43:df:e2: 52:25:47:ba:c3:c3:ee:77:9a:e1:21:39:07:b0:13: df:e4:0c:96:e0:89:33:ed:10:0f:33:d3:c6:a4:2f: 17:bd:9e:88:22:fd:29:8f:e8:a1:25:b6:b6:16:99: dd:87:5e:be:0e:9e:81:1d:8b:5c:e6:bd:2d:1c:b2: d5:b7:41:8f:11:71:fd:04:b0:ca:5e:54:42:44:45: 8a:4a:7f:f3:21:1b:5d:91:4e:35:cf:f8:09:9b:01: 8f:22:e3:73:ff:39:af:a9:6f:8a:a4:e6:9c:af:a2: c8:d2:63:f3:fc:89:56:64:e4:10:9f:a1:81:e7:c4: d7:e5:9f:d8:b2:e6:51:9b:3d:9f:4e:0b:d5:02:91: b8:c9:90:40:aa:3c:aa:29:63:75:74:7b:e8:28:f5: 8a:7f:79:17:cd:c8:76:f0:ac:81:e6:b5:66:62:7c: f1:b4:02:16:cf:7e:f8:7d:26:d7:97:c8:3b:4f:1f: b2:5a:f4:41:76:0f:12:f8:00:1a:fc:db:d7:81:1d: 40:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:BA:E1:E9:0E:00:6F:47:F4:23:03:7A:78:95:D2:66:B5:EA:F3:B8 X509v3 Authority Key Identifier: keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/3rrh6Q4Ab0f0IwN6eJXSZrXq87g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:7600:800::/37 Signature Algorithm: sha256WithRSAEncryption 13:b2:36:19:81:15:b2:9f:0d:0f:0b:bf:d4:51:f2:2b:51:f6: 02:2e:32:56:e9:56:a0:fd:42:af:c9:ec:43:0d:89:0e:7b:82: cd:ab:13:fe:4e:6c:da:48:dd:f1:e6:e6:58:41:4f:8d:63:54: 18:37:1a:29:62:a7:c6:55:d9:3e:98:31:1f:b5:75:7f:ac:36: 7c:94:ba:ee:cf:a2:4e:d8:df:1a:3f:72:94:23:ec:f7:35:b0: 03:dc:02:6f:ea:bb:9b:4e:bd:06:34:27:89:1a:a8:b8:fa:2b: ba:54:6b:8d:19:c6:f3:bd:f9:91:bf:f0:4e:91:84:d1:37:21: 12:b2:4c:05:77:0c:ad:b9:f4:c2:6c:6b:ab:ce:73:de:38:d9: 93:51:2c:a8:ab:a8:ae:d9:ec:2c:82:53:0e:6f:ad:33:e1:6d: 33:b6:6e:b4:00:5a:65:74:48:71:e3:ab:dd:72:9f:47:5a:a5: 54:50:64:e3:19:92:e5:ca:e1:97:36:2b:83:3a:39:b7:4a:94: db:ee:04:2b:10:9f:72:19:b3:43:00:16:ff:9d:2e:26:04:bc: a9:8e:cf:13:c8:ff:97:1d:08:01:7a:9a:ea:0f:9f:34:1a:e6: 85:54:f4:0c:71:6d:6d:95:c9:87:d3:07:a8:01:8a:65:0f:7e: 7e:95:36:62 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFNQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yNTA5MTEw NjE2MTBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKERFQkFFMUU5MEUwMDZG NDdGNDIzMDM3QTc4OTVEMjY2QjVFQUYzQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPfruX93viNqrg1SIXwWNOAm4e2s8UgCoNmpDR7VeQtpZxJLxL wPQDvHowulACzERhRhRKYMAyw0Pf4lIlR7rDw+53muEhOQewE9/kDJbgiTPtEA8z 08akLxe9nogi/SmP6KEltrYWmd2HXr4OnoEdi1zmvS0cstW3QY8Rcf0EsMpeVEJE RYpKf/MhG12RTjXP+AmbAY8i43P/Oa+pb4qk5pyvosjSY/P8iVZk5BCfoYHnxNfl n9iy5lGbPZ9OC9UCkbjJkECqPKopY3V0e+go9Yp/eRfNyHbwrIHmtWZifPG0AhbP fvh9JteXyDtPH7Ja9EF2DxL4ABr829eBHUBjAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU3rrh6Q4Ab0f0IwN6eJXSZrXq87gwHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7 wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS8zcnJoNlE0QWIwZjBJd042 ZUpYU1pyWHE4N2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYD JAR2AAgwDQYJKoZIhvcNAQELBQADggEBABOyNhmBFbKfDQ8Lv9RR8itR9gIuMlbp VqD9Qq/J7EMNiQ57gs2rE/5ObNpI3fHm5lhBT41jVBg3Gilip8ZV2T6YMR+1dX+s NnyUuu7Pok7Y3xo/cpQj7Pc1sAPcAm/qu5tOvQY0J4kaqLj6K7pUa40ZxvO9+ZG/ 8E6RhNE3IRKyTAV3DK259MJsa6vOc9442ZNRLKirqK7Z7CyCUw5vrTPhbTO2brQA WmV0SHHjq91yn0dapVRQZOMZkuXK4Zc2K4M6ObdKlNvuBCsQn3IZs0MAFv+dLiYE vKmOzxPI/5cdCAF6muoPnzQa5oVU9AxxbW2VyYfTB6gBimUPfn6VNmI= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:53 2025 by rpki-client