$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/QqRjjyLfhK8o_aXQdJi2gdbUELs.roa File: QqRjjyLfhK8o_aXQdJi2gdbUELs.roa (raw, json) Hash identifier: VuOv1x3dsx86TTbFi/ntCGrfvk6qR5u7MVzeT30APMk= Subject key identifier: 42:A4:63:8F:22:DF:84:AF:28:FD:A5:D0:74:98:B6:81:D6:D4:10:BB Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Certificate serial: 14CC Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/QqRjjyLfhK8o_aXQdJi2gdbUELs.roa Signing time: Thu 11 Sep 2025 06:14:43 +0000 ROA not before: Thu 11 Sep 2025 06:14:43 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23853 IP address blocks: 2404:7600:180::/41 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:34:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5324 (0x14cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Validity Not Before: Sep 11 06:14:43 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=42A4638F22DF84AF28FDA5D07498B681D6D410BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:cb:71:de:6d:46:07:6d:a8:1a:13:cc:fc:60: ea:9c:59:d0:cf:fc:3a:25:e6:cf:29:9c:5d:16:82: dd:0b:72:72:c7:3d:03:cd:be:ed:13:ca:46:0a:6e: c1:32:bc:10:5b:c6:2d:e3:9b:84:46:c7:99:7e:21: 80:f9:b0:b3:f6:4d:3d:5d:32:7c:11:c6:ea:9a:92: 3e:76:aa:3d:b8:c4:2e:e6:1f:a9:e8:74:bb:8c:c3: 9f:00:86:20:93:2e:d6:b8:e2:5d:a1:68:d0:08:2c: 91:75:8a:7c:14:d8:c6:48:09:1d:e5:b8:44:ec:81: 58:f0:54:03:82:62:1b:96:9e:6f:6c:d2:8c:a8:d2: e7:01:2d:42:a4:b3:23:44:55:76:52:cc:76:90:a1: 8f:92:d9:92:04:eb:ff:7c:98:87:8c:bb:f0:c2:71: 3a:e3:2b:40:09:53:c6:16:7f:cd:1a:3d:7e:35:ee: 98:cd:90:5d:31:f3:93:0c:ec:07:72:14:d7:d0:9c: 80:b2:27:18:bb:f7:f3:a9:7d:7f:30:bf:a5:2c:4c: c9:05:20:9a:7e:99:10:bc:e3:17:ea:db:69:93:d3: c2:6f:cd:75:4d:a5:af:78:be:1d:96:2b:a4:0e:32: 0a:b6:10:98:73:2a:91:56:e6:73:5b:59:65:d1:7f: 9c:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:A4:63:8F:22:DF:84:AF:28:FD:A5:D0:74:98:B6:81:D6:D4:10:BB X509v3 Authority Key Identifier: keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/QqRjjyLfhK8o_aXQdJi2gdbUELs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:7600:180::/41 Signature Algorithm: sha256WithRSAEncryption a7:c8:3a:82:ff:fb:d2:ad:83:3c:49:34:d2:1d:15:68:c4:5c: ee:a1:19:b7:8c:f4:8f:69:27:ab:b8:48:32:da:a0:d4:32:91: 46:4f:35:30:27:c2:09:1f:6a:80:ed:37:8e:48:88:c6:f1:e0: b6:a7:fc:a1:b3:e2:a0:72:69:62:88:c2:b7:85:8b:23:45:85: 16:37:7e:e9:df:c6:f9:ca:cc:59:6d:3b:7a:6f:ca:22:3f:38: 1a:96:40:75:b9:fb:74:63:95:4d:5b:af:a8:8d:a0:57:ac:99: 47:aa:cd:38:1e:b1:9a:7d:7d:3d:b6:9c:f9:96:6d:01:0f:4f: cf:17:2b:21:98:a7:52:bb:a2:3a:bc:c2:37:90:d3:20:f6:99: 8c:da:22:26:7d:d4:b9:b4:5c:d9:24:16:e5:76:bb:1d:85:6f: db:61:3b:59:30:0e:be:09:fd:f3:7b:38:75:2a:30:7e:68:2f: 05:45:d5:9e:d5:eb:e4:5d:00:40:b1:54:4e:e7:13:a5:37:59: 06:e9:e5:3e:93:f8:41:e6:69:08:51:b0:ee:09:23:d2:af:2d: 86:5a:99:57:0c:ef:df:34:46:63:71:f5:b0:83:f7:53:1d:9e: 00:19:8b:aa:72:fe:55:f8:56:66:90:69:1a:23:ab:94:2c:50: f9:b1:b7:1e -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICFMwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yNTA5MTEw NjE0NDNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQyQTQ2MzhGMjJERjg0 QUYyOEZEQTVEMDc0OThCNjgxRDZENDEwQkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLy3HebUYHbagaE8z8YOqcWdDP/Dol5s8pnF0Wgt0LcnLHPQPN vu0TykYKbsEyvBBbxi3jm4RGx5l+IYD5sLP2TT1dMnwRxuqakj52qj24xC7mH6no dLuMw58AhiCTLta44l2haNAILJF1inwU2MZICR3luETsgVjwVAOCYhuWnm9s0oyo 0ucBLUKksyNEVXZSzHaQoY+S2ZIE6/98mIeMu/DCcTrjK0AJU8YWf80aPX417pjN kF0x85MM7AdyFNfQnICyJxi79/OpfX8wv6UsTMkFIJp+mRC84xfq22mT08JvzXVN pa94vh2WK6QOMgq2EJhzKpFW5nNbWWXRf5zPAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUQqRjjyLfhK8o/aXQdJi2gdbUELswHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7 wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS9RcVJqanlMZmhLOG9fYVhR ZEppMmdkYlVFTHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcH JAR2AAGAMA0GCSqGSIb3DQEBCwUAA4IBAQCnyDqC//vSrYM8STTSHRVoxFzuoRm3 jPSPaSeruEgy2qDUMpFGTzUwJ8IJH2qA7TeOSIjG8eC2p/yhs+KgcmliiMK3hYsj RYUWN37p38b5ysxZbTt6b8oiPzgalkB1uft0Y5VNW6+ojaBXrJlHqs04HrGafX09 tpz5lm0BD0/PFyshmKdSu6I6vMI3kNMg9pmM2iImfdS5tFzZJBbldrsdhW/bYTtZ MA6+Cf3zezh1KjB+aC8FRdWe1evkXQBAsVRO5xOlN1kG6eU+k/hB5mkIUbDuCSPS ry2GWplXDO/fNEZjcfWwg/dTHZ4AGYuqcv5V+FZmkGkaI6uULFD5sbce -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:49 2025 by rpki-client