$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/Xc7QP2RviMoECTDh0EBBivXMbhI.roa File: Xc7QP2RviMoECTDh0EBBivXMbhI.roa (raw, json) Hash identifier: RiZKfkBNHVLM5vcEsAGLMbnM8MIvLJ3Aius+VA/YZyE= Subject key identifier: 5D:CE:D0:3F:64:6F:88:CA:04:09:30:E1:D0:40:41:8A:F5:CC:6E:12 Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Certificate serial: 14D6 Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/Xc7QP2RviMoECTDh0EBBivXMbhI.roa Signing time: Thu 11 Sep 2025 06:16:29 +0000 ROA not before: Thu 11 Sep 2025 06:16:29 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23853 IP address blocks: 2404:7600:1000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:34:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5334 (0x14d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Validity Not Before: Sep 11 06:16:29 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=5DCED03F646F88CA040930E1D040418AF5CC6E12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:2c:7d:a3:c4:70:15:62:4b:8c:3f:de:2b:54: 74:5d:7e:24:4a:d9:aa:7e:fc:c3:d1:c9:5d:66:47: 75:f8:5e:39:8b:e8:79:65:46:5e:7d:fb:8a:bb:2d: 71:d0:de:0e:ca:c8:a4:3c:9e:ce:b0:d6:5d:8d:4e: 4a:4a:4d:7f:90:ed:21:bb:73:31:ee:64:83:db:06: cd:c6:dd:9f:9f:be:39:d6:b5:d6:d1:5e:79:e8:d5: 83:cb:80:57:0c:73:26:fa:6a:93:e5:df:5b:3b:53: d3:e1:01:69:33:5e:ed:1d:76:2d:ff:c8:5a:c4:fb: fa:d6:76:9a:6c:f7:c4:11:4d:7d:f1:ab:8f:d7:34: eb:1c:a6:46:66:39:e0:c0:45:a0:73:48:2e:87:72: c0:d4:9b:f1:3c:3d:7b:6a:77:e0:58:25:fb:c5:47: 10:10:7c:13:24:7a:fd:80:c8:96:fb:b0:90:40:4f: 2f:39:4d:31:85:11:ee:2c:b8:04:8a:9f:77:82:52: e2:26:01:20:9a:7f:27:6a:88:32:42:94:bb:17:66: c0:d3:e8:3b:ec:70:5d:c6:45:04:e7:be:f7:a4:16: 60:bb:9c:57:42:30:69:17:f6:4b:e4:ad:49:2d:15: b5:df:3c:28:cc:93:bc:16:72:7b:d0:b7:2c:b5:08: dd:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:CE:D0:3F:64:6F:88:CA:04:09:30:E1:D0:40:41:8A:F5:CC:6E:12 X509v3 Authority Key Identifier: keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/Xc7QP2RviMoECTDh0EBBivXMbhI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:7600:1000::/36 Signature Algorithm: sha256WithRSAEncryption 67:91:9d:09:c4:bf:b8:1a:38:13:a0:19:19:ac:b9:04:43:e9: 35:1c:48:fa:e1:d1:b2:7b:15:db:44:5d:a4:95:6f:d2:2d:ed: ac:06:15:97:20:21:1b:7f:92:ae:22:63:ee:74:c8:b0:40:13: bd:9f:4d:73:59:92:4b:06:87:f6:7d:fe:3a:dd:07:7e:7a:41: c7:b4:72:37:a2:3f:a4:51:27:7f:41:46:8b:ab:e1:7c:ad:17: 97:6a:5b:56:6d:a3:03:c5:b2:ee:35:49:14:98:7d:fb:f8:ac: dc:db:cc:07:e3:be:87:9d:ab:e4:94:dc:d4:ce:b2:44:75:8d: e4:0b:1e:9e:4c:aa:5b:64:77:b3:33:28:ad:ee:4a:d0:17:13: 41:90:67:1d:82:ac:28:5e:55:e0:44:61:ad:20:aa:e7:fb:6f: 7e:b1:97:7d:8b:d2:81:49:2d:7e:d0:a9:de:1b:8b:6d:9e:7b: 18:95:a5:d3:f3:e4:34:25:56:4b:a4:86:40:76:97:d8:93:63: f8:e6:a5:f6:ea:80:4f:08:c6:be:87:aa:3f:f5:d0:9b:bb:44: 09:44:c7:e6:5d:72:d9:50:e1:63:55:f2:07:b8:60:1b:5b:3f: 64:4b:f0:40:56:a4:c5:46:42:a9:28:35:1c:1e:fb:d2:ec:1e: 53:14:61:f7 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFNYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yNTA5MTEw NjE2MjlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDVEQ0VEMDNGNjQ2Rjg4 Q0EwNDA5MzBFMUQwNDA0MThBRjVDQzZFMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDELH2jxHAVYkuMP94rVHRdfiRK2ap+/MPRyV1mR3X4XjmL6Hll Rl59+4q7LXHQ3g7KyKQ8ns6w1l2NTkpKTX+Q7SG7czHuZIPbBs3G3Z+fvjnWtdbR Xnno1YPLgFcMcyb6apPl31s7U9PhAWkzXu0ddi3/yFrE+/rWdpps98QRTX3xq4/X NOscpkZmOeDARaBzSC6HcsDUm/E8PXtqd+BYJfvFRxAQfBMkev2AyJb7sJBATy85 TTGFEe4suASKn3eCUuImASCafydqiDJClLsXZsDT6DvscF3GRQTnvvekFmC7nFdC MGkX9kvkrUktFbXfPCjMk7wWcnvQtyy1CN15AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUXc7QP2RviMoECTDh0EBBivXMbhIwHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7 wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS9YYzdRUDJSdmlNb0VDVERo MEVCQml2WE1iaEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYE JAR2ABAwDQYJKoZIhvcNAQELBQADggEBAGeRnQnEv7gaOBOgGRmsuQRD6TUcSPrh 0bJ7FdtEXaSVb9It7awGFZcgIRt/kq4iY+50yLBAE72fTXNZkksGh/Z9/jrdB356 Qce0cjeiP6RRJ39BRour4XytF5dqW1ZtowPFsu41SRSYffv4rNzbzAfjvoedq+SU 3NTOskR1jeQLHp5Mqltkd7MzKK3uStAXE0GQZx2CrCheVeBEYa0gquf7b36xl32L 0oFJLX7Qqd4bi22eexiVpdPz5DQlVkukhkB2l9iTY/jmpfbqgE8Ixr6Hqj/10Ju7 RAlEx+ZdctlQ4WNV8ge4YBtbP2RL8EBWpMVGQqkoNRwe+9LsHlMUYfc= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:56 2025 by rpki-client