$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/sFyK8mSLyzPsWIyt_Q01K7ugkMs.roa File: sFyK8mSLyzPsWIyt_Q01K7ugkMs.roa (raw, json) Hash identifier: NdbJ2AcT138Pf9Bckn1KXUx34Lrf6gkt0q1ywbTZyLE= Subject key identifier: B0:5C:8A:F2:64:8B:CB:33:EC:58:8C:AD:FD:0D:35:2B:BB:A0:90:CB Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Certificate serial: 14DA Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/sFyK8mSLyzPsWIyt_Q01K7ugkMs.roa Signing time: Thu 11 Sep 2025 06:16:54 +0000 ROA not before: Thu 11 Sep 2025 06:16:54 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23853 IP address blocks: 2404:7600:4000::/34 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:34:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5338 (0x14da) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Validity Not Before: Sep 11 06:16:54 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=B05C8AF2648BCB33EC588CADFD0D352BBBA090CB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:df:e2:37:a9:d0:95:2b:3c:1c:8a:39:66:7b: 59:37:0c:97:9b:a6:9d:d8:09:83:06:6e:04:2b:87: ab:34:11:fe:51:0b:bb:40:07:98:80:a5:95:f6:61: aa:0b:e6:79:b2:0a:eb:00:68:f8:97:8b:e3:55:cc: 47:64:f8:65:f1:7b:c2:4f:92:10:2e:71:b3:49:7b: 61:81:78:ef:88:bc:8a:3b:d2:bb:7f:10:5d:f9:77: 70:7c:a9:c8:d5:c0:7f:a1:5a:ac:3a:1a:1a:05:1a: 23:c6:ce:10:ce:53:ea:d2:88:ee:21:24:de:28:3c: 65:ef:94:91:91:c7:1b:60:70:b5:76:c0:08:99:c7: 13:49:e0:71:f6:11:f2:3d:1b:a4:a9:6f:e8:46:2d: 67:0d:7b:95:88:2d:31:d1:0b:39:0a:e8:3e:78:42: 55:1e:13:e8:fe:cc:3e:a6:d3:70:ff:d5:29:8d:74: fb:7f:ec:74:c1:58:58:16:3a:3f:2d:91:1f:c8:39: ec:01:8b:08:2b:da:fe:5b:53:8b:aa:8f:76:f9:4f: 31:59:d5:03:5b:c3:ff:66:90:dd:4d:17:2d:0c:6e: 04:8f:27:30:f1:13:6e:9c:50:82:fb:83:16:2a:c6: 06:c6:60:f9:7a:1e:a2:35:3f:d2:ac:24:34:51:66: 41:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:5C:8A:F2:64:8B:CB:33:EC:58:8C:AD:FD:0D:35:2B:BB:A0:90:CB X509v3 Authority Key Identifier: keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/sFyK8mSLyzPsWIyt_Q01K7ugkMs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:7600:4000::/34 Signature Algorithm: sha256WithRSAEncryption 3c:c6:6e:ea:08:97:c1:5a:5c:a7:63:e1:ca:93:09:b5:da:c8: 1c:ba:75:6a:f2:59:3a:8f:22:7d:8b:5f:74:cd:c9:2d:1a:ed: 18:49:6b:e2:fe:99:c9:47:5e:7d:9a:c7:9a:f1:40:3a:e2:62: 1b:88:fc:84:78:3c:93:26:a3:f2:96:2e:ce:c6:de:42:da:72: ee:c8:b6:2e:a4:fd:68:b6:19:c1:cf:78:ad:ea:6d:90:eb:9a: 94:df:9b:97:d5:94:45:ce:9e:23:01:13:1c:e1:15:8a:be:c4: 6c:e1:2f:ac:42:0e:5d:c1:a8:1a:3b:71:f0:20:82:1a:3f:40: 63:6b:ba:51:8a:24:73:7a:54:dc:0a:b8:1a:1f:26:e3:3a:aa: 6c:85:b2:d3:b8:f9:17:9c:67:32:14:cf:2f:97:69:a9:78:cd: 39:21:e2:0e:1c:a5:79:a9:4d:3d:a3:a6:41:3f:f5:aa:9c:2a: 9d:21:4a:1c:09:ca:0a:27:bb:eb:5c:db:6d:a4:b9:da:14:34: fc:18:e2:11:db:43:60:6e:a4:04:eb:1b:27:a2:a5:b6:da:cb: c9:91:8b:b7:12:dc:b2:9f:36:11:1a:e8:82:29:59:fb:c1:e3: 56:74:fe:c0:a2:f5:1a:b6:9c:fb:88:a3:21:c2:1b:12:11:49: c2:58:7a:0c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFNowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yNTA5MTEw NjE2NTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEIwNUM4QUYyNjQ4QkNC MzNFQzU4OENBREZEMEQzNTJCQkJBMDkwQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDG3+I3qdCVKzwcijlme1k3DJebpp3YCYMGbgQrh6s0Ef5RC7tA B5iApZX2YaoL5nmyCusAaPiXi+NVzEdk+GXxe8JPkhAucbNJe2GBeO+IvIo70rt/ EF35d3B8qcjVwH+hWqw6GhoFGiPGzhDOU+rSiO4hJN4oPGXvlJGRxxtgcLV2wAiZ xxNJ4HH2EfI9G6Spb+hGLWcNe5WILTHRCzkK6D54QlUeE+j+zD6m03D/1SmNdPt/ 7HTBWFgWOj8tkR/IOewBiwgr2v5bU4uqj3b5TzFZ1QNbw/9mkN1NFy0MbgSPJzDx E26cUIL7gxYqxgbGYPl6HqI1P9KsJDRRZkETAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUsFyK8mSLyzPsWIyt/Q01K7ugkMswHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7 wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS9zRnlLOG1TTHl6UHNXSXl0 X1EwMUs3dWdrTXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYG JAR2AEAwDQYJKoZIhvcNAQELBQADggEBADzGbuoIl8FaXKdj4cqTCbXayBy6dWry WTqPIn2LX3TNyS0a7RhJa+L+mclHXn2ax5rxQDriYhuI/IR4PJMmo/KWLs7G3kLa cu7Iti6k/Wi2GcHPeK3qbZDrmpTfm5fVlEXOniMBExzhFYq+xGzhL6xCDl3BqBo7 cfAggho/QGNrulGKJHN6VNwKuBofJuM6qmyFstO4+RecZzIUzy+Xaal4zTkh4g4c pXmpTT2jpkE/9aqcKp0hShwJygonu+tc222kudoUNPwY4hHbQ2BupATrGyeipbba y8mRi7cS3LKfNhEa6IIpWfvB41Z0/sCi9Rq2nPuIoyHCGxIRScJYegw= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:51 2025 by rpki-client