$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/654/HvfqDy2hGJa-tDVDeSqEuKF3dN0.roa File: HvfqDy2hGJa-tDVDeSqEuKF3dN0.roa (raw, json) Hash identifier: 2Jp6mxuujCuZIIC04F/ARmPj+su7hSsGSy1xTvc4+Qs= Subject key identifier: 1E:F7:EA:0F:2D:A1:18:96:BE:B4:35:43:79:2A:84:B8:A1:77:74:DD Certificate issuer: /CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Certificate serial: 1745 Authority key identifier: DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/HvfqDy2hGJa-tDVDeSqEuKF3dN0.roa Signing time: Sat 13 Sep 2025 03:06:19 +0000 ROA not before: Sat 13 Sep 2025 03:06:19 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63199 IP address blocks: 2400:5280:4800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 04:06:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5957 (0x1745) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Validity Not Before: Sep 13 03:06:19 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=1EF7EA0F2DA11896BEB43543792A84B8A17774DD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:ec:54:7a:8a:35:62:75:85:93:56:08:42:c6: d9:79:97:fe:48:3f:46:da:60:ee:e4:51:2c:ac:30: 05:8b:91:24:b3:64:8a:c5:6e:8b:fc:49:1b:e0:ca: 69:e8:d5:8d:09:c5:ba:aa:3a:0f:1a:23:52:71:8a: 6a:18:bc:b8:1e:ed:44:6d:89:93:63:d0:89:b9:63: be:10:cb:88:72:fc:3b:27:8b:23:00:d7:57:f1:fd: 53:51:3e:cd:ba:31:d0:eb:ab:cb:fb:2f:c1:cb:a7: f4:ff:cd:2d:8b:be:50:49:d2:b4:d1:ad:cd:dd:d8: f0:7e:ae:fc:5c:05:94:1e:f5:25:38:51:63:93:60: f7:9b:6f:9e:21:df:6a:47:46:ef:cc:72:75:18:58: a5:36:e9:b1:f1:07:c7:9e:8b:99:cb:1c:75:03:78: 7c:77:d9:38:28:8a:ed:af:7a:97:92:7c:c9:8b:47: f0:d4:41:7f:01:21:9c:83:b2:98:71:a8:32:4c:4e: 11:98:3f:1e:4c:d5:40:f1:0e:37:58:0a:22:15:c6: 39:cc:68:47:c0:ce:d9:45:3c:c2:9c:3e:7e:33:fe: 7e:25:05:92:8a:d0:26:e3:85:85:bb:f7:6f:fa:d2: 86:87:52:8d:cb:8e:b5:5d:e0:aa:d5:ba:72:4f:2e: a2:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:F7:EA:0F:2D:A1:18:96:BE:B4:35:43:79:2A:84:B8:A1:77:74:DD X509v3 Authority Key Identifier: keyid:DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/HvfqDy2hGJa-tDVDeSqEuKF3dN0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:5280:4800::/38 Signature Algorithm: sha256WithRSAEncryption b8:e5:cb:6a:ca:c9:53:48:ec:26:74:24:a4:23:10:87:4c:0e: 35:6e:3d:b9:b9:bc:e6:5c:02:67:09:74:aa:ea:ba:b2:54:6f: f0:09:a1:0c:61:04:60:73:2d:81:d1:65:bd:5e:64:71:59:d0: 52:fc:13:22:16:70:77:ea:cd:4f:7c:39:ac:78:e4:52:bb:61: 40:fa:98:bf:0d:49:e6:6d:ba:45:c5:db:f0:3d:48:7c:fe:f4: f8:cb:2a:7c:95:4a:1c:bd:e0:4a:38:77:b9:88:7a:39:1f:bd: f2:5e:9f:36:02:d7:81:5e:c5:c5:f4:a7:50:d7:1e:05:1b:ec: 11:ec:e2:99:a7:09:12:23:d2:d8:16:eb:78:df:a0:0e:d7:54: 69:fe:b3:79:a9:f2:b1:8e:36:b6:02:f0:83:1a:52:da:af:f6: b2:83:4b:bc:22:46:a3:65:38:e4:b6:62:25:8b:81:66:64:83: ed:11:98:0a:9f:56:3c:48:9e:44:79:c2:7b:21:d4:7c:09:4c: 99:2d:c0:56:3a:4a:8f:e5:ea:ed:bf:8a:1c:3f:3f:7b:c3:41: 03:ff:09:fd:cb:cc:43:d2:61:f4:51:c7:24:5d:23:4d:ce:59: a1:55:ae:42:e9:d4:6a:e8:bb:1b:ac:43:88:83:33:e8:29:8c: 47:a6:74:a2 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICF0UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREE5 OTNGRTVDMDRGRjlGMjJDNTI2MjYzMEJFQzM3RjVCM0E3ODI4NTAeFw0yNTA5MTMw MzA2MTlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDFFRjdFQTBGMkRBMTE4 OTZCRUI0MzU0Mzc5MkE4NEI4QTE3Nzc0REQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDI7FR6ijVidYWTVghCxtl5l/5IP0baYO7kUSysMAWLkSSzZIrF bov8SRvgymno1Y0JxbqqOg8aI1JximoYvLge7URtiZNj0Im5Y74Qy4hy/DsniyMA 11fx/VNRPs26MdDrq8v7L8HLp/T/zS2LvlBJ0rTRrc3d2PB+rvxcBZQe9SU4UWOT YPebb54h32pHRu/McnUYWKU26bHxB8eei5nLHHUDeHx32Tgoiu2vepeSfMmLR/DU QX8BIZyDsphxqDJMThGYPx5M1UDxDjdYCiIVxjnMaEfAztlFPMKcPn4z/n4lBZKK 0CbjhYW792/60oaHUo3LjrVd4KrVunJPLqK3AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUHvfqDy2hGJa+tDVDeSqEuKF3dN0wHwYDVR0jBBgwFoAU2pk/5cBP+fIsUmJj C+w39bOngoUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0 LzJwa181Y0JQLWZJc1VtSmpDLXczOWJPbmdvVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMnBrXzVjQlAtZklzVW1KakMtdzM5Yk9uZ29VLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0L0h2ZnFEeTJoR0phLXRE VkRlU3FFdUtGM2ROMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgD BgIkAFKASDANBgkqhkiG9w0BAQsFAAOCAQEAuOXLasrJU0jsJnQkpCMQh0wONW49 ubm85lwCZwl0quq6slRv8AmhDGEEYHMtgdFlvV5kcVnQUvwTIhZwd+rNT3w5rHjk UrthQPqYvw1J5m26RcXb8D1IfP70+MsqfJVKHL3gSjh3uYh6OR+98l6fNgLXgV7F xfSnUNceBRvsEezimacJEiPS2BbreN+gDtdUaf6zeanysY42tgLwgxpS2q/2soNL vCJGo2U45LZiJYuBZmSD7RGYCp9WPEieRHnCeyHUfAlMmS3AVjpKj+Xq7b+KHD8/ e8NBA/8J/cvMQ9Jh9FHHJF0jTc5ZoVWuQunUaui7G6xDiIMz6CmMR6Z0og== -----END CERTIFICATE-----Generated at Mon Oct 20 00:04:32 2025 by rpki-client