$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/654/oNvneKkprq7Fup3AehiZivYiGcQ.roa File: oNvneKkprq7Fup3AehiZivYiGcQ.roa (raw, json) Hash identifier: WduhKcWHW4jd8W/irOIfT6Xtxvc/1kytp2QLDcGjP7I= Subject key identifier: A0:DB:E7:78:A9:29:AE:AE:C5:BA:9D:C0:7A:18:99:8A:F6:22:19:C4 Certificate issuer: /CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Certificate serial: 1744 Authority key identifier: DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/oNvneKkprq7Fup3AehiZivYiGcQ.roa Signing time: Sat 13 Sep 2025 03:06:19 +0000 ROA not before: Sat 13 Sep 2025 03:06:19 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63199 IP address blocks: 2400:5280:4400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 04:06:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5956 (0x1744) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Validity Not Before: Sep 13 03:06:19 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=A0DBE778A929AEAEC5BA9DC07A18998AF62219C4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:ad:17:2b:48:46:98:e5:00:34:03:8d:fe:ad: fd:9c:eb:5d:50:6b:ed:e5:ed:50:3d:a4:76:22:4e: 25:30:f1:fc:06:02:80:7b:8d:7c:8b:91:bb:a9:94: 98:03:4f:38:d9:43:94:5c:05:89:e5:f1:5e:b3:f8: 7f:4d:e4:f1:ef:f5:1b:a4:2f:e3:61:79:28:d9:33: 94:64:9b:26:cd:c5:86:a8:45:86:d4:fd:1c:7c:a1: c3:d5:f3:70:b8:49:c0:61:3a:fa:6d:60:25:76:b6: 38:a3:69:a8:54:16:cd:ad:6d:7b:f2:bd:33:56:aa: b2:15:65:17:08:70:a6:92:83:b8:b0:2d:4a:dd:0c: 09:25:e5:a2:c0:2e:7b:07:f9:c4:7b:c5:ba:12:8d: ea:a1:ac:b4:a4:43:93:82:0a:e3:95:52:45:67:71: f6:86:7d:15:33:58:c5:c4:7b:e1:fa:be:b9:ae:ac: 60:89:27:ea:fa:b1:1c:c9:05:e9:23:2a:ec:be:bc: 0f:70:62:59:5c:30:af:32:8c:40:d8:3a:a0:33:d9: a3:cd:fc:50:23:c3:3c:0a:da:27:f6:2f:e8:77:47: f6:a3:29:3b:60:62:ba:1d:3c:58:22:40:aa:40:8d: e8:b3:fa:04:5b:e2:8d:a1:aa:46:33:19:b9:07:51: 60:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:DB:E7:78:A9:29:AE:AE:C5:BA:9D:C0:7A:18:99:8A:F6:22:19:C4 X509v3 Authority Key Identifier: keyid:DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/oNvneKkprq7Fup3AehiZivYiGcQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:5280:4400::/38 Signature Algorithm: sha256WithRSAEncryption a1:8f:83:0a:9d:bb:8c:ad:dc:f9:d7:3f:03:16:30:e0:b3:b1: 41:dc:52:cd:98:fc:50:9a:65:bf:ae:e4:a6:43:ba:1c:0a:f4: f2:a0:e9:a9:66:85:ab:42:92:4a:ab:ad:25:00:ef:ec:4f:36: 61:86:31:44:87:bc:f2:a5:e8:9d:d1:f9:5a:8f:f3:b2:b1:a5: 00:f0:e8:a6:2a:b4:b1:87:09:f0:0c:7e:f0:dd:03:97:5c:80: fb:aa:b8:79:de:c2:e0:cf:23:05:21:d7:55:df:24:df:79:76: 40:a6:19:70:f5:c4:ba:9c:79:bc:10:e8:a2:e2:32:05:ad:07: 6c:dc:fa:af:57:76:2a:32:39:dd:70:46:02:ea:05:bc:63:79: da:c5:89:31:63:3a:20:32:47:9b:e0:2d:1f:c1:68:c9:44:8e: 93:ba:0e:2d:4c:59:4f:52:08:c4:d5:3f:e1:12:3f:56:cc:5b: 13:f7:64:27:2a:f7:2c:7a:83:a2:73:ba:f2:c2:75:6a:69:af: 81:87:93:ed:8b:fa:ed:3f:3a:f9:19:f4:71:50:77:77:de:47: 46:81:d5:d0:5b:b5:01:9b:8c:b5:47:e0:c8:f6:f0:fd:27:d7: b4:11:3c:bf:7f:4c:8d:0e:68:80:30:4c:1c:c7:5d:91:2a:4b: 14:ca:c6:49 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICF0QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREE5 OTNGRTVDMDRGRjlGMjJDNTI2MjYzMEJFQzM3RjVCM0E3ODI4NTAeFw0yNTA5MTMw MzA2MTlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEEwREJFNzc4QTkyOUFF QUVDNUJBOURDMDdBMTg5OThBRjYyMjE5QzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDfrRcrSEaY5QA0A43+rf2c611Qa+3l7VA9pHYiTiUw8fwGAoB7 jXyLkbuplJgDTzjZQ5RcBYnl8V6z+H9N5PHv9RukL+NheSjZM5RkmybNxYaoRYbU /Rx8ocPV83C4ScBhOvptYCV2tjijaahUFs2tbXvyvTNWqrIVZRcIcKaSg7iwLUrd DAkl5aLALnsH+cR7xboSjeqhrLSkQ5OCCuOVUkVncfaGfRUzWMXEe+H6vrmurGCJ J+r6sRzJBekjKuy+vA9wYllcMK8yjEDYOqAz2aPN/FAjwzwK2if2L+h3R/ajKTtg YrodPFgiQKpAjeiz+gRb4o2hqkYzGbkHUWCTAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUoNvneKkprq7Fup3AehiZivYiGcQwHwYDVR0jBBgwFoAU2pk/5cBP+fIsUmJj C+w39bOngoUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0 LzJwa181Y0JQLWZJc1VtSmpDLXczOWJPbmdvVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMnBrXzVjQlAtZklzVW1KakMtdzM5Yk9uZ29VLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0L29Odm5lS2twcnE3RnVw M0FlaGlaaXZZaUdjUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgD BgIkAFKARDANBgkqhkiG9w0BAQsFAAOCAQEAoY+DCp27jK3c+dc/AxYw4LOxQdxS zZj8UJplv67kpkO6HAr08qDpqWaFq0KSSqutJQDv7E82YYYxRIe88qXondH5Wo/z srGlAPDopiq0sYcJ8Ax+8N0Dl1yA+6q4ed7C4M8jBSHXVd8k33l2QKYZcPXEupx5 vBDoouIyBa0HbNz6r1d2KjI53XBGAuoFvGN52sWJMWM6IDJHm+AtH8FoyUSOk7oO LUxZT1IIxNU/4RI/VsxbE/dkJyr3LHqDonO68sJ1ammvgYeT7Yv67T86+Rn0cVB3 d95HRoHV0Fu1AZuMtUfgyPbw/SfXtBE8v39MjQ5ogDBMHMddkSpLFMrGSQ== -----END CERTIFICATE-----Generated at Mon Oct 20 00:04:25 2025 by rpki-client