$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/756/CN2uS-8nq9U4RrNe_xAiqcQFGpU.roa File: CN2uS-8nq9U4RrNe_xAiqcQFGpU.roa (raw, json) Hash identifier: zH43f17It56l7IeGs4N1AYvuOB5tOr3N0fEsJd+YYJE= Subject key identifier: 08:DD:AE:4B:EF:27:AB:D5:38:46:B3:5E:FF:10:22:A9:C4:05:1A:95 Certificate issuer: /CN=591C5B03C97CE0FE3EC78E23C6856F792C20D404 Certificate serial: 176B Authority key identifier: 59:1C:5B:03:C9:7C:E0:FE:3E:C7:8E:23:C6:85:6F:79:2C:20:D4:04 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/CN2uS-8nq9U4RrNe_xAiqcQFGpU.roa Signing time: Sat 13 Sep 2025 03:03:52 +0000 ROA not before: Sat 13 Sep 2025 03:03:52 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63719 IP address blocks: 2401:2780::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/WRxbA8l84P4-x44jxoVveSwg1AQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/WRxbA8l84P4-x44jxoVveSwg1AQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 13:35:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5995 (0x176b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=591C5B03C97CE0FE3EC78E23C6856F792C20D404 Validity Not Before: Sep 13 03:03:52 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=08DDAE4BEF27ABD53846B35EFF1022A9C4051A95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:ae:a9:fb:8b:58:85:e7:14:65:b9:16:90:70: f9:be:dd:0a:82:eb:fa:bc:25:c2:3c:bb:55:60:93: 34:3e:48:7a:f5:51:2d:d9:62:82:a6:f6:e4:24:10: 7b:12:dd:64:19:47:03:2a:28:55:94:47:a9:31:23: 3a:c3:f3:87:65:3c:3e:4b:96:2f:c5:b1:10:5e:2b: bb:ee:58:9d:f9:fe:5c:77:02:f2:8f:70:bf:39:b4: 50:2e:13:e7:b7:76:0c:97:c5:56:47:66:ca:c3:97: 42:47:22:c4:d1:00:d5:4e:1c:10:19:9d:b6:20:f7: 4d:21:30:c0:5d:7c:50:2b:8f:97:6c:14:95:1f:25: f6:7e:cf:f2:ac:1e:b1:db:8b:e4:f0:3f:b6:04:4a: 00:f3:06:cf:88:de:57:1d:4e:97:b4:d9:16:c1:5a: fd:40:2f:8a:29:10:01:92:2d:a3:13:a7:9d:ce:d3: 67:b5:58:28:3b:77:86:b7:40:e0:56:c5:63:23:b0: b2:71:8f:4d:ff:b2:74:36:35:f4:2b:c9:7a:29:e2: bd:e7:aa:12:ff:39:26:c0:44:7d:27:fd:97:d6:77: 5d:55:af:58:b0:8e:1e:b1:c1:26:da:a5:fb:5c:a4: 68:89:89:35:a7:b7:96:df:80:a8:68:91:41:47:a5: 8a:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:DD:AE:4B:EF:27:AB:D5:38:46:B3:5E:FF:10:22:A9:C4:05:1A:95 X509v3 Authority Key Identifier: keyid:59:1C:5B:03:C9:7C:E0:FE:3E:C7:8E:23:C6:85:6F:79:2C:20:D4:04 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/WRxbA8l84P4-x44jxoVveSwg1AQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/CN2uS-8nq9U4RrNe_xAiqcQFGpU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:2780::/32 Signature Algorithm: sha256WithRSAEncryption a8:ba:0b:6f:50:73:3c:b9:91:09:2d:b0:ed:e3:ac:a9:a5:9b: 49:b0:b5:6a:0e:82:86:19:18:ff:72:52:28:43:f2:8d:c7:81: a5:a0:21:ea:9e:e0:79:7a:1f:6c:71:5e:cf:9c:f8:db:cd:0b: 33:70:a1:03:5e:0d:16:ad:a6:1b:6b:1b:3f:79:5d:a0:d6:77: 79:b2:ad:8f:93:dd:bf:f9:df:22:a6:87:99:1d:ef:39:60:dc: fc:95:20:7a:ae:16:f0:61:1f:de:81:98:24:58:93:98:8c:dc: 03:84:bb:7b:88:aa:bb:3b:d1:88:a1:5b:9e:45:5c:39:ed:62: 4c:4f:1f:fa:fd:20:86:b0:95:8a:79:41:7b:07:cf:2a:55:dc: 95:8b:b8:30:f5:06:62:f9:f8:5a:31:a4:e7:07:60:2f:10:dd: 65:90:25:f2:87:92:d7:dc:2c:49:02:69:fb:55:7c:eb:a0:24: a8:36:fc:8a:6b:89:cc:94:f1:7d:8f:78:cf:1c:e9:20:a8:ee: 69:65:62:a9:e5:23:1f:5a:91:97:1f:23:7f:c6:f3:c5:c4:5a: ad:86:46:52:44:70:bd:cf:6b:19:7e:f5:b3:18:1c:c1:c2:87: fe:9d:ce:88:91:d4:42:15:47:20:e1:2d:be:ac:09:87:ec:64: ac:9a:df:af -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICF2swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTkx QzVCMDNDOTdDRTBGRTNFQzc4RTIzQzY4NTZGNzkyQzIwRDQwNDAeFw0yNTA5MTMw MzAzNTJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDA4RERBRTRCRUYyN0FC RDUzODQ2QjM1RUZGMTAyMkE5QzQwNTFBOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDrqn7i1iF5xRluRaQcPm+3QqC6/q8JcI8u1VgkzQ+SHr1US3Z YoKm9uQkEHsS3WQZRwMqKFWUR6kxIzrD84dlPD5Lli/FsRBeK7vuWJ35/lx3AvKP cL85tFAuE+e3dgyXxVZHZsrDl0JHIsTRANVOHBAZnbYg900hMMBdfFArj5dsFJUf JfZ+z/KsHrHbi+TwP7YESgDzBs+I3lcdTpe02RbBWv1AL4opEAGSLaMTp53O02e1 WCg7d4a3QOBWxWMjsLJxj03/snQ2NfQryXop4r3nqhL/OSbARH0n/ZfWd11Vr1iw jh6xwSbapftcpGiJiTWnt5bfgKhokUFHpYofAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUCN2uS+8nq9U4RrNe/xAiqcQFGpUwHwYDVR0jBBgwFoAUWRxbA8l84P4+x44j xoVveSwg1AQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzU2 L1dSeGJBOGw4NFA0LXg0NGp4b1Z2ZVN3ZzFBUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV1J4YkE4bDg0UDQteDQ0anhvVnZlU3dnMUFRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzU2L0NOMnVTLThucTlVNFJy TmVfeEFpcWNRRkdwVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD BQAkASeAMA0GCSqGSIb3DQEBCwUAA4IBAQCougtvUHM8uZEJLbDt46yppZtJsLVq DoKGGRj/clIoQ/KNx4GloCHqnuB5eh9scV7PnPjbzQszcKEDXg0WraYbaxs/eV2g 1nd5sq2Pk92/+d8ipoeZHe85YNz8lSB6rhbwYR/egZgkWJOYjNwDhLt7iKq7O9GI oVueRVw57WJMTx/6/SCGsJWKeUF7B88qVdyVi7gw9QZi+fhaMaTnB2AvEN1lkCXy h5LX3CxJAmn7VXzroCSoNvyKa4nMlPF9j3jPHOkgqO5pZWKp5SMfWpGXHyN/xvPF xFqthkZSRHC9z2sZfvWzGBzBwof+nc6IkdRCFUcg4S2+rAmH7GSsmt+v -----END CERTIFICATE-----Generated at Tue Oct 21 10:38:20 2025 by rpki-client