$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/-hutihBOvX_asqLI8j4H0-c4fCQ.roa File: -hutihBOvX_asqLI8j4H0-c4fCQ.roa (raw, json) Hash identifier: 9jMeLrBTZKXb6epqoeinQkvpX5pVP8pboe7Asollqko= Subject key identifier: FA:1B:AD:8A:10:4E:BD:7F:DA:B2:A2:C8:F2:3E:07:D3:E7:38:7C:24 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 21FF Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/-hutihBOvX_asqLI8j4H0-c4fCQ.roa Signing time: Sat 13 Sep 2025 03:03:49 +0000 ROA not before: Sat 13 Sep 2025 03:03:49 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23724 IP address blocks: 2401:3480::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8703 (0x21ff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Sep 13 03:03:49 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=FA1BAD8A104EBD7FDAB2A2C8F23E07D3E7387C24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:86:01:f9:95:df:9a:04:6d:d5:c2:8b:d7:f9: 00:3a:1e:cf:d2:42:bf:1e:cc:f8:62:d6:12:ea:00: 65:21:8c:06:51:2b:59:65:1d:1f:6e:b9:92:86:1b: 7a:3e:bf:d0:27:de:25:51:66:4d:43:5e:41:90:59: c2:d6:37:7d:3d:a6:95:bc:bf:a2:5f:44:75:06:0b: 22:7f:1b:b1:01:f5:33:6e:04:df:37:d2:91:b4:8f: 6e:87:38:96:85:49:5e:2c:86:b7:04:bb:33:9e:02: 29:45:62:4e:48:aa:3b:53:d9:fe:62:0f:1e:4e:04: 6c:16:89:55:d2:85:04:06:fc:42:45:86:51:c8:73: 9d:63:13:7a:20:f8:90:55:9b:b6:a0:66:1b:61:13: a6:13:be:d8:59:6f:bf:53:81:f1:0d:12:2a:e2:9b: 11:99:e2:b7:63:99:e1:3a:00:a2:3b:a5:df:51:a8: 5c:1a:7c:2f:14:f4:1e:48:05:1a:29:85:32:1e:34: f5:af:d3:71:e8:2b:b8:b1:c2:05:39:f7:57:80:9e: 27:7f:76:e0:5c:f2:7b:f0:4a:9b:e4:28:82:a6:d0: 06:2a:14:d6:52:bc:2c:56:46:23:63:01:50:0d:a5: b3:96:5c:b7:17:50:37:04:86:72:58:a5:d9:f1:75: 40:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:1B:AD:8A:10:4E:BD:7F:DA:B2:A2:C8:F2:3E:07:D3:E7:38:7C:24 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/-hutihBOvX_asqLI8j4H0-c4fCQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:3480::/36 Signature Algorithm: sha256WithRSAEncryption 44:00:80:e2:33:a5:cd:ad:5c:ca:05:8f:82:6d:00:6a:16:81: 9a:9d:70:0f:b5:77:72:80:37:fe:d5:85:2e:41:78:51:9c:1d: 2d:31:10:e1:a7:ef:8f:50:7e:12:ce:6c:44:73:7f:e4:b3:24: 7e:6e:c3:29:6b:43:49:39:d3:dc:91:74:23:c2:d3:a8:14:45: 86:09:1c:63:61:c9:a1:e2:90:43:8f:21:f7:eb:19:94:7b:47: 9c:e5:56:bb:8d:0f:98:a8:ce:6f:7f:91:aa:c8:94:6a:b1:b7: d7:38:44:97:33:e9:54:22:83:5d:c8:60:17:62:50:72:89:db: 1e:ff:5c:7b:08:b6:e5:1b:f3:ea:bf:03:a4:03:9f:e7:7e:b6: 44:44:17:45:ca:76:a6:2b:5e:ab:e3:12:1a:df:64:c7:d7:f1: 85:51:0e:a7:ac:e4:6c:f1:17:b1:48:bb:36:21:f0:93:c4:4f: 9b:56:7b:7a:6c:89:27:1f:00:12:c3:2f:80:85:37:d6:45:1b: 32:18:a4:3e:86:30:24:02:3b:9d:b6:c6:c0:59:c5:4a:8f:42: 5d:10:8b:ea:df:d5:a4:eb:db:bb:2e:73:6e:58:d8:70:b1:8a: b7:e5:56:d6:a5:42:da:d8:29:90:b1:86:9f:b3:a1:38:42:83: 2d:0e:f6:ef -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIf8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA5MTMw MzAzNDlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEZBMUJBRDhBMTA0RUJE N0ZEQUIyQTJDOEYyM0UwN0QzRTczODdDMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzhgH5ld+aBG3VwovX+QA6Hs/SQr8ezPhi1hLqAGUhjAZRK1ll HR9uuZKGG3o+v9An3iVRZk1DXkGQWcLWN309ppW8v6JfRHUGCyJ/G7EB9TNuBN83 0pG0j26HOJaFSV4shrcEuzOeAilFYk5IqjtT2f5iDx5OBGwWiVXShQQG/EJFhlHI c51jE3og+JBVm7agZhthE6YTvthZb79TgfENEirimxGZ4rdjmeE6AKI7pd9RqFwa fC8U9B5IBRophTIeNPWv03HoK7ixwgU591eAnid/duBc8nvwSpvkKIKm0AYqFNZS vCxWRiNjAVANpbOWXLcXUDcEhnJYpdnxdUBDAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU+hutihBOvX/asqLI8j4H0+c4fCQwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3Ly1odXRpaEJPdlhfYXNx TEk4ajRIMC1jNGZDUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgD BgQkATSAADANBgkqhkiG9w0BAQsFAAOCAQEARACA4jOlza1cygWPgm0AahaBmp1w D7V3coA3/tWFLkF4UZwdLTEQ4afvj1B+Es5sRHN/5LMkfm7DKWtDSTnT3JF0I8LT qBRFhgkcY2HJoeKQQ48h9+sZlHtHnOVWu40PmKjOb3+RqsiUarG31zhElzPpVCKD XchgF2JQconbHv9cewi25Rvz6r8DpAOf5362REQXRcp2piteq+MSGt9kx9fxhVEO p6zkbPEXsUi7NiHwk8RPm1Z7emyJJx8AEsMvgIU31kUbMhikPoYwJAI7nbbGwFnF So9CXRCL6t/VpOvbuy5zbljYcLGKt+VW1qVC2tgpkLGGn7OhOEKDLQ727w== -----END CERTIFICATE-----Generated at Mon Oct 20 08:31:13 2025 by rpki-client