$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/HvjzdwGjCxsvqimvmKk97v86rfY.roa File: HvjzdwGjCxsvqimvmKk97v86rfY.roa (raw, json) Hash identifier: 82rj+dHbMP9YATIrkhIoetOPc22Xyr4QlLIreNDKmo4= Subject key identifier: 1E:F8:F3:77:01:A3:0B:1B:2F:AA:29:AF:98:A9:3D:EE:FF:3A:AD:F6 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 21FD Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/HvjzdwGjCxsvqimvmKk97v86rfY.roa Signing time: Sat 13 Sep 2025 03:03:48 +0000 ROA not before: Sat 13 Sep 2025 03:03:48 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 58466 IP address blocks: 2401:3480:3000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8701 (0x21fd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Sep 13 03:03:48 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=1EF8F37701A30B1B2FAA29AF98A93DEEFF3AADF6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:9d:8f:bd:86:96:d7:65:bd:29:42:3e:eb:f7: 28:d1:f6:ff:73:3d:a7:2c:26:8e:10:23:06:8a:50: 9e:95:82:4c:70:f4:3a:9d:0b:3b:93:13:ee:8c:9b: 5b:f1:9a:de:56:0a:61:67:77:58:28:d9:d7:aa:4d: 19:cd:c5:52:6a:26:4d:c8:12:8c:b6:6a:34:a1:a2: 66:dd:07:a9:af:36:b3:91:3e:29:a6:0e:35:aa:c2: 30:00:c2:f8:4a:fc:8a:33:72:c1:a5:f3:db:c2:25: 24:99:f2:d2:e8:c2:d9:0d:03:e9:de:7c:58:dc:e8: 6b:28:b0:2d:df:cb:01:28:f7:e4:cb:7b:97:70:2a: 27:12:0e:61:8a:82:1f:bf:c4:77:0c:95:81:1d:8b: a4:25:c9:e3:0e:4f:70:32:b2:81:a9:31:1e:ef:4f: 37:d4:ad:40:3e:d0:68:90:92:af:ac:94:7c:9f:bc: 6f:ff:1f:dc:c2:b3:95:0e:1f:b5:31:b4:c1:52:4a: a4:34:0c:7f:07:29:92:e5:12:50:3b:91:73:b8:db: 4b:45:62:99:24:a8:3b:76:7f:90:f1:39:01:b7:f9: 7c:e6:1a:d3:8a:17:2a:52:50:88:9a:53:22:b8:0e: a4:f4:a2:ba:a3:15:c1:8f:6f:bc:5f:6a:b5:1a:fa: 7f:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:F8:F3:77:01:A3:0B:1B:2F:AA:29:AF:98:A9:3D:EE:FF:3A:AD:F6 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/HvjzdwGjCxsvqimvmKk97v86rfY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:3480:3000::/36 Signature Algorithm: sha256WithRSAEncryption 5d:cd:0e:66:02:c8:07:31:e3:96:33:06:0b:61:4f:40:b8:be: 21:73:e0:b0:73:47:32:3b:e8:5e:96:40:cf:fa:56:f4:e2:38: 28:46:e0:87:1b:95:8f:20:5f:3c:54:fb:00:c3:68:37:44:0d: 02:28:8e:81:ce:86:3d:48:a6:9a:53:17:66:11:fb:ad:49:ca: 6b:23:08:40:e7:62:f7:7c:71:c6:d4:fa:3f:a0:e7:36:69:1a: f4:33:78:25:7b:f9:29:91:2a:1c:d9:da:0e:0b:ee:5a:ac:b1: bc:58:86:d0:81:d8:1a:25:3c:4b:98:48:59:d7:24:61:7e:e8: 7b:45:cc:d8:1e:70:6d:8c:d0:da:f0:6e:58:4e:f3:42:4d:41: e2:9e:0f:ea:19:69:5d:55:08:3e:2c:25:fd:d1:e0:af:8c:a2: 0d:92:d1:17:36:c7:9d:9b:f4:da:49:f6:27:ef:8f:99:97:c5: 9f:03:ee:a5:f7:d9:ef:05:9c:68:b8:3e:96:79:fb:28:5c:9e: f1:60:ba:6e:e8:44:96:35:aa:e1:6f:ce:e8:0b:63:6a:e8:99: 1d:e8:aa:7c:ec:08:dd:35:1f:bd:7b:df:b9:00:43:0d:65:82: dc:83:6f:2c:30:2c:e7:fe:b5:92:a8:d4:7a:e5:4e:11:89:34: 0b:8c:1a:e4 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIf0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA5MTMw MzAzNDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDFFRjhGMzc3MDFBMzBC MUIyRkFBMjlBRjk4QTkzREVFRkYzQUFERjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDxnY+9hpbXZb0pQj7r9yjR9v9zPacsJo4QIwaKUJ6Vgkxw9Dqd CzuTE+6Mm1vxmt5WCmFnd1go2deqTRnNxVJqJk3IEoy2ajShombdB6mvNrORPimm DjWqwjAAwvhK/IozcsGl89vCJSSZ8tLowtkNA+nefFjc6GsosC3fywEo9+TLe5dw KicSDmGKgh+/xHcMlYEdi6QlyeMOT3AysoGpMR7vTzfUrUA+0GiQkq+slHyfvG// H9zCs5UOH7UxtMFSSqQ0DH8HKZLlElA7kXO420tFYpkkqDt2f5DxOQG3+XzmGtOK FypSUIiaUyK4DqT0orqjFcGPb7xfarUa+n9jAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUHvjzdwGjCxsvqimvmKk97v86rfYwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0h2anpkd0dqQ3hzdnFp bXZtS2s5N3Y4NnJmWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgD BgQkATSAMDANBgkqhkiG9w0BAQsFAAOCAQEAXc0OZgLIBzHjljMGC2FPQLi+IXPg sHNHMjvoXpZAz/pW9OI4KEbghxuVjyBfPFT7AMNoN0QNAiiOgc6GPUimmlMXZhH7 rUnKayMIQOdi93xxxtT6P6DnNmka9DN4JXv5KZEqHNnaDgvuWqyxvFiG0IHYGiU8 S5hIWdckYX7oe0XM2B5wbYzQ2vBuWE7zQk1B4p4P6hlpXVUIPiwl/dHgr4yiDZLR FzbHnZv02kn2J++PmZfFnwPupffZ7wWcaLg+lnn7KFye8WC6buhEljWq4W/O6Atj auiZHeiqfOwI3TUfvXvfuQBDDWWC3INvLDAs5/61kqjUeuVOEYk0C4wa5A== -----END CERTIFICATE-----Generated at Mon Oct 20 05:45:35 2025 by rpki-client