$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/848/3SO2g8sjFR5d_wJxURj5088XfQM.roa File: 3SO2g8sjFR5d_wJxURj5088XfQM.roa (raw, json) Hash identifier: wvMj1/7LqIIssnKVoT/Xjn3lJ7YHPKhi7C+DVhr/xWA= Subject key identifier: DD:23:B6:83:CB:23:15:1E:5D:FF:02:71:51:18:F9:D3:CF:17:7D:03 Certificate issuer: /CN=F07EA8449694AA3572EE15A0D86B5E0EB4A08504 Certificate serial: 229A Authority key identifier: F0:7E:A8:44:96:94:AA:35:72:EE:15:A0:D8:6B:5E:0E:B4:A0:85:04 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8H6oRJaUqjVy7hWg2GteDrSghQQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/3SO2g8sjFR5d_wJxURj5088XfQM.roa Signing time: Sat 13 Sep 2025 03:04:20 +0000 ROA not before: Sat 13 Sep 2025 03:04:20 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59000 IP address blocks: 2401:5180::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/8H6oRJaUqjVy7hWg2GteDrSghQQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/8H6oRJaUqjVy7hWg2GteDrSghQQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8H6oRJaUqjVy7hWg2GteDrSghQQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:35:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8858 (0x229a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F07EA8449694AA3572EE15A0D86B5E0EB4A08504 Validity Not Before: Sep 13 03:04:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=DD23B683CB23151E5DFF02715118F9D3CF177D03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:0d:0a:b2:f7:a8:55:44:f1:b7:73:f7:af:5b: 86:0c:6e:40:38:e8:c1:7b:cc:fd:1f:b8:ca:6a:93: 03:ce:5f:a3:a3:96:d6:f5:03:f1:58:17:73:9a:79: e1:f9:0b:ca:b5:23:b6:1d:6f:ec:5f:bf:ee:07:45: 2d:83:ea:fd:99:33:ae:7f:59:f3:71:8c:b9:1e:3b: 61:c6:1f:20:da:ed:87:f8:be:d6:68:20:db:d4:7d: ec:3b:16:9e:2b:02:6d:ff:1f:7c:f7:87:25:c5:df: e6:a1:a4:89:c5:f2:95:9c:52:09:e5:74:a8:fc:a1: e3:5b:b6:cf:b7:18:ab:b6:8f:eb:7f:d1:a7:4e:61: bd:74:ea:dd:f4:90:fb:9a:7c:35:be:a1:da:8a:e8: 4a:cc:ec:63:70:b9:28:a3:20:57:e0:3a:03:e2:d6: c9:5d:c5:e6:a8:26:3d:16:39:94:e9:81:f8:b8:ea: 62:54:87:8d:22:ab:f4:20:77:dd:f9:3e:31:d1:37: eb:cb:1f:4e:e8:db:1e:88:3a:1d:96:ca:cf:56:e5: 07:7e:2a:4d:0f:96:b0:33:15:fd:89:70:01:7a:47: 7e:a9:76:b2:9c:62:8b:33:65:e1:95:f2:ab:fa:e2: 0f:81:b6:c1:87:f1:e8:b5:ee:bc:d2:9f:1b:a8:86: ca:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:23:B6:83:CB:23:15:1E:5D:FF:02:71:51:18:F9:D3:CF:17:7D:03 X509v3 Authority Key Identifier: keyid:F0:7E:A8:44:96:94:AA:35:72:EE:15:A0:D8:6B:5E:0E:B4:A0:85:04 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/8H6oRJaUqjVy7hWg2GteDrSghQQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8H6oRJaUqjVy7hWg2GteDrSghQQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/3SO2g8sjFR5d_wJxURj5088XfQM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:5180::/32 Signature Algorithm: sha256WithRSAEncryption 65:92:32:4d:f4:d6:2c:a2:0b:8c:07:58:be:3e:b0:8c:ff:d7: 82:17:96:29:f3:1b:62:6b:4f:fe:e8:88:14:d5:3b:5b:b3:44: 3e:46:8c:f0:cf:6d:5b:b6:be:66:a1:4e:9e:8e:1e:19:00:fd: 19:e1:fa:4e:0f:2b:4a:a3:40:8b:99:0b:5c:cd:27:b3:0d:cd: 07:39:f0:b2:41:a9:de:ed:3a:33:8c:25:ff:82:c8:f5:b4:ed: de:e0:ba:75:63:4a:1c:e1:88:87:bb:61:97:73:1a:38:03:26: d1:a2:03:ba:5e:bc:7e:53:9b:85:13:c4:0b:2c:d8:14:b8:7a: 6f:cb:c8:20:3a:df:94:1e:56:fd:49:3b:e2:ca:bc:b1:9c:70: 12:9c:54:5c:4c:3f:6e:00:a4:48:08:c4:b8:4c:2c:04:c2:1d: f2:d0:55:43:35:bb:21:38:d8:7a:18:e4:8f:c4:61:97:71:63: 5a:ec:e0:43:15:14:b2:a6:b4:4f:4f:51:1f:d1:cf:e6:a3:b8: 8f:16:22:57:fa:88:ec:f2:2b:4d:50:12:98:a4:a2:79:33:b1: d1:df:dc:13:b6:91:cb:1a:99:46:80:7a:a1:b9:b7:49:22:57: 3f:38:09:79:cd:6c:b3:98:dc:3f:d1:af:ac:ee:34:af:be:ee: 51:12:db:b9 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICIpowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjA3 RUE4NDQ5Njk0QUEzNTcyRUUxNUEwRDg2QjVFMEVCNEEwODUwNDAeFw0yNTA5MTMw MzA0MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEREMjNCNjgzQ0IyMzE1 MUU1REZGMDI3MTUxMThGOUQzQ0YxNzdEMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPDQqy96hVRPG3c/evW4YMbkA46MF7zP0fuMpqkwPOX6Ojltb1 A/FYF3OaeeH5C8q1I7Ydb+xfv+4HRS2D6v2ZM65/WfNxjLkeO2HGHyDa7Yf4vtZo INvUfew7Fp4rAm3/H3z3hyXF3+ahpInF8pWcUgnldKj8oeNbts+3GKu2j+t/0adO Yb106t30kPuafDW+odqK6ErM7GNwuSijIFfgOgPi1sldxeaoJj0WOZTpgfi46mJU h40iq/Qgd935PjHRN+vLH07o2x6IOh2Wys9W5Qd+Kk0PlrAzFf2JcAF6R36pdrKc YoszZeGV8qv64g+BtsGH8ei17rzSnxuohsotAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQU3SO2g8sjFR5d/wJxURj5088XfQMwHwYDVR0jBBgwFoAU8H6oRJaUqjVy7hWg 2GteDrSghQQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODQ4 LzhINm9SSmFVcWpWeTdoV2cyR3RlRHJTZ2hRUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOEg2b1JKYVVxalZ5N2hXZzJHdGVEclNnaFFRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODQ4LzNTTzJnOHNqRlI1ZF93 SnhVUmo1MDg4WGZRTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD BQAkAVGAMA0GCSqGSIb3DQEBCwUAA4IBAQBlkjJN9NYsoguMB1i+PrCM/9eCF5Yp 8xtia0/+6IgU1Ttbs0Q+Rozwz21btr5moU6ejh4ZAP0Z4fpODytKo0CLmQtczSez Dc0HOfCyQane7TozjCX/gsj1tO3e4Lp1Y0oc4YiHu2GXcxo4AybRogO6Xrx+U5uF E8QLLNgUuHpvy8ggOt+UHlb9STviyryxnHASnFRcTD9uAKRICMS4TCwEwh3y0FVD NbshONh6GOSPxGGXcWNa7OBDFRSyprRPT1Ef0c/mo7iPFiJX+ojs8itNUBKYpKJ5 M7HR39wTtpHLGplGgHqhubdJIlc/OAl5zWyzmNw/0a+s7jSvvu5REtu5 -----END CERTIFICATE-----Generated at Mon Oct 20 13:18:01 2025 by rpki-client