$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2048/iFNWz1s03opy6tw4o0dL2HLh85w.roa File: iFNWz1s03opy6tw4o0dL2HLh85w.roa (raw, json) Hash identifier: rJb0Cf8r/TMQB2flbiJonEOGNUQgEHZ2qMHMgoJNvVo= Subject key identifier: 88:53:56:CF:5B:34:DE:8A:72:EA:DC:38:A3:47:4B:D8:72:E1:F3:9C Certificate issuer: /CN=4E25934FE8D89959425D1018EB121981DA250985 Certificate serial: 0AE5 Authority key identifier: 4E:25:93:4F:E8:D8:99:59:42:5D:10:18:EB:12:19:81:DA:25:09:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/iFNWz1s03opy6tw4o0dL2HLh85w.roa Signing time: Sat 13 Sep 2025 03:07:03 +0000 ROA not before: Sat 13 Sep 2025 03:07:03 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 151296 IP address blocks: 2406:8880::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 16:13:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2789 (0xae5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4E25934FE8D89959425D1018EB121981DA250985 Validity Not Before: Sep 13 03:07:03 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=885356CF5B34DE8A72EADC38A3474BD872E1F39C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:12:eb:9b:41:a0:cc:c3:d5:d8:c1:26:a7:ed: 71:7f:b3:2e:9b:9e:52:6f:2f:80:55:44:c4:13:18: f1:b1:9b:07:97:ae:e6:4f:ab:73:d3:93:85:96:93: 2c:3d:3d:e0:63:2d:56:12:5d:6d:20:4b:cc:ce:79: 38:ed:86:e2:d8:71:40:7b:a6:b0:8a:2e:28:b9:0b: 8c:64:ca:b1:03:e6:12:03:aa:58:a3:e2:41:18:10: 36:ef:48:16:32:76:8d:8d:c2:cd:44:d2:27:7f:f9: 3e:7f:b2:53:04:60:5b:33:85:3f:c6:2d:bf:32:b0: d3:b0:3c:ff:07:8c:59:59:4e:69:3a:a1:65:49:99: e1:f7:97:d6:f5:f9:0a:eb:8e:78:75:33:12:29:ff: c1:10:11:6c:02:1e:e0:b7:c5:e8:a9:b6:46:60:2f: f5:5a:c3:a0:76:33:3f:27:f1:51:70:24:5b:a5:4a: c7:ed:3e:7a:0d:47:ba:dc:ec:41:d6:8c:c6:9c:b0: b9:23:4f:68:f3:86:31:01:30:b8:31:54:6a:57:cc: 1d:75:15:d9:1a:cd:84:73:13:d8:bc:cd:77:46:20: c3:37:7c:08:48:6a:be:8d:4b:12:14:3d:77:77:f6: 8b:90:30:ce:bd:d9:2a:75:80:09:35:40:05:33:a3: d8:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:53:56:CF:5B:34:DE:8A:72:EA:DC:38:A3:47:4B:D8:72:E1:F3:9C X509v3 Authority Key Identifier: keyid:4E:25:93:4F:E8:D8:99:59:42:5D:10:18:EB:12:19:81:DA:25:09:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/iFNWz1s03opy6tw4o0dL2HLh85w.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:8880::/32 Signature Algorithm: sha256WithRSAEncryption 09:c8:28:c3:eb:15:3e:5e:d9:86:0f:71:5a:69:c2:ce:32:c5: 63:ef:95:7a:53:b3:c0:c7:38:cd:97:e8:b8:81:13:68:f9:47: 5e:77:30:64:9a:68:96:34:d6:56:df:ff:93:90:8a:16:6e:b2: 47:af:5d:4c:1f:d5:6e:e9:c0:44:33:86:10:a7:c3:bf:b5:2c: b9:bb:04:37:ce:f8:b1:f8:da:7a:81:f9:9f:c4:88:60:36:fb: ed:3a:95:6b:64:cf:7f:a7:4e:dc:ef:2d:1e:7d:22:85:12:af: 67:ed:02:8b:09:34:d9:e5:53:ed:2e:30:68:52:4b:df:5b:b5: b6:0c:47:5d:db:3e:81:80:17:6d:75:6c:73:19:c0:d7:97:a0: a1:3c:0f:29:89:c1:a7:39:f1:3c:66:19:04:4d:54:e5:b6:a3: c5:5e:39:4c:c7:86:d9:8d:39:db:36:de:28:80:9f:37:a2:ee: c9:65:e0:86:9f:07:19:2e:38:8c:d7:68:6c:1f:a3:5e:7d:2d: b8:ae:44:cf:fd:81:7d:38:02:69:9d:fa:e7:68:3d:d4:af:82: d1:b8:e1:19:9d:97:d5:a3:eb:4d:52:bb:e1:7a:b6:be:00:c8: 60:4d:8f:a5:c4:ee:6c:ab:28:38:03:d3:8d:2a:02:42:c5:46: 21:99:d2:d3 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICCuUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEUy NTkzNEZFOEQ4OTk1OTQyNUQxMDE4RUIxMjE5ODFEQTI1MDk4NTAeFw0yNTA5MTMw MzA3MDNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDg4NTM1NkNGNUIzNERF OEE3MkVBREMzOEEzNDc0QkQ4NzJFMUYzOUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDSEuubQaDMw9XYwSan7XF/sy6bnlJvL4BVRMQTGPGxmweXruZP q3PTk4WWkyw9PeBjLVYSXW0gS8zOeTjthuLYcUB7prCKLii5C4xkyrED5hIDqlij 4kEYEDbvSBYydo2Nws1E0id/+T5/slMEYFszhT/GLb8ysNOwPP8HjFlZTmk6oWVJ meH3l9b1+Qrrjnh1MxIp/8EQEWwCHuC3xeiptkZgL/Vaw6B2Mz8n8VFwJFulSsft PnoNR7rc7EHWjMacsLkjT2jzhjEBMLgxVGpXzB11FdkazYRzE9i8zXdGIMM3fAhI ar6NSxIUPXd39ouQMM692Sp1gAk1QAUzo9iJAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUiFNWz1s03opy6tw4o0dL2HLh85wwHwYDVR0jBBgwFoAUTiWTT+jYmVlCXRAY 6xIZgdolCYUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjA0 OC9UaVdUVC1qWW1WbENYUkFZNnhJWmdkb2xDWVUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1RpV1RULWpZbVZsQ1hSQVk2eElaZ2RvbENZVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIwNDgvaUZOV3oxczAzb3B5 NnR3NG8wZEwySExoODV3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQGiIAwDQYJKoZIhvcNAQELBQADggEBAAnIKMPrFT5e2YYPcVppws4yxWPv lXpTs8DHOM2X6LiBE2j5R153MGSaaJY01lbf/5OQihZuskevXUwf1W7pwEQzhhCn w7+1LLm7BDfO+LH42nqB+Z/EiGA2++06lWtkz3+nTtzvLR59IoUSr2ftAosJNNnl U+0uMGhSS99btbYMR13bPoGAF211bHMZwNeXoKE8DymJwac58TxmGQRNVOW2o8Ve OUzHhtmNOds23iiAnzei7sll4IafBxkuOIzXaGwfo159LbiuRM/9gX04Ammd+udo PdSvgtG44Rmdl9Wj601Su+F6tr4AyGBNj6XE7myrKDgD040qAkLFRiGZ0tM= -----END CERTIFICATE-----Generated at Wed Nov 5 16:13:02 2025 by rpki-client