$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/SCwb59CNQVCU16AmlWlfv3_zVME.roa File: SCwb59CNQVCU16AmlWlfv3_zVME.roa (raw, json) Hash identifier: NBfnnFxmlwU+ivV0yq/tNwbvzh0AbMxSw+LKEUJlqp8= Subject key identifier: 48:2C:1B:E7:D0:8D:41:50:94:D7:A0:26:95:69:5F:BF:7F:F3:54:C1 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 22DD Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/SCwb59CNQVCU16AmlWlfv3_zVME.roa Signing time: Wed 29 Oct 2025 05:58:43 +0000 ROA not before: Wed 29 Oct 2025 05:58:43 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 4811 IP address blocks: 2406:d440:310::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 23:43:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8925 (0x22dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Oct 29 05:58:43 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=482C1BE7D08D415094D7A02695695FBF7FF354C1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:d3:c1:1c:0e:74:3b:5c:a6:93:11:0d:30:4e: 2b:40:c6:e2:53:dc:f5:a2:2a:ce:fa:d8:1e:d5:e4: 3c:42:45:61:15:9a:7e:07:4c:cc:c7:4f:1d:3b:69: 5a:87:59:f7:ff:b9:05:72:6a:6a:6a:9a:ff:89:97: 6b:14:26:ce:21:e8:83:b3:3e:6b:39:03:c7:9d:f4: 37:92:6d:69:56:f5:bf:25:82:78:fc:07:ba:42:9d: f8:d1:d4:ea:0a:25:08:dc:8a:bc:19:27:c8:e6:5f: 15:22:7e:93:96:ae:06:41:aa:7d:3b:5a:e2:ab:d0: 16:b6:7c:6a:c4:eb:b9:4c:c1:e3:99:ac:e7:44:32: b6:1c:e2:a6:f8:06:d8:10:a9:0e:8f:84:b3:2b:86: 1a:68:0b:44:97:e1:82:de:5c:59:81:47:0f:47:a6: 14:74:9d:d2:b4:4f:57:7c:36:29:73:c8:52:2d:b9: f2:40:7c:58:53:83:96:44:14:df:fc:bb:70:1c:5b: 01:c6:38:35:40:05:dc:52:79:cf:8d:c3:b3:24:c8: 2a:0f:90:37:7c:60:e5:2f:de:84:d9:8e:1b:3b:12: f7:e8:ed:e2:b5:84:0f:f9:2a:65:3c:22:2c:34:31: 11:01:8f:dc:15:8b:49:5d:c6:68:d4:44:2d:05:0a: a8:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:2C:1B:E7:D0:8D:41:50:94:D7:A0:26:95:69:5F:BF:7F:F3:54:C1 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/SCwb59CNQVCU16AmlWlfv3_zVME.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:d440:310::/44 Signature Algorithm: sha256WithRSAEncryption 25:4c:5c:a3:5e:17:0c:99:23:b7:82:ae:22:e5:c8:e5:f6:7e: e6:f2:c5:36:e0:1f:dd:00:f3:3a:8e:6c:94:19:04:6d:01:69: f2:3c:c9:cc:b1:8d:a3:17:6c:92:73:38:5c:05:66:4a:aa:20: eb:b3:e3:ad:4d:01:50:4f:c7:25:51:71:0d:1d:ed:ef:ab:16: 5d:4c:a3:69:12:f4:48:93:1f:1f:84:88:bc:73:90:61:ba:62: 12:8f:bf:76:9a:87:4e:ec:3b:1d:cb:db:e9:36:98:11:71:43: 8b:9c:65:fd:4c:73:d8:a0:1c:bd:08:b6:4d:df:90:3a:c9:f5: 94:53:49:14:e2:42:fa:f2:4c:5d:f7:e5:6e:3a:b2:f0:e9:a8: 26:a7:39:1c:46:a0:b8:df:15:97:10:8b:88:72:0f:31:36:80: 04:95:03:4e:d3:c2:0d:be:71:2e:05:91:06:dc:17:7f:61:2c: 2a:6b:cd:48:c2:07:c3:ae:ee:62:5a:0e:32:46:c8:a1:a0:29: 33:2a:78:21:71:e0:6b:0c:95:c7:cc:95:c8:44:a7:cc:31:36: 58:87:ef:46:3d:f6:e2:1c:53:32:d9:37:06:77:50:23:4c:a7: 6d:55:b3:67:ea:d7:4a:cd:78:42:9a:bd:ba:de:b3:b3:f9:53: 5c:cb:5a:63 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICIt0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTEwMjkw NTU4NDNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDQ4MkMxQkU3RDA4RDQx NTA5NEQ3QTAyNjk1Njk1RkJGN0ZGMzU0QzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDm08EcDnQ7XKaTEQ0wTitAxuJT3PWiKs762B7V5DxCRWEVmn4H TMzHTx07aVqHWff/uQVyampqmv+Jl2sUJs4h6IOzPms5A8ed9DeSbWlW9b8lgnj8 B7pCnfjR1OoKJQjcirwZJ8jmXxUifpOWrgZBqn07WuKr0Ba2fGrE67lMweOZrOdE MrYc4qb4BtgQqQ6PhLMrhhpoC0SX4YLeXFmBRw9HphR0ndK0T1d8NilzyFItufJA fFhTg5ZEFN/8u3AcWwHGODVABdxSec+Nw7MkyCoPkDd8YOUv3oTZjhs7Evfo7eK1 hA/5KmU8Iiw0MREBj9wVi0ldxmjURC0FCqjLAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUSCwb59CNQVCU16AmlWlfv3/zVMEwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvU0N3YjU5Q05RVkNV MTZBbWxXbGZ2M196Vk1FLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQG1EADEDANBgkqhkiG9w0BAQsFAAOCAQEAJUxco14XDJkjt4KuIuXI5fZ+ 5vLFNuAf3QDzOo5slBkEbQFp8jzJzLGNoxdsknM4XAVmSqog67PjrU0BUE/HJVFx DR3t76sWXUyjaRL0SJMfH4SIvHOQYbpiEo+/dpqHTuw7Hcvb6TaYEXFDi5xl/Uxz 2KAcvQi2Td+QOsn1lFNJFOJC+vJMXfflbjqy8OmoJqc5HEaguN8VlxCLiHIPMTaA BJUDTtPCDb5xLgWRBtwXf2EsKmvNSMIHw67uYloOMkbIoaApMyp4IXHgawyVx8yV yESnzDE2WIfvRj324hxTMtk3BndQI0ynbVWzZ+rXSs14Qpq9ut6zs/lTXMtaYw== -----END CERTIFICATE-----Generated at Wed Nov 5 21:58:20 2025 by rpki-client