$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3387/9Kmp81LKJ1Do62r1oXF_Gp0nqJE.roa File: 9Kmp81LKJ1Do62r1oXF_Gp0nqJE.roa (raw, json) Hash identifier: zHJGB3SpZj0mblC97hMn2aXc1dlXiZkyYkOYrihQVq8= Subject key identifier: F4:A9:A9:F3:52:CA:27:50:E8:EB:6A:F5:A1:71:7F:1A:9D:27:A8:91 Certificate issuer: /CN=A1A0ABC5CA6F508F19F7907E94C3162152296934 Certificate serial: 03 Authority key identifier: A1:A0:AB:C5:CA:6F:50:8F:19:F7:90:7E:94:C3:16:21:52:29:69:34 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/oaCrxcpvUI8Z95B-lMMWIVIpaTQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3387/9Kmp81LKJ1Do62r1oXF_Gp0nqJE.roa Signing time: Thu 07 Aug 2025 08:07:51 +0000 ROA not before: Thu 07 Aug 2025 08:07:51 +0000 ROA not after: Fri 07 Aug 2026 05:14:01 +0000 asID: 151230 IP address blocks: 2402:20e0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3387/oaCrxcpvUI8Z95B-lMMWIVIpaTQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3387/oaCrxcpvUI8Z95B-lMMWIVIpaTQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/oaCrxcpvUI8Z95B-lMMWIVIpaTQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A1A0ABC5CA6F508F19F7907E94C3162152296934 Validity Not Before: Aug 7 08:07:51 2025 GMT Not After : Aug 7 05:14:01 2026 GMT Subject: CN=F4A9A9F352CA2750E8EB6AF5A1717F1A9D27A891 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:c1:ba:10:27:11:a1:e9:a3:08:37:2b:66:e0: a9:b9:a9:e1:ef:fb:69:b2:63:10:9b:75:b8:f7:42: 56:2c:27:bb:7b:56:10:22:48:4b:83:1e:e8:e7:ca: b3:bd:0c:c2:af:58:fb:4f:3b:80:86:7d:3a:9a:a1: 0f:5f:c6:d5:c0:1a:0b:b8:09:f3:36:d5:16:2d:83: 92:05:2f:0f:6d:5a:ed:32:c2:8f:e7:06:f6:95:cf: 5b:bf:36:7d:10:b3:55:fb:9c:2a:75:43:f9:47:0b: f9:92:ab:d9:25:1d:b1:2b:b6:e5:1d:e6:01:b8:71: e5:e5:7b:9e:36:14:a1:ad:ac:37:96:ae:ab:8b:26: 19:73:73:3c:2d:c5:94:a7:82:77:a2:b2:10:1f:ea: 37:7f:e9:17:25:52:94:b6:e9:cd:73:0f:48:f7:c3: 29:b5:1e:d7:42:38:b6:dc:0d:88:3a:8c:a3:35:40: ce:d1:27:fd:dd:70:93:d4:66:32:cf:6e:b0:11:d4: 08:e3:cb:c8:26:29:3b:64:be:f6:b8:18:64:bb:aa: ce:f3:49:e7:71:75:7d:78:56:f9:e4:f2:3d:18:e0: fa:83:78:86:95:28:b4:80:c7:eb:c2:72:d6:40:71: cf:0d:d6:06:34:1b:70:29:9f:b4:11:72:2d:02:9d: f1:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:A9:A9:F3:52:CA:27:50:E8:EB:6A:F5:A1:71:7F:1A:9D:27:A8:91 X509v3 Authority Key Identifier: keyid:A1:A0:AB:C5:CA:6F:50:8F:19:F7:90:7E:94:C3:16:21:52:29:69:34 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3387/oaCrxcpvUI8Z95B-lMMWIVIpaTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/oaCrxcpvUI8Z95B-lMMWIVIpaTQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3387/9Kmp81LKJ1Do62r1oXF_Gp0nqJE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:20e0::/32 Signature Algorithm: sha256WithRSAEncryption 6c:c8:61:f2:14:e0:59:26:71:80:8b:b4:11:7b:0b:0b:fd:d8: 4a:e2:30:12:ae:81:1e:5a:3f:25:24:aa:15:47:75:a0:85:fa: a6:09:d9:07:54:46:7a:e5:f8:16:52:a8:00:87:5e:91:8f:f5: 8d:a4:11:d3:aa:6c:9c:8b:f6:8c:48:2c:a6:31:be:07:50:ad: 35:c9:7f:e1:36:28:7a:69:c8:d1:44:43:03:35:07:93:45:f2: f3:0e:2b:14:a0:ba:1f:f3:d7:2c:0d:0c:d5:0b:a4:22:52:10: 8c:ee:fa:f9:3a:91:a4:81:34:a7:58:20:2a:a8:dd:2f:6d:f6: 46:10:e6:3f:7b:23:1f:7e:4a:eb:d5:47:55:45:07:53:54:6d: 1a:8a:a0:84:30:c0:1c:04:22:85:7b:92:08:db:40:d7:88:03: 2e:33:f3:fe:1a:f2:44:a4:fb:e1:29:af:43:28:82:dc:05:3c: 2b:fd:3c:86:a0:b5:ef:22:41:6f:61:56:9c:86:cf:08:a1:a3: c7:01:a1:40:58:57:22:3a:f0:b3:f6:17:22:e5:07:83:5c:ec: 93:05:60:b4:42:28:2c:3f:9f:36:a5:11:83:80:8c:d5:0f:cf: c9:ac:ba:6b:21:0f:25:02:8e:47:5b:23:77:02:a2:d8:a4:81: 75:21:28:ae -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBMUEw QUJDNUNBNkY1MDhGMTlGNzkwN0U5NEMzMTYyMTUyMjk2OTM0MB4XDTI1MDgwNzA4 MDc1MVoXDTI2MDgwNzA1MTQwMVowMzExMC8GA1UEAxMoRjRBOUE5RjM1MkNBMjc1 MEU4RUI2QUY1QTE3MTdGMUE5RDI3QTg5MTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKrBuhAnEaHpowg3K2bgqbmp4e/7abJjEJt1uPdCViwnu3tWECJI S4Me6OfKs70Mwq9Y+087gIZ9OpqhD1/G1cAaC7gJ8zbVFi2DkgUvD21a7TLCj+cG 9pXPW782fRCzVfucKnVD+UcL+ZKr2SUdsSu25R3mAbhx5eV7njYUoa2sN5auq4sm GXNzPC3FlKeCd6KyEB/qN3/pFyVSlLbpzXMPSPfDKbUe10I4ttwNiDqMozVAztEn /d1wk9RmMs9usBHUCOPLyCYpO2S+9rgYZLuqzvNJ53F1fXhW+eTyPRjg+oN4hpUo tIDH68Jy1kBxzw3WBjQbcCmftBFyLQKd8RkCAwEAAaOCAfQwggHwMB0GA1UdDgQW BBT0qanzUsonUOjravWhcX8anSeokTAfBgNVHSMEGDAWgBShoKvFym9Qjxn3kH6U wxYhUilpNDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMzg3 L29hQ3J4Y3B2VUk4Wjk1Qi1sTU1XSVZJcGFUUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvb2FDcnhjcHZVSThaOTVCLWxNTVdJVklwYVRRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM4Ny85S21wODFMS0oxRG82 MnIxb1hGX0dwMG5xSkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH AwUAJAIg4DANBgkqhkiG9w0BAQsFAAOCAQEAbMhh8hTgWSZxgIu0EXsLC/3YSuIw Eq6BHlo/JSSqFUd1oIX6pgnZB1RGeuX4FlKoAIdekY/1jaQR06psnIv2jEgspjG+ B1CtNcl/4TYoemnI0URDAzUHk0Xy8w4rFKC6H/PXLA0M1QukIlIQjO76+TqRpIE0 p1ggKqjdL232RhDmP3sjH35K69VHVUUHU1RtGoqghDDAHAQihXuSCNtA14gDLjPz /hryRKT74SmvQyiC3AU8K/08hqC17yJBb2FWnIbPCKGjxwGhQFhXIjrws/YXIuUH g1zskwVgtEIoLD+fNqURg4CM1Q/Pyay6ayEPJQKOR1sjdwKi2KSBdSEorg== -----END CERTIFICATE-----Generated at Thu Aug 14 11:45:36 2025 by rpki-client