$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/b6WKKDhum5UJFtnfdhvacD8Sy3Q.roa File: b6WKKDhum5UJFtnfdhvacD8Sy3Q.roa (raw, json) Hash identifier: RJmrdGwwjObrPcVeDk4ltJLOy9qjhdDEX1e/9wDgyPw= Subject key identifier: 6F:A5:8A:28:38:6E:9B:95:09:16:D9:DF:76:1B:DA:70:3F:12:CB:74 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 24EC Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/b6WKKDhum5UJFtnfdhvacD8Sy3Q.roa Signing time: Sat 13 Sep 2025 03:08:50 +0000 ROA not before: Sat 13 Sep 2025 03:08:50 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 60721 IP address blocks: 223.29.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Sep 2025 13:08:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9452 (0x24ec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 13 03:08:50 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=6FA58A28386E9B950916D9DF761BDA703F12CB74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:ce:84:cb:5b:01:2a:8a:f3:66:bc:8a:2b:0d: a7:2c:31:17:41:49:8a:32:31:71:58:4b:27:2c:2e: cd:14:94:95:98:aa:7c:6e:2e:3c:6d:c6:36:28:bf: 5d:21:a1:77:99:42:dd:85:75:b2:e9:e5:cf:31:7c: 1d:0b:81:c7:5f:45:92:84:45:be:d1:24:1c:21:9f: cd:20:e2:e8:b6:72:86:a4:a3:d9:e2:f9:d6:6c:c8: 8f:c4:1b:88:41:dd:a4:ed:85:3c:8e:cc:63:1a:33: e7:e4:75:73:7e:b1:86:c0:8a:cf:c2:47:13:46:8e: 2b:63:94:d9:47:d9:20:c7:90:71:c3:08:38:1a:e4: b5:d0:3c:69:6e:50:8b:84:25:98:c2:d2:30:ff:44: 70:4e:a7:cf:a7:dd:23:c2:01:f3:3c:5d:cb:4f:37: cb:8a:29:f2:b7:21:0c:b0:59:01:6c:6a:9f:ca:2f: 8f:5f:58:8f:8a:f1:16:c2:9c:18:0e:a4:ab:b9:d1: 85:c2:f2:ff:a8:dd:e2:32:53:cf:2c:35:9b:ab:dc: e0:90:d2:5f:17:0d:92:46:13:32:d1:4a:ca:0d:b7: ad:89:6e:17:8b:e2:5a:02:e9:83:a3:ba:d6:e4:e1: bd:2f:41:33:8d:97:1d:fb:d3:87:01:61:34:9e:9e: 3c:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:A5:8A:28:38:6E:9B:95:09:16:D9:DF:76:1B:DA:70:3F:12:CB:74 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/b6WKKDhum5UJFtnfdhvacD8Sy3Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.29.253.0/24 Signature Algorithm: sha256WithRSAEncryption 04:24:64:42:1d:c3:7f:89:51:fc:fd:08:02:77:c9:35:7b:0a: 96:f0:79:f9:ab:31:e3:74:32:4a:32:af:24:63:bd:aa:14:cc: 8c:60:32:72:01:aa:a2:fc:ed:4e:c5:a3:93:da:78:6e:43:55: c2:bd:b6:b3:51:d2:87:4d:20:50:1a:64:bb:43:17:23:de:7e: 0d:2c:5d:c2:94:e3:5f:c1:49:fd:36:02:63:01:39:f1:8c:3f: c4:90:4c:8e:7a:4d:76:6d:6b:8f:6a:cb:cf:4c:9f:05:89:c7: 95:cd:36:d3:7a:9b:d2:89:68:7d:14:f8:93:08:bd:85:d5:7f: 15:0b:4c:cf:2b:87:fe:ab:89:4a:48:62:0d:a5:6e:28:e9:08: 5e:f7:d6:1b:33:70:ab:77:0f:77:14:57:fa:c5:de:af:76:0f: b9:36:98:4b:8d:bb:87:bd:35:b3:4f:ed:48:92:e7:03:35:87: 79:d0:fd:f7:e1:9a:8b:a1:89:bd:96:2d:79:1c:33:b6:1b:81: 76:83:c6:28:8c:e1:c9:9c:be:7c:2e:42:ad:2e:43:10:46:f6: d6:ce:b8:f0:3a:07:4d:51:f9:35:fd:73:cb:f8:cd:ca:67:1a: 89:e2:e0:25:2c:f1:47:29:67:b5:73:85:bf:0b:d6:9a:b7:9c: cf:3b:1a:92 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICJOwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTA5MTMw MzA4NTBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDZGQTU4QTI4Mzg2RTlC OTUwOTE2RDlERjc2MUJEQTcwM0YxMkNCNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDzoTLWwEqivNmvIorDacsMRdBSYoyMXFYSycsLs0UlJWYqnxu LjxtxjYov10hoXeZQt2FdbLp5c8xfB0LgcdfRZKERb7RJBwhn80g4ui2coako9ni +dZsyI/EG4hB3aTthTyOzGMaM+fkdXN+sYbAis/CRxNGjitjlNlH2SDHkHHDCDga 5LXQPGluUIuEJZjC0jD/RHBOp8+n3SPCAfM8XctPN8uKKfK3IQywWQFsap/KL49f WI+K8RbCnBgOpKu50YXC8v+o3eIyU88sNZur3OCQ0l8XDZJGEzLRSsoNt62JbheL 4loC6YOjutbk4b0vQTONlx3704cBYTSenjxjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUb6WKKDhum5UJFtnfdhvacD8Sy3QwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvYjZXS0tEaHVtNVVK RnRuZmRodmFjRDhTeTNRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAN8d/TANBgkqhkiG9w0BAQsFAAOCAQEABCRkQh3Df4lR/P0IAnfJNXsKlvB5 +asx43QySjKvJGO9qhTMjGAycgGqovztTsWjk9p4bkNVwr22s1HSh00gUBpku0MX I95+DSxdwpTjX8FJ/TYCYwE58Yw/xJBMjnpNdm1rj2rLz0yfBYnHlc0203qb0olo fRT4kwi9hdV/FQtMzyuH/quJSkhiDaVuKOkIXvfWGzNwq3cPdxRX+sXer3YPuTaY S427h701s0/tSJLnAzWHedD99+Gai6GJvZYteRwzthuBdoPGKIzhyZy+fC5CrS5D EEb21s648DoHTVH5Nf1zy/jNymcaieLgJSzxRylntXOFvwvWmreczzsakg== -----END CERTIFICATE-----Generated at Mon Sep 15 12:13:38 2025 by rpki-client