$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2679/SM0tmDsGc7QA_5W8TEaPWesXZNE.roa File: SM0tmDsGc7QA_5W8TEaPWesXZNE.roa (raw, json) Hash identifier: vU6pEECf98pAUxcWiz4XT+sRjEtGw9Y2jisV3JNBk+c= Subject key identifier: 48:CD:2D:98:3B:06:73:B4:00:FF:95:BC:4C:46:8F:59:EB:17:64:D1 Certificate issuer: /CN=59356C1537C3BE2316FFA0DEB3910C4076B47D99 Certificate serial: 05 Authority key identifier: 59:35:6C:15:37:C3:BE:23:16:FF:A0:DE:B3:91:0C:40:76:B4:7D:99 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WTVsFTfDviMW_6Des5EMQHa0fZk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2679/SM0tmDsGc7QA_5W8TEaPWesXZNE.roa Signing time: Thu 28 Aug 2025 06:29:44 +0000 ROA not before: Thu 28 Aug 2025 06:29:44 +0000 ROA not after: Fri 28 Aug 2026 06:22:23 +0000 asID: 137749 IP address blocks: 2402:7240::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2679/WTVsFTfDviMW_6Des5EMQHa0fZk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2679/WTVsFTfDviMW_6Des5EMQHa0fZk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WTVsFTfDviMW_6Des5EMQHa0fZk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 16:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5 (0x5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=59356C1537C3BE2316FFA0DEB3910C4076B47D99 Validity Not Before: Aug 28 06:29:44 2025 GMT Not After : Aug 28 06:22:23 2026 GMT Subject: CN=48CD2D983B0673B400FF95BC4C468F59EB1764D1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:22:8d:2d:b5:fa:fb:fc:6c:2b:d0:59:05:ae: 86:2c:fe:45:07:a5:bb:66:72:0f:e2:3d:1a:dd:d9: 78:c3:5a:ae:6a:3d:35:84:24:bc:0a:7c:f7:c6:1d: 65:ef:81:10:28:9f:76:a4:94:23:d3:8f:af:1b:8f: bd:9d:0a:a8:d8:2b:1a:73:ad:e1:74:c6:2e:79:a9: 63:e7:dc:81:43:02:78:da:a4:19:d6:9d:96:83:29: 70:b1:94:57:2c:31:cf:a6:41:02:2d:4c:32:0c:5b: cc:c5:80:2e:39:f8:8b:b0:be:87:14:f9:d2:c8:65: 44:bb:bc:e6:fb:14:fc:5b:e7:f5:43:0d:6b:8d:f2: ea:76:b5:b6:c2:9e:78:e0:e0:f2:2a:d3:c2:9a:f5: fc:4f:d1:28:d9:6f:90:f6:3a:dd:68:f2:42:e4:88: 5e:ca:0f:14:d2:8b:24:e1:91:c6:51:d4:59:0d:45: d3:af:b2:5e:ca:2b:c6:bf:bd:5b:cb:66:76:64:a0: e5:8b:56:c9:db:d0:05:eb:26:d1:97:3e:db:8c:ae: 54:9a:67:45:a3:46:cf:35:99:0f:58:23:29:47:15: 77:29:32:40:72:70:82:14:66:20:1f:1c:a5:14:8d: 4b:28:a3:1c:e7:03:35:68:c5:8f:0c:29:af:e9:ce: 68:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:CD:2D:98:3B:06:73:B4:00:FF:95:BC:4C:46:8F:59:EB:17:64:D1 X509v3 Authority Key Identifier: keyid:59:35:6C:15:37:C3:BE:23:16:FF:A0:DE:B3:91:0C:40:76:B4:7D:99 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2679/WTVsFTfDviMW_6Des5EMQHa0fZk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WTVsFTfDviMW_6Des5EMQHa0fZk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2679/SM0tmDsGc7QA_5W8TEaPWesXZNE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:7240::/32 Signature Algorithm: sha256WithRSAEncryption bc:c7:c1:a9:cd:66:aa:58:b5:91:d6:ac:74:1e:e6:a6:d8:c2: 6c:b4:71:cb:bd:9e:7e:7b:8e:22:80:d0:ab:a5:5d:9b:ae:90: c6:50:5b:62:bc:75:5f:1b:52:1a:53:0e:d0:e5:4a:65:5a:d9: 3a:e4:de:08:66:92:7c:68:f5:2e:19:0e:3f:14:50:09:25:37: 5c:06:b0:31:f8:fa:98:43:81:34:ea:91:6e:81:ce:26:27:49: f3:5f:16:14:5e:cb:37:ab:aa:87:15:75:07:a1:7f:37:d5:35: a3:b1:d7:48:98:55:d6:2b:b6:7e:e5:8b:de:56:05:4d:04:8a: 52:d1:26:5e:db:9d:e9:2a:7e:bc:9e:2c:1a:7b:25:86:ed:cb: 6c:6b:c4:0d:2a:ab:0f:e7:c8:b9:71:73:e7:a1:20:fc:40:4f: dd:68:a5:7d:28:52:f1:59:a4:d4:ff:b5:1f:3f:70:36:73:be: fd:29:74:be:dc:00:35:ac:ff:0f:ec:35:dd:fb:03:57:f5:5d: 58:d9:c7:76:52:e1:95:89:e5:bc:8a:a2:14:1d:98:9a:71:93: 05:4c:0a:4d:f9:80:2c:b8:ca:eb:cc:cd:98:0b:2c:fa:7a:0a: 61:3b:e6:44:2d:9f:8b:57:65:8b:2e:7f:a8:ce:54:a5:d3:f3: 95:4f:84:23 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgIBBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1OTM1 NkMxNTM3QzNCRTIzMTZGRkEwREVCMzkxMEM0MDc2QjQ3RDk5MB4XDTI1MDgyODA2 Mjk0NFoXDTI2MDgyODA2MjIyM1owMzExMC8GA1UEAxMoNDhDRDJEOTgzQjA2NzNC NDAwRkY5NUJDNEM0NjhGNTlFQjE3NjREMTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKIijS21+vv8bCvQWQWuhiz+RQelu2ZyD+I9Gt3ZeMNarmo9NYQk vAp898YdZe+BECifdqSUI9OPrxuPvZ0KqNgrGnOt4XTGLnmpY+fcgUMCeNqkGdad loMpcLGUVywxz6ZBAi1MMgxbzMWALjn4i7C+hxT50shlRLu85vsU/Fvn9UMNa43y 6na1tsKeeODg8irTwpr1/E/RKNlvkPY63WjyQuSIXsoPFNKLJOGRxlHUWQ1F06+y Xsorxr+9W8tmdmSg5YtWydvQBesm0Zc+24yuVJpnRaNGzzWZD1gjKUcVdykyQHJw ghRmIB8cpRSNSyijHOcDNWjFjwwpr+nOaLcCAwEAAaOCAfQwggHwMB0GA1UdDgQW BBRIzS2YOwZztAD/lbxMRo9Z6xdk0TAfBgNVHSMEGDAWgBRZNWwVN8O+Ixb/oN6z kQxAdrR9mTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjc5 L1dUVnNGVGZEdmlNV182RGVzNUVNUUhhMGZaay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV1RWc0ZUZkR2aU1XXzZEZXM1RU1RSGEwZlprLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3OS9TTTB0bURzR2M3UUFf NVc4VEVhUFdlc1haTkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH AwUAJAJyQDANBgkqhkiG9w0BAQsFAAOCAQEAvMfBqc1mqli1kdasdB7mptjCbLRx y72efnuOIoDQq6Vdm66QxlBbYrx1XxtSGlMO0OVKZVrZOuTeCGaSfGj1LhkOPxRQ CSU3XAawMfj6mEOBNOqRboHOJidJ818WFF7LN6uqhxV1B6F/N9U1o7HXSJhV1iu2 fuWL3lYFTQSKUtEmXtud6Sp+vJ4sGnslhu3LbGvEDSqrD+fIuXFz56Eg/EBP3Wil fShS8Vmk1P+1Hz9wNnO+/Sl0vtwANaz/D+w13fsDV/VdWNnHdlLhlYnlvIqiFB2Y mnGTBUwKTfmALLjK68zNmAss+noKYTvmRC2fi1dliy5/qM5UpdPzlU+EIw== -----END CERTIFICATE-----Generated at Tue Sep 9 12:23:52 2025 by rpki-client