$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2688/XlNquY_uQ_6rZ2JhVM3vRqciRe8.roa File: XlNquY_uQ_6rZ2JhVM3vRqciRe8.roa (raw, json) Hash identifier: i76OhCIwCGUrBdnZ6U6M1/woB4YGh0bDGaiEq4xZxAA= Subject key identifier: 5E:53:6A:B9:8F:EE:43:FE:AB:67:62:61:54:CD:EF:46:A7:22:45:EF Certificate issuer: /CN=D4940F511A38D9544D48B4C5C6C39B0581F891FE Certificate serial: 0D Authority key identifier: D4:94:0F:51:1A:38:D9:54:4D:48:B4:C5:C6:C3:9B:05:81:F8:91:FE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1JQPURo42VRNSLTFxsObBYH4kf4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/XlNquY_uQ_6rZ2JhVM3vRqciRe8.roa Signing time: Wed 03 Sep 2025 11:10:19 +0000 ROA not before: Wed 03 Sep 2025 11:10:19 +0000 ROA not after: Wed 02 Sep 2026 00:41:26 +0000 asID: 59012 IP address blocks: 2402:8bc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1JQPURo42VRNSLTFxsObBYH4kf4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 01:03:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13 (0xd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4940F511A38D9544D48B4C5C6C39B0581F891FE Validity Not Before: Sep 3 11:10:19 2025 GMT Not After : Sep 2 00:41:26 2026 GMT Subject: CN=5E536AB98FEE43FEAB67626154CDEF46A72245EF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:42:31:1b:cc:21:37:1d:e1:52:ce:4c:19:0c: 77:13:55:27:c8:36:b8:93:43:e3:ff:82:4d:45:51: b4:14:8a:18:87:65:fb:a7:0e:d1:ba:84:af:a8:2b: e1:1d:d3:0b:69:4c:c6:0c:4f:ac:85:7f:be:9f:60: 23:59:12:91:86:2d:b7:eb:c4:82:41:bb:28:a1:d2: 50:77:5e:d5:66:8b:a6:e8:62:9b:6a:1e:00:41:70: db:fe:a7:39:fb:3f:aa:b4:09:2f:0d:ed:a3:ee:28: eb:c2:63:b8:88:08:69:d1:41:aa:5b:dd:18:a6:07: 2f:e2:a5:a7:a4:0d:fc:23:82:98:33:32:75:86:ff: 9e:f9:3a:eb:91:21:ce:4b:cf:44:4a:de:d3:e9:61: 8f:71:6a:c8:0f:01:12:60:11:c7:cd:56:40:46:a8: 2c:bd:aa:e6:eb:66:3b:e5:73:d3:0f:fe:17:88:c9: 80:7b:f7:3c:e2:79:b6:ea:6f:96:a7:12:51:90:79: 3d:97:fc:3e:8b:c4:8b:a4:ab:b1:bc:1c:33:b4:f3: 6d:ae:0d:79:42:36:97:4d:7b:9a:91:fc:3d:5e:80: 2e:9a:66:2d:f9:74:59:e9:2f:ca:24:7f:b6:75:63: 41:ca:9d:6a:72:c3:80:8b:b5:3a:77:e2:5d:da:f7: 35:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:53:6A:B9:8F:EE:43:FE:AB:67:62:61:54:CD:EF:46:A7:22:45:EF X509v3 Authority Key Identifier: keyid:D4:94:0F:51:1A:38:D9:54:4D:48:B4:C5:C6:C3:9B:05:81:F8:91:FE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1JQPURo42VRNSLTFxsObBYH4kf4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/XlNquY_uQ_6rZ2JhVM3vRqciRe8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:8bc0::/32 Signature Algorithm: sha256WithRSAEncryption b4:0f:41:be:42:90:ef:ef:80:12:25:bb:13:14:a3:0e:98:bf: 48:4a:15:a8:71:4b:b4:1c:47:1d:9b:b2:38:6c:8a:c0:a9:44: 0d:07:7d:1b:c9:6a:bf:c6:2b:8b:8c:ab:43:08:e8:11:e1:ab: d3:86:24:3f:31:07:6a:0c:c2:07:91:c8:ac:06:a9:72:85:79: e6:1d:c3:9a:5a:59:06:ba:15:16:e3:51:34:56:f8:be:fc:05: 06:75:c7:eb:65:85:15:61:a8:42:2c:21:23:26:e0:e3:f8:7b: 3b:0d:4e:d0:c2:c3:8d:71:b8:fd:5b:35:06:1e:07:58:d6:b4: a3:09:20:1a:dd:ef:df:89:e1:53:c1:26:a1:6b:8d:71:3e:16: d3:d6:cf:32:25:c1:3c:7e:8b:64:55:83:a1:ee:60:06:ff:9c: 7e:ce:46:e6:4a:74:2c:0e:a9:e8:b2:e7:21:8e:41:fa:23:16: c9:e1:ea:79:2b:4f:67:84:bc:f1:f8:cd:6f:63:6e:a1:94:ce: e0:03:25:f7:ba:e2:67:a3:a0:5b:4c:a8:d3:7a:7a:22:b3:1b: fe:c0:b3:fc:d6:2b:66:dd:cd:a1:42:af:fa:2b:23:6e:5d:1a: 26:be:75:14:3c:00:41:f5:63:d9:dd:d5:5e:a0:92:90:5c:cc: 2f:cf:1f:5f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgIBDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhENDk0 MEY1MTFBMzhEOTU0NEQ0OEI0QzVDNkMzOUIwNTgxRjg5MUZFMB4XDTI1MDkwMzEx MTAxOVoXDTI2MDkwMjAwNDEyNlowMzExMC8GA1UEAxMoNUU1MzZBQjk4RkVFNDNG RUFCNjc2MjYxNTRDREVGNDZBNzIyNDVFRjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKJCMRvMITcd4VLOTBkMdxNVJ8g2uJND4/+CTUVRtBSKGIdl+6cO 0bqEr6gr4R3TC2lMxgxPrIV/vp9gI1kSkYYtt+vEgkG7KKHSUHde1WaLpuhim2oe AEFw2/6nOfs/qrQJLw3to+4o68JjuIgIadFBqlvdGKYHL+Klp6QN/COCmDMydYb/ nvk665EhzkvPREre0+lhj3FqyA8BEmARx81WQEaoLL2q5utmO+Vz0w/+F4jJgHv3 POJ5tupvlqcSUZB5PZf8PovEi6SrsbwcM7Tzba4NeUI2l017mpH8PV6ALppmLfl0 WekvyiR/tnVjQcqdanLDgIu1OnfiXdr3NQUCAwEAAaOCAfQwggHwMB0GA1UdDgQW BBReU2q5j+5D/qtnYmFUze9GpyJF7zAfBgNVHSMEGDAWgBTUlA9RGjjZVE1ItMXG w5sFgfiR/jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjg4 LzFKUVBVUm80MlZSTlNMVEZ4c09iQllINGtmNC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMUpRUFVSbzQyVlJOU0xURnhzT2JCWUg0a2Y0LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY4OC9YbE5xdVlfdVFfNnJa MkpoVk0zdlJxY2lSZTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH AwUAJAKLwDANBgkqhkiG9w0BAQsFAAOCAQEAtA9BvkKQ7++AEiW7ExSjDpi/SEoV qHFLtBxHHZuyOGyKwKlEDQd9G8lqv8Yri4yrQwjoEeGr04YkPzEHagzCB5HIrAap coV55h3DmlpZBroVFuNRNFb4vvwFBnXH62WFFWGoQiwhIybg4/h7Ow1O0MLDjXG4 /Vs1Bh4HWNa0owkgGt3v34nhU8EmoWuNcT4W09bPMiXBPH6LZFWDoe5gBv+cfs5G 5kp0LA6p6LLnIY5B+iMWyeHqeStPZ4S88fjNb2NuoZTO4AMl97riZ6OgW0yo03p6 IrMb/sCz/NYrZt3NoUKv+isjbl0aJr51FDwAQfVj2d3VXqCSkFzML88fXw== -----END CERTIFICATE-----Generated at Mon Sep 8 22:31:50 2025 by rpki-client