$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/97ad_V9gjeta71mcDWjobxSFplo.roa File: 97ad_V9gjeta71mcDWjobxSFplo.roa (raw, json) Hash identifier: 9WkgIVAeGwOyq6J+cnXq/X0O6Hs/OuNeES2HB4KDO/A= Subject key identifier: F7:B6:9D:FD:5F:60:8D:EB:5A:EF:59:9C:0D:68:E8:6F:14:85:A6:5A Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Certificate serial: 0DEF Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/97ad_V9gjeta71mcDWjobxSFplo.roa Signing time: Sat 06 Sep 2025 08:02:53 +0000 ROA not before: Sat 06 Sep 2025 08:02:53 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 9808 IP address blocks: 2407:8f40:2::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 11:03:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3567 (0xdef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Validity Not Before: Sep 6 08:02:53 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=F7B69DFD5F608DEB5AEF599C0D68E86F1485A65A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:d9:87:ef:07:2f:cb:ed:3b:b6:b8:a2:76:43: d4:93:e4:e3:ed:60:bc:d3:61:7c:21:d9:36:11:33: 08:63:2c:8f:21:82:cd:ec:73:82:6e:b6:94:02:26: b0:40:85:18:a0:96:8a:41:c1:78:75:7a:b8:79:b7: 77:f1:20:0c:5c:4c:45:49:d3:e3:70:b2:2a:e7:18: 9b:5b:c5:4f:3b:f5:9f:7e:73:5c:fe:c2:8f:f7:76: 39:67:ac:2e:42:30:84:03:d1:31:a5:ca:b9:03:e5: 75:05:04:69:ec:ad:ed:0d:62:f4:66:41:3a:c5:d1: 2a:98:32:f3:83:57:59:37:5a:d1:29:66:bd:5a:39: 36:e9:8d:05:7a:84:6f:86:29:2d:02:e8:7a:4f:af: b3:44:09:ed:1f:38:91:a9:11:c3:1a:8f:89:4e:8b: 32:08:0b:bb:96:95:51:7a:37:55:de:fd:a2:2c:af: 9b:75:e6:03:41:fb:80:ba:73:5b:24:bd:5e:c3:81: d1:2f:75:7c:58:b4:b0:44:f7:b2:67:7e:c1:94:58: 5f:0a:8d:9f:a3:61:7d:5e:c8:17:96:49:64:ba:16: b2:7b:ee:9e:29:f3:d9:40:1a:e1:1e:38:59:de:74: e2:14:5b:f4:7b:d7:c2:91:b3:5e:9c:38:14:4b:b4: 9a:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:B6:9D:FD:5F:60:8D:EB:5A:EF:59:9C:0D:68:E8:6F:14:85:A6:5A X509v3 Authority Key Identifier: keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/97ad_V9gjeta71mcDWjobxSFplo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:8f40:2::/48 Signature Algorithm: sha256WithRSAEncryption 7f:36:93:a0:73:34:df:1c:e4:a8:01:1a:7f:08:72:91:2b:17: d6:f1:cb:08:21:dd:aa:49:bd:89:d8:ae:65:8d:15:44:2e:24: d3:cf:33:6c:36:a8:43:fd:2e:41:e4:45:1f:ba:d8:3d:53:94: 04:33:f5:d2:ef:70:8d:00:25:86:1b:03:08:0c:c7:01:56:c0: 66:79:f7:1e:bf:b7:d0:9a:44:30:58:db:25:94:76:95:a4:94: 08:28:da:37:d2:8b:65:db:a1:5c:a6:6a:05:32:38:02:50:45: de:ed:f5:17:9a:55:5d:5d:f8:b6:75:ce:e2:3e:8a:d4:77:6c: e7:70:11:fd:5e:c0:75:3e:69:47:f1:6e:7d:d0:3d:b1:c1:bf: c6:f5:20:d1:05:16:49:e6:89:0d:7c:3e:e4:61:5e:56:59:c0: 1e:5f:5b:60:88:94:eb:ec:d2:63:35:49:bb:35:a6:1d:4d:58: e1:73:f2:d6:43:f0:c4:38:78:19:4d:7a:df:0d:2d:72:af:b4: eb:cb:9f:a5:bb:33:9d:46:8a:41:66:66:aa:d9:38:9e:70:99: af:20:84:6a:09:87:c4:1a:81:b9:1f:6b:30:a0:56:e0:e5:0e: 2d:31:68:27:7e:1d:a1:49:e9:f5:5a:ce:cb:49:47:7e:08:c3: 83:35:81:2d -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICDe8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNTA5MDYw ODAyNTNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEY3QjY5REZENUY2MDhE RUI1QUVGNTk5QzBENjhFODZGMTQ4NUE2NUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC52YfvBy/L7Tu2uKJ2Q9ST5OPtYLzTYXwh2TYRMwhjLI8hgs3s c4JutpQCJrBAhRiglopBwXh1erh5t3fxIAxcTEVJ0+NwsirnGJtbxU879Z9+c1z+ wo/3djlnrC5CMIQD0TGlyrkD5XUFBGnsre0NYvRmQTrF0SqYMvODV1k3WtEpZr1a OTbpjQV6hG+GKS0C6HpPr7NECe0fOJGpEcMaj4lOizIIC7uWlVF6N1Xe/aIsr5t1 5gNB+4C6c1skvV7DgdEvdXxYtLBE97JnfsGUWF8KjZ+jYX1eyBeWSWS6FrJ77p4p 89lAGuEeOFnedOIUW/R718KRs16cOBRLtJrDAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQU97ad/V9gjeta71mcDWjobxSFplowHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b 3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvOTdhZF9WOWdqZXRh NzFtY0RXam9ieFNGcGxvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQHj0AAAjANBgkqhkiG9w0BAQsFAAOCAQEAfzaToHM03xzkqAEafwhykSsX 1vHLCCHdqkm9idiuZY0VRC4k088zbDaoQ/0uQeRFH7rYPVOUBDP10u9wjQAlhhsD CAzHAVbAZnn3Hr+30JpEMFjbJZR2laSUCCjaN9KLZduhXKZqBTI4AlBF3u31F5pV XV34tnXO4j6K1Hds53AR/V7AdT5pR/FufdA9scG/xvUg0QUWSeaJDXw+5GFeVlnA Hl9bYIiU6+zSYzVJuzWmHU1Y4XPy1kPwxDh4GU163w0tcq+068ufpbsznUaKQWZm qtk4nnCZryCEagmHxBqBuR9rMKBW4OUOLTFoJ34doUnp9VrOy0lHfgjDgzWBLQ== -----END CERTIFICATE-----Generated at Mon Sep 8 09:11:48 2025 by rpki-client