$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/FBECd9d0h3_4eeUdIMvaYmTumPk.roa File: FBECd9d0h3_4eeUdIMvaYmTumPk.roa (raw, json) Hash identifier: 3Nqzkmu2IgGHWqJ9B4y6IeqOc/SZHbdvbPEM8QQpbyI= Subject key identifier: 14:11:02:77:D7:74:87:7F:F8:79:E5:1D:20:CB:DA:62:64:EE:98:F9 Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Certificate serial: 0CC7 Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/FBECd9d0h3_4eeUdIMvaYmTumPk.roa Signing time: Wed 09 Jul 2025 11:23:19 +0000 ROA not before: Wed 09 Jul 2025 11:23:19 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4134 IP address blocks: 2407:8f40:2::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 12:40:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3271 (0xcc7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Validity Not Before: Jul 9 11:23:19 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=14110277D774877FF879E51D20CBDA6264EE98F9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:40:4d:21:f7:3a:29:fd:98:3c:cf:b1:0a:ef: 25:e4:1a:44:f3:cb:0f:fa:55:86:16:62:58:28:bb: b2:0c:bd:04:6c:8d:64:39:26:ea:ec:3b:3a:cb:44: 03:81:8d:f6:c0:5a:10:c4:bf:b4:29:8b:64:17:a1: d6:b0:5f:c4:3b:05:72:fa:79:db:2c:08:2d:16:ce: 12:26:81:4c:14:d8:10:b1:bd:78:38:fc:57:a5:95: c0:d9:88:64:0b:60:8b:46:1c:91:4a:64:ce:65:4c: 05:de:1f:cb:1c:bc:c4:bb:1d:9f:72:30:2d:2e:09: c9:b9:cd:05:2a:7f:35:9d:e3:20:30:3f:91:09:c2: 2c:21:49:fe:de:41:05:78:0c:02:e4:17:2f:49:25: 9c:b9:d2:c6:d2:c0:56:68:7d:98:25:58:d8:8b:18: 10:71:01:2a:8f:c6:71:51:89:58:2b:e6:aa:41:65: a5:22:c5:fe:44:79:4f:e2:b6:9b:eb:4a:7c:56:47: 22:95:bf:8b:17:b4:b6:41:19:dc:9f:87:49:78:ee: ae:25:76:00:8c:51:da:c3:db:b2:ca:b9:87:b3:52: d9:82:c2:06:c0:cf:8d:25:e8:27:ee:36:f4:7b:9d: cb:b7:ea:fa:de:6f:4a:a1:c6:0c:eb:28:5f:f6:96: e1:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:11:02:77:D7:74:87:7F:F8:79:E5:1D:20:CB:DA:62:64:EE:98:F9 X509v3 Authority Key Identifier: keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/FBECd9d0h3_4eeUdIMvaYmTumPk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:8f40:2::/48 Signature Algorithm: sha256WithRSAEncryption 64:b4:99:d8:d5:b0:e6:14:5a:80:50:5e:a3:54:75:fe:bc:4a: 28:d9:e6:db:ed:1d:cc:d8:8d:2a:75:c0:11:38:4a:62:79:65: 2d:d6:11:31:29:cc:6a:d4:34:0b:0d:f8:ef:6f:15:0a:91:0b: b1:35:6b:21:74:f3:f0:bd:b1:94:62:2f:da:29:9f:b5:e6:82: ce:5e:6f:da:ef:a4:2c:5a:72:c1:34:3e:26:03:c5:d5:c8:e9: b1:2f:65:07:49:b3:0a:f1:d1:06:ce:9c:d0:cf:87:92:c6:ea: 45:bd:98:67:94:9c:d6:ee:01:20:8d:08:cd:b6:0c:c0:7d:63: f7:92:7f:76:cd:90:88:a0:13:17:a5:cb:4e:3c:1f:f4:9f:a1: 71:2f:fc:6b:a2:d8:4b:8f:1b:80:98:ab:67:75:e0:24:00:3a: 4a:e7:2b:48:f3:29:a4:4e:16:c0:62:68:94:dd:a0:ce:71:d4: 0d:16:f9:5a:09:33:95:f2:b1:5f:ba:3d:e2:9d:0b:27:f3:fc: b0:0c:14:64:ab:a0:61:2b:ce:15:c3:17:fe:eb:70:0b:da:3c: aa:02:dd:86:cd:81:86:f6:5c:5c:88:31:7f:6a:4b:d2:37:56: 51:af:21:73:e4:fb:d6:e0:c2:ec:5f:59:22:f1:b1:a0:72:1e: 34:0a:14:d0 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICDMcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNTA3MDkx MTIzMTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDE0MTEwMjc3RDc3NDg3 N0ZGODc5RTUxRDIwQ0JEQTYyNjRFRTk4RjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQChQE0h9zop/Zg8z7EK7yXkGkTzyw/6VYYWYlgou7IMvQRsjWQ5 JursOzrLRAOBjfbAWhDEv7Qpi2QXodawX8Q7BXL6edssCC0WzhImgUwU2BCxvXg4 /FellcDZiGQLYItGHJFKZM5lTAXeH8scvMS7HZ9yMC0uCcm5zQUqfzWd4yAwP5EJ wiwhSf7eQQV4DALkFy9JJZy50sbSwFZofZglWNiLGBBxASqPxnFRiVgr5qpBZaUi xf5EeU/itpvrSnxWRyKVv4sXtLZBGdyfh0l47q4ldgCMUdrD27LKuYezUtmCwgbA z40l6CfuNvR7ncu36vreb0qhxgzrKF/2luEvAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUFBECd9d0h3/4eeUdIMvaYmTumPkwHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b 3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvRkJFQ2Q5ZDBoM180 ZWVVZElNdmFZbVR1bVBrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQHj0AAAjANBgkqhkiG9w0BAQsFAAOCAQEAZLSZ2NWw5hRagFBeo1R1/rxK KNnm2+0dzNiNKnXAEThKYnllLdYRMSnMatQ0Cw34728VCpELsTVrIXTz8L2xlGIv 2imfteaCzl5v2u+kLFpywTQ+JgPF1cjpsS9lB0mzCvHRBs6c0M+HksbqRb2YZ5Sc 1u4BII0IzbYMwH1j95J/ds2QiKATF6XLTjwf9J+hcS/8a6LYS48bgJirZ3XgJAA6 SucrSPMppE4WwGJolN2gznHUDRb5WgkzlfKxX7o94p0LJ/P8sAwUZKugYSvOFcMX /utwC9o8qgLdhs2BhvZcXIgxf2pL0jdWUa8hc+T71uDC7F9ZIvGxoHIeNAoU0A== -----END CERTIFICATE-----Generated at Sun Jul 20 12:35:11 2025 by rpki-client