$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/Ou9Mh8HtVO_3pMQh97VqyrWxmgo.roa File: Ou9Mh8HtVO_3pMQh97VqyrWxmgo.roa (raw, json) Hash identifier: 2D1MSRDWf/VlzhmTI+FdFguyzLILDrNJqO07CDQr4qg= Subject key identifier: 3A:EF:4C:87:C1:ED:54:EF:F7:A4:C4:21:F7:B5:6A:CA:B5:B1:9A:0A Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Certificate serial: 0DF1 Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/Ou9Mh8HtVO_3pMQh97VqyrWxmgo.roa Signing time: Sat 06 Sep 2025 08:02:53 +0000 ROA not before: Sat 06 Sep 2025 08:02:53 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 37968 IP address blocks: 2407:8f40:2::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 11:03:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3569 (0xdf1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Validity Not Before: Sep 6 08:02:53 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3AEF4C87C1ED54EFF7A4C421F7B56ACAB5B19A0A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:fa:23:2d:92:59:b4:9d:01:42:47:9a:ce:9c: 98:8d:45:be:a5:d6:e1:5c:b1:89:ff:64:93:22:cc: a0:3c:ab:2a:45:f3:5e:08:e1:9f:52:38:56:18:46: 25:5d:17:ba:e3:ff:35:f7:4a:65:52:bf:83:3b:3e: 1a:8f:07:6d:0f:e9:27:f0:c0:6c:62:46:7d:fc:13: 93:02:4c:97:f2:1a:88:26:9b:33:9b:08:63:17:9e: 54:2d:f8:44:fd:50:cf:82:5e:06:fd:7f:ff:f3:5a: 15:f0:1c:ce:c0:7c:3e:ed:cd:d4:e5:2e:04:c6:cf: 3e:ee:d2:40:c6:0e:d6:f9:0c:c8:85:28:3f:88:82: b1:91:3d:40:b7:28:3f:96:3f:5e:58:b4:a5:cf:4e: 80:c8:b0:15:ba:64:ea:de:fa:c7:a0:50:92:80:ba: eb:fd:7c:86:8e:5f:3e:fb:17:5e:f3:5c:3b:ef:60: a9:8f:a1:a4:a8:5a:98:d9:55:1f:06:50:8b:e6:ab: eb:6c:b6:4f:00:fb:22:e0:02:fc:9d:e1:09:2c:66: b6:79:b1:f9:cf:b8:56:90:4e:f9:17:fc:e3:f1:cb: 05:0a:89:35:2f:7c:c2:92:87:52:75:bd:05:3b:92: 7f:8c:45:9e:e5:4c:eb:cf:35:6c:26:f8:2b:ec:5a: d9:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:EF:4C:87:C1:ED:54:EF:F7:A4:C4:21:F7:B5:6A:CA:B5:B1:9A:0A X509v3 Authority Key Identifier: keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/Ou9Mh8HtVO_3pMQh97VqyrWxmgo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:8f40:2::/48 Signature Algorithm: sha256WithRSAEncryption 44:40:91:27:7a:fa:85:a7:d1:99:b6:5a:2e:94:99:3e:ce:7e: e2:83:ac:bf:d1:0a:7d:83:e7:2b:96:f5:c7:44:fa:25:32:e8: 4d:f1:9d:2d:60:f4:60:c2:cf:40:f3:76:ba:4d:3e:ed:40:e9: 89:da:de:c9:c8:60:05:35:da:c4:42:01:3f:76:5a:f6:ce:00: 85:bc:11:4d:33:01:e2:c6:08:b8:98:5d:a8:b8:e8:fb:ba:a8: d1:03:e8:e6:ea:b9:ae:b1:99:e2:e0:c6:29:71:40:74:d1:52: 32:71:07:e2:01:66:1c:1e:6a:c9:a9:24:d5:3c:aa:5d:b9:47: a6:f4:76:61:89:04:a9:e3:82:d4:6e:b5:a3:81:8f:be:9b:cc: 38:57:98:e5:9d:ca:7a:44:a6:e4:b4:65:be:ca:76:20:92:34: e9:24:b5:6b:b3:aa:70:50:9e:4c:e0:23:e4:fd:91:ba:6e:2a: e4:d2:c8:73:9d:2f:0f:bd:36:fa:ed:18:76:b8:a2:3b:6f:91: 21:da:fd:44:f0:20:77:e4:50:86:1f:37:67:5a:57:7c:0a:76: f3:56:e4:8e:7a:d5:db:29:20:a8:1b:5a:10:31:91:c7:27:65: 81:ba:2e:19:34:6d:bd:53:48:1d:b0:a0:e8:97:d7:bc:eb:67: 8f:42:ce:15 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICDfEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNTA5MDYw ODAyNTNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDNBRUY0Qzg3QzFFRDU0 RUZGN0E0QzQyMUY3QjU2QUNBQjVCMTlBMEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDK+iMtklm0nQFCR5rOnJiNRb6l1uFcsYn/ZJMizKA8qypF814I 4Z9SOFYYRiVdF7rj/zX3SmVSv4M7PhqPB20P6SfwwGxiRn38E5MCTJfyGogmmzOb CGMXnlQt+ET9UM+CXgb9f//zWhXwHM7AfD7tzdTlLgTGzz7u0kDGDtb5DMiFKD+I grGRPUC3KD+WP15YtKXPToDIsBW6ZOre+segUJKAuuv9fIaOXz77F17zXDvvYKmP oaSoWpjZVR8GUIvmq+tstk8A+yLgAvyd4QksZrZ5sfnPuFaQTvkX/OPxywUKiTUv fMKSh1J1vQU7kn+MRZ7lTOvPNWwm+CvsWtn/AgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUOu9Mh8HtVO/3pMQh97VqyrWxmgowHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b 3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvT3U5TWg4SHRWT18z cE1RaDk3VnF5cld4bWdvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQHj0AAAjANBgkqhkiG9w0BAQsFAAOCAQEARECRJ3r6hafRmbZaLpSZPs5+ 4oOsv9EKfYPnK5b1x0T6JTLoTfGdLWD0YMLPQPN2uk0+7UDpidreychgBTXaxEIB P3Za9s4AhbwRTTMB4sYIuJhdqLjo+7qo0QPo5uq5rrGZ4uDGKXFAdNFSMnEH4gFm HB5qyakk1TyqXblHpvR2YYkEqeOC1G61o4GPvpvMOFeY5Z3KekSm5LRlvsp2IJI0 6SS1a7OqcFCeTOAj5P2Rum4q5NLIc50vD702+u0YdriiO2+RIdr9RPAgd+RQhh83 Z1pXfAp281bkjnrV2ykgqBtaEDGRxydlgbouGTRtvVNIHbCg6JfXvOtnj0LOFQ== -----END CERTIFICATE-----Generated at Mon Sep 8 09:12:40 2025 by rpki-client