$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/338/uM6Bqukp71aahKZqrWcNnfGwOYI.roa File: uM6Bqukp71aahKZqrWcNnfGwOYI.roa (raw, json) Hash identifier: H3DFr6Y9Y8ld4YjkkbdfArBir243O4bRpYhIkO/uIQ0= Subject key identifier: B8:CE:81:AA:E9:29:EF:56:9A:84:A6:6A:AD:67:0D:9D:F1:B0:39:82 Certificate issuer: /CN=898FCD881F2DAD951ADC31E481C4EDC820931AD3 Certificate serial: 1A87 Authority key identifier: 89:8F:CD:88:1F:2D:AD:95:1A:DC:31:E4:81:C4:ED:C8:20:93:1A:D3 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iY_NiB8trZUa3DHkgcTtyCCTGtM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/338/uM6Bqukp71aahKZqrWcNnfGwOYI.roa Signing time: Mon 07 Jul 2025 10:09:29 +0000 ROA not before: Mon 07 Jul 2025 10:09:29 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 45061 IP address blocks: 2400:8201::/48 maxlen: 128 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/338/iY_NiB8trZUa3DHkgcTtyCCTGtM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/338/iY_NiB8trZUa3DHkgcTtyCCTGtM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iY_NiB8trZUa3DHkgcTtyCCTGtM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:39:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6791 (0x1a87) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=898FCD881F2DAD951ADC31E481C4EDC820931AD3 Validity Not Before: Jul 7 10:09:29 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=B8CE81AAE929EF569A84A66AAD670D9DF1B03982 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:72:76:5a:5c:83:6d:37:a7:9d:ad:24:b7:40: d2:60:7a:dd:34:4d:1a:f0:61:31:b9:17:1d:da:48: c0:5f:8a:d3:89:15:c0:b5:cb:52:da:6e:ca:59:3b: 9a:9a:ba:e0:0b:78:0c:7e:cc:a6:50:78:af:01:96: 2f:72:c5:56:42:26:49:13:18:c8:45:d9:37:08:94: 94:ec:68:75:56:dd:09:8c:e8:92:57:20:c6:7d:d8: 5b:f6:fb:a6:1e:79:5d:c1:e5:01:d9:84:d7:fb:24: f4:4b:40:88:c3:86:d2:d7:eb:39:79:5b:fc:bb:0d: e0:bd:6b:b5:bd:02:6e:6c:4c:b8:84:c2:7c:67:f0: 4a:5d:ca:b5:fc:ac:f3:31:cc:a6:4e:b3:8d:97:29: e5:59:49:47:a3:2c:01:a6:09:c3:36:d6:f2:81:bf: 9f:cc:41:f1:44:37:11:65:b3:0e:66:ae:7f:c9:db: a2:61:96:2b:f2:8f:28:14:55:e7:5d:77:af:c4:3a: 24:1c:ce:cb:ad:f6:de:62:1c:77:39:47:4b:90:d5: 3c:ea:1c:7e:de:35:93:fe:7c:8a:6d:d1:58:35:76: b1:e1:a3:59:b1:39:c2:d6:aa:2a:f1:62:2c:31:10: cc:82:5a:1f:c0:8b:a4:ac:98:2c:a0:3b:19:74:9a: 27:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:CE:81:AA:E9:29:EF:56:9A:84:A6:6A:AD:67:0D:9D:F1:B0:39:82 X509v3 Authority Key Identifier: keyid:89:8F:CD:88:1F:2D:AD:95:1A:DC:31:E4:81:C4:ED:C8:20:93:1A:D3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/338/iY_NiB8trZUa3DHkgcTtyCCTGtM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iY_NiB8trZUa3DHkgcTtyCCTGtM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/338/uM6Bqukp71aahKZqrWcNnfGwOYI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:8201::/48 Signature Algorithm: sha256WithRSAEncryption aa:a2:d7:f9:27:7b:e1:98:a4:38:09:f7:ff:84:69:9c:3a:e7: 42:a8:51:30:39:59:db:b5:8c:dc:05:f4:e2:9e:88:16:4b:c1: 08:5c:19:13:8a:5b:a2:e9:a8:20:b4:fc:d1:b5:58:5d:54:6d: 6f:8c:db:ba:14:66:2a:67:e3:06:12:0c:df:a3:19:7a:61:54: 9c:d0:7b:9c:a4:e8:30:09:e8:85:46:97:50:44:4a:76:8e:fe: 94:f2:f5:b5:d1:1f:77:24:ec:8b:72:2c:33:66:97:ed:8e:f8: 70:3f:92:25:dc:e6:01:f6:d0:fd:71:50:ed:a1:38:61:9c:6c: e2:6d:49:32:66:be:5a:78:d7:b7:05:01:20:62:47:12:33:47: b6:66:7e:32:4d:df:b3:b0:f9:e0:cf:bc:aa:3c:af:5e:9c:e2: 8b:c3:b7:07:09:06:fe:0f:ad:8d:33:9a:7c:ef:71:2b:d3:79: 5a:f5:5c:ef:2a:f8:c5:3b:f6:99:82:ac:4b:e0:7c:77:e6:00: fc:40:d5:e7:28:30:31:f2:d0:54:45:4e:4f:8c:a4:85:cf:8b: ad:c0:82:53:9b:c1:67:4e:55:29:8f:50:5b:db:a2:80:f2:75: a3:57:ab:aa:29:e5:6d:3c:79:71:6b:bc:87:43:e0:31:c3:45: d0:69:28:9d -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICGocwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODk4 RkNEODgxRjJEQUQ5NTFBREMzMUU0ODFDNEVEQzgyMDkzMUFEMzAeFw0yNTA3MDcx MDA5MjlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEI4Q0U4MUFBRTkyOUVG NTY5QTg0QTY2QUFENjcwRDlERjFCMDM5ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrcnZaXINtN6edrSS3QNJget00TRrwYTG5Fx3aSMBfitOJFcC1 y1LabspZO5qauuALeAx+zKZQeK8Bli9yxVZCJkkTGMhF2TcIlJTsaHVW3QmM6JJX IMZ92Fv2+6YeeV3B5QHZhNf7JPRLQIjDhtLX6zl5W/y7DeC9a7W9Am5sTLiEwnxn 8EpdyrX8rPMxzKZOs42XKeVZSUejLAGmCcM21vKBv5/MQfFENxFlsw5mrn/J26Jh livyjygUVeddd6/EOiQczsut9t5iHHc5R0uQ1TzqHH7eNZP+fIpt0Vg1drHho1mx OcLWqirxYiwxEMyCWh/Ai6SsmCygOxl0mid1AgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUuM6Bqukp71aahKZqrWcNnfGwOYIwHwYDVR0jBBgwFoAUiY/NiB8trZUa3DHk gcTtyCCTGtMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM4 L2lZX05pQjh0clpVYTNESGtnY1R0eUNDVEd0TS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvaVlfTmlCOHRyWlVhM0RIa2djVHR5Q0NUR3RNLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM4L3VNNkJxdWtwNzFhYWhL WnFyV2NObmZHd09ZSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD BwAkAIIBAAAwDQYJKoZIhvcNAQELBQADggEBAKqi1/kne+GYpDgJ9/+EaZw650Ko UTA5Wdu1jNwF9OKeiBZLwQhcGROKW6LpqCC0/NG1WF1UbW+M27oUZipn4wYSDN+j GXphVJzQe5yk6DAJ6IVGl1BESnaO/pTy9bXRH3ck7ItyLDNml+2O+HA/kiXc5gH2 0P1xUO2hOGGcbOJtSTJmvlp417cFASBiRxIzR7ZmfjJN37Ow+eDPvKo8r16c4ovD twcJBv4PrY0zmnzvcSvTeVr1XO8q+MU79pmCrEvgfHfmAPxA1ecoMDHy0FRFTk+M pIXPi63AglObwWdOVSmPUFvbooDydaNXq6op5W08eXFrvIdD4DHDRdBpKJ0= -----END CERTIFICATE-----Generated at Sun Jul 20 12:47:46 2025 by rpki-client