$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/6fSLahLL69855rH9FSd4t3ZfwPU.roa File: 6fSLahLL69855rH9FSd4t3ZfwPU.roa (raw, json) Hash identifier: dIXLSnnQG4MjEsIDN76ZGXRP7DuKEQWCfiK1lRZRavA= Subject key identifier: E9:F4:8B:6A:12:CB:EB:DF:39:E6:B1:FD:15:27:78:B7:76:5F:C0:F5 Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0 Certificate serial: 0D1D Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/6fSLahLL69855rH9FSd4t3ZfwPU.roa Signing time: Fri 18 Jul 2025 01:11:09 +0000 ROA not before: Fri 18 Jul 2025 01:11:09 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4134 IP address blocks: 59.107.224.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Jul 2025 08:11:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3357 (0xd1d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0 Validity Not Before: Jul 18 01:11:09 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=E9F48B6A12CBEBDF39E6B1FD152778B7765FC0F5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:53:94:08:7e:77:3e:ca:96:e1:fe:c9:51:c9: 67:da:bd:34:e5:f8:8c:53:be:c8:c6:f5:fb:74:59: 6d:4f:c3:e6:ad:3a:1c:11:c4:73:83:8d:45:1b:56: 27:80:35:5a:62:5e:d2:06:a2:51:b7:7d:64:8a:f2: 18:e3:8f:e3:19:ce:6c:e4:fd:69:56:80:9b:f3:da: 00:84:cf:b8:ce:57:ab:1e:32:34:c5:69:71:af:f4: 16:ca:16:00:40:e0:e9:d2:63:25:5b:20:b2:55:fd: 22:b9:09:e6:99:66:03:cc:6a:c3:ab:85:42:16:c4: 95:a5:89:9f:56:17:b8:56:36:16:28:09:87:84:7d: 5b:00:68:8d:7e:f4:a1:db:af:cd:5e:9a:d3:68:4c: 43:37:ea:c6:dc:72:25:53:84:4e:85:5f:59:a4:63: 0c:31:f4:b1:88:62:0e:50:94:f6:1b:53:bd:61:18: f0:4d:ff:f0:a7:e5:e5:d1:ce:f1:62:65:5b:ae:05: 7e:93:8d:95:1c:a1:3e:f1:74:9b:a1:e1:83:49:b9: 7e:8a:b6:f0:72:1e:d8:bb:f1:c3:a9:2c:86:85:86: 7b:44:71:08:86:fc:8a:84:80:2c:c1:77:4e:30:3a: fc:51:10:d1:58:28:90:4c:3d:08:72:1e:29:a0:69: 7b:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:F4:8B:6A:12:CB:EB:DF:39:E6:B1:FD:15:27:78:B7:76:5F:C0:F5 X509v3 Authority Key Identifier: keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/6fSLahLL69855rH9FSd4t3ZfwPU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 59.107.224.0/22 Signature Algorithm: sha256WithRSAEncryption 90:d4:0f:9f:c2:4f:a0:9e:fe:d8:6e:e0:b1:9f:9f:1c:3b:0d: 5a:7e:84:9e:30:d3:3c:3c:b9:15:1a:b5:5e:4d:43:5e:cc:71: 6a:5d:8e:af:82:0a:b5:93:6f:73:ae:7b:4f:60:b1:00:dd:e3: 40:bc:63:ff:5d:9a:6c:32:33:8e:9f:c2:d4:9e:b0:12:ee:40: 6d:23:20:32:0d:6b:4b:b9:a5:89:e5:86:1d:61:7c:90:ea:c6: a4:b4:54:f0:5f:01:fc:04:e7:9c:74:04:02:8a:8c:e4:ca:87: fd:6d:93:cf:97:a9:f5:71:a6:ef:6a:72:6d:73:65:41:a1:fe: 6f:fd:38:51:f2:9e:af:ef:d5:de:85:0e:62:f0:6a:0c:af:51: d4:41:9c:bd:a8:17:54:2b:ec:05:ce:cd:6f:09:d5:4e:90:3f: 87:a9:a9:9e:ea:06:59:d9:11:c1:64:63:3a:51:3a:d8:4f:36: 55:35:5e:75:c2:d5:dd:44:35:17:1d:01:31:20:79:62:86:0b: da:19:16:a2:21:18:04:be:2e:b6:b1:07:09:ed:37:be:8e:be: 1b:07:db:dd:0e:39:73:19:c6:5e:2c:1f:18:a3:fc:8a:51:95: 91:31:11:b7:bd:40:a4:0a:33:af:a7:bc:82:d2:4d:72:05:0b: f1:f0:11:85 -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgICDR0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4 MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNTA3MTgw MTExMDlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU5RjQ4QjZBMTJDQkVC REYzOUU2QjFGRDE1Mjc3OEI3NzY1RkMwRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7U5QIfnc+ypbh/slRyWfavTTl+IxTvsjG9ft0WW1Pw+atOhwR xHODjUUbVieANVpiXtIGolG3fWSK8hjjj+MZzmzk/WlWgJvz2gCEz7jOV6seMjTF aXGv9BbKFgBA4OnSYyVbILJV/SK5CeaZZgPMasOrhUIWxJWliZ9WF7hWNhYoCYeE fVsAaI1+9KHbr81emtNoTEM36sbcciVThE6FX1mkYwwx9LGIYg5QlPYbU71hGPBN //Cn5eXRzvFiZVuuBX6TjZUcoT7xdJuh4YNJuX6KtvByHti78cOpLIaFhntEcQiG /IqEgCzBd04wOvxRENFYKJBMPQhyHimgaXvNAgMBAAGjggHtMIIB6TAdBgNVHQ4E FgQU6fSLahLL69855rH9FSd4t3ZfwPUwHwYDVR0jBBgwFoAUlIG05AkBXY630D82 A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvNmZTTGFoTEw2OTg1NXJIOUZT ZDR0M1pmd1BVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAjtr 4DANBgkqhkiG9w0BAQsFAAOCAQEAkNQPn8JPoJ7+2G7gsZ+fHDsNWn6EnjDTPDy5 FRq1Xk1DXsxxal2Or4IKtZNvc657T2CxAN3jQLxj/12abDIzjp/C1J6wEu5AbSMg Mg1rS7mlieWGHWF8kOrGpLRU8F8B/ATnnHQEAoqM5MqH/W2Tz5ep9XGm72pybXNl QaH+b/04UfKer+/V3oUOYvBqDK9R1EGcvagXVCvsBc7NbwnVTpA/h6mpnuoGWdkR wWRjOlE62E82VTVedcLV3UQ1Fx0BMSB5YoYL2hkWoiEYBL4utrEHCe03vo6+Gwfb 3Q45cxnGXiwfGKP8ilGVkTERt71ApAozr6e8gtJNcgUL8fARhQ== -----END CERTIFICATE-----Generated at Mon Jul 21 08:04:34 2025 by rpki-client