$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/WsI9U-9bgevFoclneq8g7FR0mHg.roa File: WsI9U-9bgevFoclneq8g7FR0mHg.roa (raw, json) Hash identifier: bD//YHFDnj/uIWvWgYd04MJk02K2IKMh3SVa42WHaWo= Subject key identifier: 5A:C2:3D:53:EF:5B:81:EB:C5:A1:C9:67:7A:AF:20:EC:54:74:98:78 Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Certificate serial: 1474 Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/WsI9U-9bgevFoclneq8g7FR0mHg.roa Signing time: Thu 28 Aug 2025 06:28:58 +0000 ROA not before: Thu 28 Aug 2025 06:28:58 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23853 IP address blocks: 2404:7600::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 12:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5236 (0x1474) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Validity Not Before: Aug 28 06:28:58 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=5AC23D53EF5B81EBC5A1C9677AAF20EC54749878 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:9f:b9:ca:0d:d1:2e:09:6b:9c:9d:ba:9a:f8: 34:b2:fc:0d:ec:5e:10:84:5b:0a:a3:bb:95:0e:17: 9e:98:68:17:fa:60:25:b6:c2:68:3e:09:a0:21:e0: 6e:16:a2:c1:08:09:20:da:8f:ba:ca:b1:18:73:dd: 45:6d:01:48:3d:d3:34:d6:bc:8a:9f:57:8e:f0:79: b9:dd:c7:19:c6:60:9b:dd:31:c7:05:28:5d:cd:14: d8:cb:c4:b4:6b:13:44:78:c5:23:78:3a:5b:05:d8: 3d:63:32:40:7d:16:68:32:70:a1:eb:08:11:3c:35: 2d:c5:ec:8f:2c:b7:c8:5b:4d:cf:66:0e:3f:bf:db: c5:62:7c:ce:38:cc:c0:6e:70:2e:cb:6a:a9:f5:cf: d7:00:cb:6e:4f:1c:ab:90:41:43:a9:e1:d0:c9:8d: 27:44:d5:9b:64:4b:fc:8b:75:2a:ea:1f:f9:47:0b: 2e:9b:77:f7:97:a9:46:a2:86:6a:25:68:c7:47:04: d3:c3:40:7c:9f:91:e6:8e:1b:12:0d:8d:33:45:f6: 0b:4a:49:01:0f:4d:b2:bb:ca:1f:0e:23:eb:cd:de: 7c:43:b7:d3:80:5f:d0:ba:7d:a4:46:56:0f:b0:c6: 10:90:74:56:18:f7:3c:6a:de:b3:5f:55:51:2a:45: c2:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:C2:3D:53:EF:5B:81:EB:C5:A1:C9:67:7A:AF:20:EC:54:74:98:78 X509v3 Authority Key Identifier: keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/WsI9U-9bgevFoclneq8g7FR0mHg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:7600::/32 Signature Algorithm: sha256WithRSAEncryption 51:1a:90:39:1d:84:f4:3d:ca:34:13:ca:3e:ed:fb:3f:f4:83: 41:ca:89:a7:82:d9:60:db:c3:79:c4:9f:9c:0a:2e:36:b0:af: 45:dd:46:8f:93:20:90:0e:92:74:df:3f:4e:fa:7f:ea:a4:49: 65:8a:2e:5d:50:5d:4b:c2:4b:01:bc:c2:f0:eb:35:9a:c2:39: 61:58:d7:e5:cd:84:6c:b6:38:5a:59:24:22:d7:16:e7:71:ad: 1e:70:b1:9a:dc:9f:27:f2:d5:4c:90:df:19:b6:52:0c:64:95: d7:a8:d7:42:b3:60:60:d5:30:80:10:89:e4:ef:9f:47:77:29: 2b:bd:04:8a:f2:3d:1b:b5:dd:73:f4:73:b7:99:4f:d8:5d:e2: 13:8e:49:1c:f9:00:7d:b7:b4:a9:83:0c:7e:71:34:88:f8:53: 15:45:1a:1d:95:97:9f:75:11:f9:4c:70:53:69:ab:cd:06:77: 36:37:f3:d3:df:71:03:fb:1c:7d:d0:41:20:e7:1a:e9:c5:5f: 88:da:45:b7:58:4c:74:e6:65:7a:4c:06:18:22:5c:26:37:7a: ee:8b:2e:8b:87:cc:44:3f:03:f8:b4:d1:e7:e6:08:08:8b:6a: 3d:20:a3:66:82:40:b7:34:f6:75:be:92:5e:03:4a:50:3d:e3: d7:c7:41:40 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICFHQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yNTA4Mjgw NjI4NThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDVBQzIzRDUzRUY1Qjgx RUJDNUExQzk2NzdBQUYyMEVDNTQ3NDk4NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKn7nKDdEuCWucnbqa+DSy/A3sXhCEWwqju5UOF56YaBf6YCW2 wmg+CaAh4G4WosEICSDaj7rKsRhz3UVtAUg90zTWvIqfV47webndxxnGYJvdMccF KF3NFNjLxLRrE0R4xSN4OlsF2D1jMkB9FmgycKHrCBE8NS3F7I8st8hbTc9mDj+/ 28VifM44zMBucC7Laqn1z9cAy25PHKuQQUOp4dDJjSdE1ZtkS/yLdSrqH/lHCy6b d/eXqUaihmolaMdHBNPDQHyfkeaOGxINjTNF9gtKSQEPTbK7yh8OI+vN3nxDt9OA X9C6faRGVg+wxhCQdFYY9zxq3rNfVVEqRcJlAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUWsI9U+9bgevFoclneq8g7FR0mHgwHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7 wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS9Xc0k5VS05YmdldkZvY2xu ZXE4ZzdGUjBtSGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA JAR2ADANBgkqhkiG9w0BAQsFAAOCAQEAURqQOR2E9D3KNBPKPu37P/SDQcqJp4LZ YNvDecSfnAouNrCvRd1Gj5MgkA6SdN8/Tvp/6qRJZYouXVBdS8JLAbzC8Os1msI5 YVjX5c2EbLY4WlkkItcW53GtHnCxmtyfJ/LVTJDfGbZSDGSV16jXQrNgYNUwgBCJ 5O+fR3cpK70EivI9G7Xdc/Rzt5lP2F3iE45JHPkAfbe0qYMMfnE0iPhTFUUaHZWX n3UR+UxwU2mrzQZ3Njfz099xA/scfdBBIOca6cVfiNpFt1hMdOZlekwGGCJcJjd6 7osui4fMRD8D+LTR5+YICItqPSCjZoJAtzT2db6SXgNKUD3j18dBQA== -----END CERTIFICATE-----Generated at Mon Sep 8 09:13:22 2025 by rpki-client