$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/ubUHjrANA8atca3rla1FxXFyva0.roa File: ubUHjrANA8atca3rla1FxXFyva0.roa (raw, json) Hash identifier: ZzhP4Q7BgubbyLuMo5j8AIzil4h3ZiAMGHBJmSJSjtI= Subject key identifier: B9:B5:07:8E:B0:0D:03:C6:AD:71:AD:EB:95:AD:45:C5:71:72:BD:AD Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Certificate serial: 1479 Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/ubUHjrANA8atca3rla1FxXFyva0.roa Signing time: Fri 29 Aug 2025 01:10:23 +0000 ROA not before: Fri 29 Aug 2025 01:10:23 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 17621 IP address blocks: 2404:7600:101::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 12:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5241 (0x1479) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Validity Not Before: Aug 29 01:10:23 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=B9B5078EB00D03C6AD71ADEB95AD45C57172BDAD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:b5:0f:5d:c6:d9:a2:ef:59:6f:33:75:19:ee: ec:76:c5:e1:08:a7:5e:f1:92:bb:ae:ae:9b:56:2d: 0c:3d:38:06:f3:b3:53:d0:6b:14:a6:b9:a2:5f:62: 2e:33:94:e2:15:c6:81:6f:5d:11:56:fd:31:d4:c9: a7:62:0c:fb:85:36:d5:66:22:e3:5b:6e:26:c5:6b: 0a:fe:57:b5:7f:bb:f3:1e:f4:86:3a:91:10:d8:4b: 40:b0:0f:a0:f8:2e:23:67:f1:4e:8b:00:aa:0d:a0: 06:fa:fd:4a:38:62:6d:09:f2:fc:65:df:57:d8:be: ef:5c:cf:e2:d4:33:a6:b6:c1:4a:b5:a7:f1:4c:77: a4:29:67:d1:24:80:85:d4:45:72:86:2f:ba:49:3d: 8f:03:f2:6e:1e:93:dd:25:60:67:fa:3b:64:a6:26: 68:10:06:15:17:6a:bd:8e:df:b4:23:30:05:1a:3e: e4:9d:df:6c:5b:b1:d0:92:b7:ee:ae:13:67:d4:b2: 64:ac:3b:42:91:1e:f7:67:c6:dd:1e:3a:b4:f4:37: fc:c5:c7:89:1e:37:24:2d:36:67:d8:4b:c6:3d:26: 15:71:3d:9b:3a:99:39:0b:51:28:a0:e3:4c:b0:07: cb:b0:67:21:95:de:5e:19:03:06:c9:fc:46:16:27: 68:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:B5:07:8E:B0:0D:03:C6:AD:71:AD:EB:95:AD:45:C5:71:72:BD:AD X509v3 Authority Key Identifier: keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/ubUHjrANA8atca3rla1FxXFyva0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:7600:101::/48 Signature Algorithm: sha256WithRSAEncryption 9a:02:d4:d1:17:7d:40:8b:6e:24:b6:93:e1:3b:2f:93:4b:c8: 17:1f:90:ec:32:2c:48:7a:18:16:d2:b4:0e:63:3b:aa:fa:1c: 90:a3:b2:17:fe:44:00:ac:1c:08:f9:00:d5:1f:bb:72:d9:fa: ec:50:6e:e5:4b:d2:5e:32:54:f8:1a:5e:a0:d8:a7:b3:61:c7: 2e:80:2a:08:fb:7a:2a:79:f8:f7:c8:e6:e8:f7:7e:51:b7:7a: 23:54:76:fc:f3:5a:d3:48:26:49:11:0c:62:48:ec:d8:43:cd: 8f:54:ad:93:8e:6e:14:b0:85:6c:72:e8:ee:eb:9b:79:3f:85: 86:be:f2:c3:75:d7:f5:f1:92:56:35:d3:33:97:ce:8f:b2:df: a5:25:65:6d:ab:af:04:51:fc:74:36:59:8a:62:52:43:fc:31: b0:55:28:d0:a2:e6:bc:54:b8:4f:b4:42:d2:21:5d:1b:1b:1b: 82:42:92:a0:1c:54:ed:8b:20:f1:ef:82:ba:df:58:b1:f3:53: df:17:1c:61:c1:fb:64:bb:4e:b0:2f:09:2a:15:5c:95:a6:4e: 01:3d:65:09:93:e0:ba:3a:91:15:df:66:17:52:2e:d8:d4:55: 34:67:2a:29:71:f6:49:8c:94:1d:ba:c5:63:b5:a5:c1:f9:72: b4:f0:77:95 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICFHkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yNTA4Mjkw MTEwMjNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEI5QjUwNzhFQjAwRDAz QzZBRDcxQURFQjk1QUQ0NUM1NzE3MkJEQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCttQ9dxtmi71lvM3UZ7ux2xeEIp17xkruurptWLQw9OAbzs1PQ axSmuaJfYi4zlOIVxoFvXRFW/THUyadiDPuFNtVmIuNbbibFawr+V7V/u/Me9IY6 kRDYS0CwD6D4LiNn8U6LAKoNoAb6/Uo4Ym0J8vxl31fYvu9cz+LUM6a2wUq1p/FM d6QpZ9EkgIXURXKGL7pJPY8D8m4ek90lYGf6O2SmJmgQBhUXar2O37QjMAUaPuSd 32xbsdCSt+6uE2fUsmSsO0KRHvdnxt0eOrT0N/zFx4keNyQtNmfYS8Y9JhVxPZs6 mTkLUSig40ywB8uwZyGV3l4ZAwbJ/EYWJ2gjAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUubUHjrANA8atca3rla1FxXFyva0wHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7 wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS91YlVIanJBTkE4YXRjYTNy bGExRnhYRnl2YTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcA JAR2AAEBMA0GCSqGSIb3DQEBCwUAA4IBAQCaAtTRF31Ai24ktpPhOy+TS8gXH5Ds MixIehgW0rQOYzuq+hyQo7IX/kQArBwI+QDVH7ty2frsUG7lS9JeMlT4Gl6g2Kez YccugCoI+3oqefj3yObo935Rt3ojVHb881rTSCZJEQxiSOzYQ82PVK2Tjm4UsIVs cuju65t5P4WGvvLDddf18ZJWNdMzl86Pst+lJWVtq68EUfx0NlmKYlJD/DGwVSjQ oua8VLhPtELSIV0bGxuCQpKgHFTtiyDx74K631ix81PfFxxhwftku06wLwkqFVyV pk4BPWUJk+C6OpEV32YXUi7Y1FU0ZyopcfZJjJQdusVjtaXB+XK08HeV -----END CERTIFICATE-----Generated at Mon Sep 8 09:10:22 2025 by rpki-client