$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/8sUWUjiDf-pHgVIHi23c0GwBEao.roa File: 8sUWUjiDf-pHgVIHi23c0GwBEao.roa (raw, json) Hash identifier: EtmvJWeJG+2gwh89TeVRkyzBc/8jRGEnXwr/mVM7HBE= Subject key identifier: F2:C5:16:52:38:83:7F:EA:47:81:52:07:8B:6D:DC:D0:6C:01:11:AA Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2168 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/8sUWUjiDf-pHgVIHi23c0GwBEao.roa Signing time: Fri 29 Aug 2025 09:05:20 +0000 ROA not before: Fri 29 Aug 2025 09:05:20 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59077 IP address blocks: 2401:3480:2000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 11:06:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8552 (0x2168) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=F2C5165238837FEA478152078B6DDCD06C0111AA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:a8:ff:07:a8:9a:ed:b0:2e:66:71:9b:8a:9b: 9d:cf:9e:4e:b3:3a:97:ae:1d:0f:df:4e:18:ed:8b: 6b:59:1d:29:7d:86:96:b2:17:96:a2:49:96:5e:97: 79:9a:98:00:4b:da:b8:e2:72:2e:23:e4:98:90:04: cc:dd:00:f8:dd:8d:c2:df:f2:f9:9f:57:66:52:4a: 19:cb:5b:31:16:a9:12:0a:a2:25:2f:24:5e:e2:1a: c6:0b:06:44:26:56:3f:c8:9c:ad:0b:c4:a4:50:32: 64:8a:65:be:9f:5d:97:70:9f:ba:ff:4d:7d:ee:73: 64:dd:e5:39:ea:7e:7d:46:52:86:65:c1:d7:de:73: 0e:ef:bb:56:54:9c:77:75:33:7a:1b:5f:68:85:48: 4c:38:4a:9b:71:2d:38:85:24:53:b5:8f:40:f4:d5: 81:09:a8:da:d0:ec:23:f1:2b:a4:b3:23:18:92:36: 76:77:3b:84:5b:fe:2d:5d:4a:b7:e3:53:65:4f:dc: 80:21:04:85:ab:67:5e:8a:b4:e5:fb:72:de:e3:8f: 44:b3:3f:6c:b1:13:95:af:cf:03:8c:fc:d1:16:19: dd:01:62:bc:cd:99:12:a6:55:be:23:c5:48:b9:cd: 19:52:67:dc:4f:cf:9b:b3:e6:5d:a5:f3:dd:47:f2: fe:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:C5:16:52:38:83:7F:EA:47:81:52:07:8B:6D:DC:D0:6C:01:11:AA X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/8sUWUjiDf-pHgVIHi23c0GwBEao.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:3480:2000::/36 Signature Algorithm: sha256WithRSAEncryption 74:6b:f8:b1:c6:52:87:30:40:36:12:c3:a9:55:69:26:64:00: f3:fb:d5:99:30:97:17:b8:12:ff:c6:bf:9d:0e:4d:ef:79:10: 47:4c:d0:03:6f:70:2f:7a:5c:5f:85:bc:fd:4e:fd:ab:ff:9e: d3:c3:ec:e0:9b:65:13:76:e2:8d:2e:de:43:eb:70:57:4b:02: 32:de:6d:e1:42:3b:65:82:11:19:c4:0a:79:25:b4:4d:5f:1b: 84:d9:6f:8a:4f:62:2d:83:c1:c1:a0:4d:4d:de:b4:4a:cc:d8: 5b:f3:1d:0b:d7:0b:6a:81:90:8e:e9:1d:c4:57:2b:9d:0d:98: 4a:f6:c3:13:dd:2d:b6:46:9e:d6:06:2e:bc:de:bf:93:d5:2e: 4b:24:53:e7:97:7d:e8:b9:17:25:05:dd:86:be:2e:9d:e9:a6: e7:e8:f6:36:44:59:31:4b:a8:a0:13:cc:78:f5:1b:dd:2f:6a: 89:d3:8f:cd:e8:6d:1b:c6:4c:21:ce:9c:af:f9:3a:80:3e:fd: bc:e1:0d:37:42:39:af:fa:27:02:b1:90:04:4a:51:82:63:b1: 69:7f:32:93:3e:91:3e:3b:65:a8:f2:c7:44:f1:a8:fd:e7:04: a9:60:45:f9:62:12:86:c5:ae:4e:7e:cb:59:a6:68:33:75:c2: 42:78:4f:05 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIWgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEYyQzUxNjUyMzg4MzdG RUE0NzgxNTIwNzhCNkREQ0QwNkMwMTExQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFqP8HqJrtsC5mcZuKm53Pnk6zOpeuHQ/fThjti2tZHSl9hpay F5aiSZZel3mamABL2rjici4j5JiQBMzdAPjdjcLf8vmfV2ZSShnLWzEWqRIKoiUv JF7iGsYLBkQmVj/InK0LxKRQMmSKZb6fXZdwn7r/TX3uc2Td5Tnqfn1GUoZlwdfe cw7vu1ZUnHd1M3obX2iFSEw4SptxLTiFJFO1j0D01YEJqNrQ7CPxK6SzIxiSNnZ3 O4Rb/i1dSrfjU2VP3IAhBIWrZ16KtOX7ct7jj0SzP2yxE5WvzwOM/NEWGd0BYrzN mRKmVb4jxUi5zRlSZ9xPz5uz5l2l891H8v6ZAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU8sUWUjiDf+pHgVIHi23c0GwBEaowHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3LzhzVVdVamlEZi1wSGdW SUhpMjNjMEd3QkVhby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgD BgQkATSAIDANBgkqhkiG9w0BAQsFAAOCAQEAdGv4scZShzBANhLDqVVpJmQA8/vV mTCXF7gS/8a/nQ5N73kQR0zQA29wL3pcX4W8/U79q/+e08Ps4JtlE3bijS7eQ+tw V0sCMt5t4UI7ZYIRGcQKeSW0TV8bhNlvik9iLYPBwaBNTd60SszYW/MdC9cLaoGQ jukdxFcrnQ2YSvbDE90ttkae1gYuvN6/k9UuSyRT55d96LkXJQXdhr4unemm5+j2 NkRZMUuooBPMePUb3S9qidOPzehtG8ZMIc6cr/k6gD79vOENN0I5r/onArGQBEpR gmOxaX8ykz6RPjtlqPLHRPGo/ecEqWBF+WIShsWuTn7LWaZoM3XCQnhPBQ== -----END CERTIFICATE-----Generated at Tue Sep 9 10:42:28 2025 by rpki-client