$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/R6ZpjxYgPN1yza3u3p0lqjkBWHg.roa File: R6ZpjxYgPN1yza3u3p0lqjkBWHg.roa (raw, json) Hash identifier: jzEz5QGI/iTlXC+F2VUu2df3+SuFitSA1AVTLJOz/pk= Subject key identifier: 47:A6:69:8F:16:20:3C:DD:72:CD:AD:EE:DE:9D:25:AA:39:01:58:78 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2177 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/R6ZpjxYgPN1yza3u3p0lqjkBWHg.roa Signing time: Fri 29 Aug 2025 09:05:23 +0000 ROA not before: Fri 29 Aug 2025 09:05:23 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59077 IP address blocks: 2401:3480::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 11:06:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8567 (0x2177) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:23 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=47A6698F16203CDD72CDADEEDE9D25AA39015878 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:4b:74:43:76:3f:59:51:55:4c:79:04:95:40: da:76:4e:70:ba:65:b6:9f:c8:55:49:0e:f2:58:b8: ba:c9:30:d8:67:c7:46:63:34:5b:81:bc:5e:3d:5f: af:ff:87:d4:f6:0e:f7:14:ab:9e:48:47:88:5e:4b: 75:7b:af:ef:1c:f7:7b:ac:bb:6b:ab:26:c2:fd:1e: 65:68:66:cc:39:8d:0a:9b:ad:08:53:94:8a:23:3c: 84:db:b4:58:13:b9:6d:b2:51:2b:3a:cf:e4:94:f5: eb:74:f5:b4:be:c0:cb:e0:1d:28:ac:4c:a7:1b:f4: 87:99:62:42:51:b7:70:f2:da:7d:ce:ad:e9:6f:07: 38:e3:02:9d:fa:8c:44:a2:ca:10:80:2a:df:a7:65: e6:3e:ed:72:a4:6e:3b:c2:74:7a:a2:5a:e0:17:78: 39:30:dd:9c:db:83:4f:50:7f:7b:3e:c8:f6:45:16: 96:6a:9f:43:6a:1d:f3:99:c5:2a:78:55:06:1b:a0: 28:d3:79:a8:00:da:ce:13:ae:ba:4d:2e:ef:44:d8: 69:28:ae:b8:c6:60:c8:b2:16:ad:50:e2:74:df:ac: 5a:1d:2e:16:95:83:d0:87:e6:45:03:21:09:f1:87: b5:0a:8a:1d:3b:df:33:97:33:fe:24:3e:8f:21:97: b3:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:A6:69:8F:16:20:3C:DD:72:CD:AD:EE:DE:9D:25:AA:39:01:58:78 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/R6ZpjxYgPN1yza3u3p0lqjkBWHg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:3480::/36 Signature Algorithm: sha256WithRSAEncryption 7c:35:ff:f4:b4:5a:b9:6c:38:f6:a1:d7:8c:18:1f:aa:bd:8c: f5:8a:73:f0:13:4a:83:bd:17:f5:67:d2:de:90:94:94:69:1b: 79:7f:b5:cb:ff:e2:63:ec:8b:74:9e:f3:08:b6:7f:57:c6:95: 2c:96:8a:8f:ac:0b:f5:37:5b:e3:ba:13:58:15:0e:8b:46:d6: 39:a5:b0:7a:f4:8b:31:ed:13:94:b8:9e:be:16:30:2c:ce:35: 93:fd:d1:fa:2a:82:ae:42:29:03:b9:77:c7:c3:1c:95:23:27: 1d:55:6e:74:0d:33:4a:fe:c1:dc:fb:0e:f9:9b:c1:b2:a4:50: bd:71:67:1c:cd:61:37:80:bd:d2:ef:32:31:ff:49:5e:31:f4: da:64:67:bd:7c:49:08:52:1b:19:42:e3:76:1b:99:8c:cf:36: ec:32:11:3e:60:7e:b1:36:65:f7:51:85:6c:9c:45:52:53:11: 05:37:13:24:db:17:ec:aa:54:15:80:3f:86:d7:4e:0c:65:0f: 5f:54:65:9f:a7:20:31:d2:be:c4:3e:f7:7a:7a:cd:52:54:bc: a3:60:11:7d:57:a5:67:c1:91:9e:3f:6c:53:aa:db:cd:7b:d2: 13:8d:58:ea:f9:7d:09:8a:fc:f0:4f:e6:17:b1:7a:cb:66:31: a5:e0:a4:1e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIXcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MjNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQ3QTY2OThGMTYyMDND REQ3MkNEQURFRURFOUQyNUFBMzkwMTU4NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDdS3RDdj9ZUVVMeQSVQNp2TnC6ZbafyFVJDvJYuLrJMNhnx0Zj NFuBvF49X6//h9T2DvcUq55IR4heS3V7r+8c93usu2urJsL9HmVoZsw5jQqbrQhT lIojPITbtFgTuW2yUSs6z+SU9et09bS+wMvgHSisTKcb9IeZYkJRt3Dy2n3Orelv BzjjAp36jESiyhCAKt+nZeY+7XKkbjvCdHqiWuAXeDkw3Zzbg09Qf3s+yPZFFpZq n0NqHfOZxSp4VQYboCjTeagA2s4TrrpNLu9E2GkorrjGYMiyFq1Q4nTfrFodLhaV g9CH5kUDIQnxh7UKih073zOXM/4kPo8hl7PlAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUR6ZpjxYgPN1yza3u3p0lqjkBWHgwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L1I2WnBqeFlnUE4xeXph M3UzcDBscWprQldIZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgD BgQkATSAADANBgkqhkiG9w0BAQsFAAOCAQEAfDX/9LRauWw49qHXjBgfqr2M9Ypz 8BNKg70X9WfS3pCUlGkbeX+1y//iY+yLdJ7zCLZ/V8aVLJaKj6wL9Tdb47oTWBUO i0bWOaWwevSLMe0TlLievhYwLM41k/3R+iqCrkIpA7l3x8MclSMnHVVudA0zSv7B 3PsO+ZvBsqRQvXFnHM1hN4C90u8yMf9JXjH02mRnvXxJCFIbGULjdhuZjM827DIR PmB+sTZl91GFbJxFUlMRBTcTJNsX7KpUFYA/htdODGUPX1Rln6cgMdK+xD73enrN UlS8o2ARfVelZ8GRnj9sU6rbzXvSE41Y6vl9CYr88E/mF7F6y2YxpeCkHg== -----END CERTIFICATE-----Generated at Tue Sep 9 10:44:19 2025 by rpki-client