$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1534/8kbYJ0MYplHjvcxpLNbtD5QAxYY.roa File: 8kbYJ0MYplHjvcxpLNbtD5QAxYY.roa (raw, json) Hash identifier: YagFCG/p1fJkzXoVYddbn8W0TXdiNTtZupHoYBa2osc= Subject key identifier: F2:46:D8:27:43:18:A6:51:E3:BD:CC:69:2C:D6:ED:0F:94:00:C5:86 Certificate issuer: /CN=0CA4F183C659ED57FB46D59AD5483D6FE9B34F4E Certificate serial: 265A Authority key identifier: 0C:A4:F1:83:C6:59:ED:57:FB:46:D5:9A:D5:48:3D:6F:E9:B3:4F:4E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/8kbYJ0MYplHjvcxpLNbtD5QAxYY.roa Signing time: Sat 13 Sep 2025 03:06:11 +0000 ROA not before: Sat 13 Sep 2025 03:06:11 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59067 IP address blocks: 202.89.232.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 08:36:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9818 (0x265a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0CA4F183C659ED57FB46D59AD5483D6FE9B34F4E Validity Not Before: Sep 13 03:06:11 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=F246D8274318A651E3BDCC692CD6ED0F9400C586 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:d8:67:b3:e6:a7:36:89:6b:9e:17:2d:f3:e8: 12:96:ed:29:c3:a5:43:ca:2f:f1:89:03:43:8a:75: ea:9b:ae:3e:88:96:cf:69:50:9c:c6:34:a6:e2:54: dd:38:d8:85:87:90:0d:2f:46:b7:59:85:56:02:4e: 36:76:79:cb:da:02:84:51:81:a1:34:2e:0c:98:de: c9:04:7f:38:21:f2:a2:91:92:37:6b:76:13:51:e6: 42:a8:57:4e:0d:3d:4a:74:a2:9f:09:cd:d8:78:24: 66:26:a0:25:23:b5:e8:39:5d:94:6f:e3:61:87:0a: 9d:5d:18:57:08:5d:00:aa:c2:3a:e6:67:19:98:7b: cd:7d:f5:5e:57:5b:27:0e:26:9d:68:7c:f5:e8:9e: 66:f6:d1:78:b4:ed:d6:69:2b:ec:26:83:48:e5:23: 77:8c:3c:08:da:6d:81:e3:d2:b8:f4:f5:59:e8:e0: 99:67:43:cb:92:eb:fe:6a:3e:6d:fe:3e:b8:5e:be: dd:44:5c:04:9c:6b:29:66:94:11:ce:6e:d6:b1:07: 0b:bd:5d:a1:fe:3f:e4:3c:66:33:0a:89:5d:71:0b: 37:a6:2c:68:5c:42:b4:20:c7:cc:b3:53:f0:98:0d: ec:4c:d6:d4:3e:44:70:36:a3:e6:8a:54:f8:6b:00: d5:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:46:D8:27:43:18:A6:51:E3:BD:CC:69:2C:D6:ED:0F:94:00:C5:86 X509v3 Authority Key Identifier: keyid:0C:A4:F1:83:C6:59:ED:57:FB:46:D5:9A:D5:48:3D:6F:E9:B3:4F:4E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/8kbYJ0MYplHjvcxpLNbtD5QAxYY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.89.232.0/21 Signature Algorithm: sha256WithRSAEncryption 0c:80:85:28:00:67:32:e7:ad:00:0b:2a:11:1b:4a:20:b7:6f: e7:d7:da:ee:ec:c7:73:a7:5d:d7:92:33:c3:f1:c6:a0:35:35: be:f6:07:39:93:5d:09:8e:ba:24:47:fd:2e:b3:02:51:66:ea: fe:37:77:13:02:8e:d5:48:b6:2e:67:a0:2b:38:7c:24:d5:8d: 2d:41:8e:80:cc:22:b3:43:55:9b:61:f2:2b:ed:09:a6:41:3f: 95:1f:71:ea:2b:fd:0e:36:0f:5f:6b:7b:36:f8:1a:3e:2e:d1: 72:ac:f9:05:7a:b5:8d:73:0b:0d:97:5e:6d:e1:d3:50:b6:c8: 34:59:39:90:d0:b7:24:49:a3:3c:c9:2d:b6:3d:a4:82:da:24: dc:74:f6:75:1e:2e:fd:a8:a9:fd:d8:73:c6:f1:a5:69:61:80: a4:94:31:9c:e2:40:b2:c0:21:3f:50:56:0f:6c:be:0d:a3:ff: c5:ea:bb:3f:9a:92:a3:de:7f:c1:36:d6:84:f6:a1:c8:d6:b8: e0:39:0d:88:1e:b9:7b:e3:d4:81:70:7c:fd:44:f7:82:0f:fd: 3d:4b:d8:a3:0c:e0:34:84:da:f7:5a:6a:06:15:0a:cb:14:34: b9:7a:5d:9b:89:9b:ae:ff:bc:56:17:6f:2e:83:c5:35:ae:2d: e2:dc:45:00 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICJlowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMENB NEYxODNDNjU5RUQ1N0ZCNDZENTlBRDU0ODNENkZFOUIzNEY0RTAeFw0yNTA5MTMw MzA2MTFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEYyNDZEODI3NDMxOEE2 NTFFM0JEQ0M2OTJDRDZFRDBGOTQwMEM1ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDW2Gez5qc2iWueFy3z6BKW7SnDpUPKL/GJA0OKdeqbrj6Ils9p UJzGNKbiVN042IWHkA0vRrdZhVYCTjZ2ecvaAoRRgaE0LgyY3skEfzgh8qKRkjdr dhNR5kKoV04NPUp0op8Jzdh4JGYmoCUjteg5XZRv42GHCp1dGFcIXQCqwjrmZxmY e8199V5XWycOJp1ofPXonmb20Xi07dZpK+wmg0jlI3eMPAjabYHj0rj09Vno4Jln Q8uS6/5qPm3+Prhevt1EXAScaylmlBHObtaxBwu9XaH+P+Q8ZjMKiV1xCzemLGhc QrQgx8yzU/CYDexM1tQ+RHA2o+aKVPhrANWNAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU8kbYJ0MYplHjvcxpLNbtD5QAxYYwHwYDVR0jBBgwFoAUDKTxg8ZZ7Vf7RtWa 1Ug9b+mzT04wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTUz NC9ES1R4ZzhaWjdWZjdSdFdhMVVnOWItbXpUMDQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0RLVHhnOFpaN1ZmN1J0V2ExVWc5Yi1telQwNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1MzQvOGtiWUowTVlwbEhq dmN4cExOYnRENVFBeFlZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA8pZ6DANBgkqhkiG9w0BAQsFAAOCAQEADICFKABnMuetAAsqERtKILdv59fa 7uzHc6dd15Izw/HGoDU1vvYHOZNdCY66JEf9LrMCUWbq/jd3EwKO1Ui2LmegKzh8 JNWNLUGOgMwis0NVm2HyK+0JpkE/lR9x6iv9DjYPX2t7NvgaPi7Rcqz5BXq1jXML DZdebeHTULbINFk5kNC3JEmjPMkttj2kgtok3HT2dR4u/aip/dhzxvGlaWGApJQx nOJAssAhP1BWD2y+DaP/xeq7P5qSo95/wTbWhPahyNa44DkNiB65e+PUgXB8/UT3 gg/9PUvYowzgNITa91pqBhUKyxQ0uXpdm4mbrv+8VhdvLoPFNa4t4txFAA== -----END CERTIFICATE-----Generated at Tue Oct 21 05:27:41 2025 by rpki-client