$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/PZulO6TyppqWWuGzO34PYYz5Uo0.roa File: PZulO6TyppqWWuGzO34PYYz5Uo0.roa (raw, json) Hash identifier: yxbl0kEI9vox9RiEQxUPGxMV7cLiY2SO7AtRn6kT6eA= Subject key identifier: 3D:9B:A5:3B:A4:F2:A6:9A:96:5A:E1:B3:3B:7E:0F:61:8C:F9:52:8D Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 5CFA Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/PZulO6TyppqWWuGzO34PYYz5Uo0.roa Signing time: Sat 13 Sep 2025 03:06:29 +0000 ROA not before: Sat 13 Sep 2025 03:06:29 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 134762 IP address blocks: 43.226.144.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23802 (0x5cfa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Sep 13 03:06:29 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3D9BA53BA4F2A69A965AE1B33B7E0F618CF9528D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:5f:3b:78:57:79:b7:10:52:20:ab:5d:c5:06: b3:df:29:5d:ac:75:c0:42:e6:e4:c8:ad:60:eb:dd: 36:95:b2:d2:ae:64:30:e6:03:8a:88:d9:18:35:9d: bc:ea:a3:38:f6:c9:28:7a:7e:b6:be:80:0b:46:23: a6:a8:03:6d:d8:19:99:7f:2b:c3:9b:fa:0b:a0:9e: ec:d0:ae:44:15:5a:6d:c2:3d:5f:a3:14:2a:e2:e8: b8:97:73:14:93:3e:3c:03:26:05:17:5f:0c:3d:63: 60:5f:38:60:af:5d:14:b3:80:a3:ac:ff:46:bb:ca: 68:1e:a4:39:e2:0d:6c:ff:b9:72:55:26:6b:77:a8: 28:6b:ed:e0:c2:ab:29:b8:b5:f3:f9:2c:6c:99:41: 4f:11:5c:28:3a:9e:6d:30:8f:c8:0f:35:d1:a1:4e: 12:ad:b9:b9:e4:0d:92:e2:ad:4e:5f:0b:32:4e:9e: e2:89:86:3f:e4:94:a3:ae:04:1d:3b:fc:8c:32:e6: ac:fa:82:4b:f0:7c:e4:79:04:47:e2:34:9b:bb:a3: d1:03:94:ff:b5:8a:b9:9e:2c:b1:1f:a3:a6:be:6f: 53:5c:91:99:ec:ac:79:9b:ca:01:fe:0a:ae:c6:16: 21:1b:b9:e4:f2:80:0e:df:01:86:e2:e5:35:66:f1: 11:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:9B:A5:3B:A4:F2:A6:9A:96:5A:E1:B3:3B:7E:0F:61:8C:F9:52:8D X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/PZulO6TyppqWWuGzO34PYYz5Uo0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.226.144.0/20 Signature Algorithm: sha256WithRSAEncryption 64:9f:04:71:9f:aa:c7:1f:65:42:2b:2f:94:d2:1c:f0:16:e5: 4e:c9:50:5e:c9:82:d9:20:61:66:55:49:f5:ff:97:7a:a1:5d: 9c:18:29:58:25:25:86:22:6d:a6:55:aa:ac:1a:4c:d2:7b:18: 7f:e0:5f:df:fb:2e:97:14:ba:a2:7d:3b:01:0c:f1:ad:f2:be: 07:46:9e:f9:4f:9c:8d:ea:1d:45:9b:ed:cc:33:b2:72:96:a6: 37:c7:ee:b9:a4:41:7e:d7:3f:74:7b:d7:7c:4f:0d:ea:f7:42: 62:af:20:57:a5:f7:8d:4c:26:ff:93:c1:5a:1f:7e:ab:1b:f4: 34:b8:d8:c1:76:a5:bc:ed:dd:40:62:f7:e8:15:e1:51:52:2b: cc:ba:df:78:33:b0:e9:b8:fa:53:40:00:c6:3b:bb:6b:93:6c: c2:53:80:b5:2e:a4:d4:cf:ff:01:17:88:e2:e7:3b:a4:db:11: a7:67:43:61:17:1a:73:6a:b7:4b:5f:65:dc:8e:5c:bb:de:31: 0f:3d:1d:8e:3f:94:02:b0:9b:18:12:3e:37:2b:d8:20:f0:02: 7c:e2:90:2e:84:ff:b7:d7:0e:49:f3:a1:ea:15:d2:50:12:af: b8:3d:cd:00:0b:d0:c0:b7:e7:86:83:4c:36:11:84:a8:6f:67: ad:5e:ac:d3 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICXPowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTA5MTMw MzA2MjlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDNEOUJBNTNCQTRGMkE2 OUE5NjVBRTFCMzNCN0UwRjYxOENGOTUyOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1Xzt4V3m3EFIgq13FBrPfKV2sdcBC5uTIrWDr3TaVstKuZDDm A4qI2Rg1nbzqozj2ySh6fra+gAtGI6aoA23YGZl/K8Ob+gugnuzQrkQVWm3CPV+j FCri6LiXcxSTPjwDJgUXXww9Y2BfOGCvXRSzgKOs/0a7ymgepDniDWz/uXJVJmt3 qChr7eDCqym4tfP5LGyZQU8RXCg6nm0wj8gPNdGhThKtubnkDZLirU5fCzJOnuKJ hj/klKOuBB07/Iwy5qz6gkvwfOR5BEfiNJu7o9EDlP+1irmeLLEfo6a+b1NckZns rHmbygH+Cq7GFiEbueTygA7fAYbi5TVm8REdAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUPZulO6TyppqWWuGzO34PYYz5Uo0wHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvUFp1bE82VHlwcHFX V3VHek8zNFBZWXo1VW8wLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBCvikDANBgkqhkiG9w0BAQsFAAOCAQEAZJ8EcZ+qxx9lQisvlNIc8BblTslQ XsmC2SBhZlVJ9f+XeqFdnBgpWCUlhiJtplWqrBpM0nsYf+Bf3/sulxS6on07AQzx rfK+B0ae+U+cjeodRZvtzDOycpamN8fuuaRBftc/dHvXfE8N6vdCYq8gV6X3jUwm /5PBWh9+qxv0NLjYwXalvO3dQGL36BXhUVIrzLrfeDOw6bj6U0AAxju7a5NswlOA tS6k1M//AReI4uc7pNsRp2dDYRcac2q3S19l3I5cu94xDz0djj+UArCbGBI+NyvY IPACfOKQLoT/t9cOSfOh6hXSUBKvuD3NAAvQwLfnhoNMNhGEqG9nrV6s0w== -----END CERTIFICATE-----Generated at Mon Oct 20 11:18:44 2025 by rpki-client