$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/YDbw95rK3pvrUaB1x36hsJsbZq0.roa File: YDbw95rK3pvrUaB1x36hsJsbZq0.roa (raw, json) Hash identifier: QSECOGwFV6vnZXMom/Y2j4FSy4S5rL68ONpDtpdUoPE= Subject key identifier: 60:36:F0:F7:9A:CA:DE:9B:EB:51:A0:75:C7:7E:A1:B0:9B:1B:66:AD Certificate issuer: /CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Certificate serial: 20B5 Authority key identifier: 88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/YDbw95rK3pvrUaB1x36hsJsbZq0.roa Signing time: Sat 13 Sep 2025 03:05:51 +0000 ROA not before: Sat 13 Sep 2025 03:05:51 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4515 IP address blocks: 123.49.237.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8373 (0x20b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Validity Not Before: Sep 13 03:05:51 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=6036F0F79ACADE9BEB51A075C77EA1B09B1B66AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:bc:53:79:21:64:45:23:c4:53:dc:ac:9f:05: 64:bb:d0:80:56:63:68:56:ff:7b:b6:7d:c8:c9:3c: 85:a3:ba:3a:73:cc:e7:18:7e:87:16:b8:81:9a:2c: 89:f1:92:40:dd:8b:0b:9d:79:39:d9:6a:73:0e:ae: fd:68:40:3b:45:60:16:04:1c:c9:ff:92:d7:48:91: 93:82:38:14:e1:e8:54:8a:53:6a:0a:a6:0f:84:57: e0:6b:15:aa:bb:d4:75:10:26:6e:25:c0:bb:12:a5: bc:6e:dc:f0:8c:ea:4f:6c:f3:ba:17:b2:05:bf:cf: 31:b7:b9:97:34:ea:8e:4a:77:a8:d3:71:c8:2b:06: 90:92:9f:de:8c:4a:11:22:c9:d7:20:e6:f0:bb:c8: 36:4b:8a:73:92:d9:5f:8b:22:91:dd:8c:b3:d3:9f: f1:27:bc:38:f2:0d:dd:ac:46:5c:dd:7b:7d:41:12: 7b:2e:06:d9:de:c6:d9:52:4c:e8:7c:df:c9:22:b1: 31:fc:7d:af:b0:76:8c:3e:53:34:1c:e6:26:66:97: 2b:b1:c8:77:6e:bf:52:5b:3c:49:61:6a:b0:17:fc: 00:c7:e7:c1:a0:91:26:22:be:d7:2b:f4:fc:9f:96: 25:ef:62:55:c9:e1:c0:35:03:5e:3b:17:75:44:2a: 12:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:36:F0:F7:9A:CA:DE:9B:EB:51:A0:75:C7:7E:A1:B0:9B:1B:66:AD X509v3 Authority Key Identifier: keyid:88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/YDbw95rK3pvrUaB1x36hsJsbZq0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.49.237.0/24 Signature Algorithm: sha256WithRSAEncryption 44:2d:2d:ae:a8:b7:e5:a9:3f:fd:3b:ce:13:1d:35:9c:72:e0: c5:27:ad:8e:18:ae:1d:fe:03:aa:05:c7:29:07:a3:0d:1e:90: 25:17:3f:8d:72:38:7c:6c:09:82:07:81:92:bd:44:0c:ff:52: 71:68:80:93:c1:06:30:47:14:f2:42:b7:9e:bd:9d:77:37:18: 85:4e:aa:13:38:c0:99:a5:e4:0f:c8:85:72:5a:f5:bd:e8:c7: 14:02:6a:be:8c:0b:ca:ca:ae:03:4a:a6:8f:1b:d3:cc:46:ce: 12:2b:8d:73:5d:f6:c7:7d:6b:e1:72:2c:da:2b:cc:85:03:a5: 22:06:d5:f4:e9:98:c4:d0:81:f7:0b:19:ef:65:45:39:18:82: ab:83:5d:0b:0b:22:98:ea:66:4d:d6:e0:be:f2:0f:02:a6:92: b5:c2:f5:b5:74:ad:f7:5a:00:b3:bc:e6:2d:10:6c:2f:98:d5: 38:78:95:3d:94:99:72:e6:d0:cf:a0:26:76:b6:8c:f0:b4:33: 53:6d:fa:44:6c:f8:fa:9f:a4:2b:7c:72:f9:2c:f2:3f:4c:32: d6:b4:1e:97:32:73:85:97:8b:a6:4c:70:2d:38:c3:21:af:89: c4:97:7c:05:da:86:c1:77:29:e1:70:eb:73:4d:78:51:2c:2b: 58:95:11:3f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICILUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg4 ODRENEQ0QTc1RjE3RjA4REQ0NENCQTk1OTJGRTcwRjUzOUQ5NzAeFw0yNTA5MTMw MzA1NTFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDYwMzZGMEY3OUFDQURF OUJFQjUxQTA3NUM3N0VBMUIwOUIxQjY2QUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWvFN5IWRFI8RT3KyfBWS70IBWY2hW/3u2fcjJPIWjujpzzOcY focWuIGaLInxkkDdiwudeTnZanMOrv1oQDtFYBYEHMn/ktdIkZOCOBTh6FSKU2oK pg+EV+BrFaq71HUQJm4lwLsSpbxu3PCM6k9s87oXsgW/zzG3uZc06o5Kd6jTccgr BpCSn96MShEiydcg5vC7yDZLinOS2V+LIpHdjLPTn/EnvDjyDd2sRlzde31BEnsu BtnextlSTOh838kisTH8fa+wdow+UzQc5iZmlyuxyHduv1JbPElharAX/ADH58Gg kSYivtcr9PyfliXvYlXJ4cA1A147F3VEKhLdAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUYDbw95rK3pvrUaB1x36hsJsbZq0wHwYDVR0jBBgwFoAUiIhNTUp18X8I3UTL qVkv5w9TnZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy Mi9pSWhOVFVwMThYOEkzVVRMcVZrdjV3OVRuWmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2lJaE5UVXAxOFg4STNVVExxVmt2NXc5VG5aYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIvWURidzk1ckszcHZy VWFCMXgzNmhzSnNiWnEwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHsx7TANBgkqhkiG9w0BAQsFAAOCAQEARC0trqi35ak//TvOEx01nHLgxSet jhiuHf4DqgXHKQejDR6QJRc/jXI4fGwJggeBkr1EDP9ScWiAk8EGMEcU8kK3nr2d dzcYhU6qEzjAmaXkD8iFclr1vejHFAJqvowLysquA0qmjxvTzEbOEiuNc132x31r 4XIs2ivMhQOlIgbV9OmYxNCB9wsZ72VFORiCq4NdCwsimOpmTdbgvvIPAqaStcL1 tXSt91oAs7zmLRBsL5jVOHiVPZSZcubQz6AmdraM8LQzU236RGz4+p+kK3xy+Szy P0wy1rQelzJzhZeLpkxwLTjDIa+JxJd8BdqGwXcp4XDrc014USwrWJURPw== -----END CERTIFICATE-----Generated at Mon Oct 20 19:50:46 2025 by rpki-client