$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/ZtEW3mf0tOr51N-v73EgOdQmFa8.roa File: ZtEW3mf0tOr51N-v73EgOdQmFa8.roa (raw, json) Hash identifier: fujKtms1hTOgx9YDmwyQ56yd/9XZ45UpEKME+vZ6F8s= Subject key identifier: 66:D1:16:DE:67:F4:B4:EA:F9:D4:DF:AF:EF:71:20:39:D4:26:15:AF Certificate issuer: /CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Certificate serial: 2097 Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/ZtEW3mf0tOr51N-v73EgOdQmFa8.roa Signing time: Sat 13 Sep 2025 03:10:30 +0000 ROA not before: Sat 13 Sep 2025 03:10:30 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4837 IP address blocks: 118.184.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8343 (0x2097) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Validity Not Before: Sep 13 03:10:30 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=66D116DE67F4B4EAF9D4DFAFEF712039D42615AF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:b8:d4:bf:c0:95:f4:6a:d1:97:2f:1c:56:4b: e1:48:d4:ea:03:67:7f:aa:89:cf:89:91:d5:af:d5: ad:e3:09:93:e9:c8:db:20:46:bb:f7:c2:f5:0b:34: 61:96:84:cf:7c:51:50:97:20:c6:b1:92:d5:75:34: 62:aa:18:1c:85:8b:70:cf:20:18:ee:c9:08:c8:5d: cc:66:71:ad:1b:a5:99:e6:4b:a1:5f:70:d0:d6:7c: 1a:32:b9:cf:1c:c1:46:01:0a:64:38:45:ee:85:b1: fb:bd:a2:3e:f4:b1:13:a1:30:87:2f:98:f2:1e:86: 87:ab:b9:46:e0:ad:b3:b4:73:06:77:79:da:98:28: ca:7b:1d:e2:44:dd:ac:80:f9:10:ab:2d:72:4a:9e: bb:60:b7:ef:5c:fe:67:df:1e:83:f1:52:94:b8:38: aa:76:ce:a2:10:2b:bc:61:8f:d5:5f:75:93:19:51: 8f:5a:ca:62:f5:3c:27:1f:82:2d:5d:9d:b5:80:2b: 31:39:68:24:b9:08:bd:15:7e:85:f6:dd:fe:db:30: a2:f6:aa:61:34:5c:dc:c2:ea:3a:f1:70:4c:cd:d0: 37:1c:01:01:d5:f2:e3:31:1a:a9:41:17:da:b5:f8: 1f:84:3d:ec:38:f9:31:ff:1b:f8:ff:99:14:9d:cf: c3:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:D1:16:DE:67:F4:B4:EA:F9:D4:DF:AF:EF:71:20:39:D4:26:15:AF X509v3 Authority Key Identifier: keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/ZtEW3mf0tOr51N-v73EgOdQmFa8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.184.128.0/17 Signature Algorithm: sha256WithRSAEncryption 73:c2:02:77:a8:3c:a8:c8:f6:0b:b0:14:d1:8f:a0:25:75:59: 44:9d:ea:16:f6:e1:80:f6:d5:98:2c:25:61:45:14:a0:3d:b7: 95:8c:06:d2:21:0b:82:09:c5:4f:b9:64:30:0f:18:1a:5b:fe: 52:55:3b:87:1a:20:f7:d5:52:bf:0d:ea:49:42:6b:3c:72:03: d3:6c:5c:95:6e:bd:59:a4:ec:5b:bc:47:14:9e:3c:ef:33:a5: c9:18:52:10:d1:c0:b6:73:ed:e9:46:fe:11:ab:85:09:f8:5c: 77:46:70:7d:5a:73:e2:52:6c:4a:f7:99:b3:fb:53:8a:92:7e: 89:66:0a:4e:05:8e:c5:45:cb:3f:c4:d0:a3:2e:ea:a2:e1:c8: 8f:58:c1:fd:c8:28:30:ea:78:42:3f:25:2c:fc:6e:37:bc:20: 4c:a3:28:13:b7:07:ef:e3:2e:74:57:3a:50:5c:ae:5f:c1:21: 67:64:81:3c:15:da:b6:76:d2:5b:62:10:94:ff:5e:88:1d:ab: 1e:fa:2c:b8:e2:1e:93:8b:2d:5d:e0:ce:d6:33:ca:08:97:01: a0:b7:56:47:60:ea:43:a8:06:e5:9a:c4:44:fd:14:1a:0e:b8: 55:dc:90:07:4b:08:ee:dc:9e:36:af:35:03:ed:51:31:38:7c: bf:79:32:a4 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIJcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNTA5MTMw MzEwMzBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDY2RDExNkRFNjdGNEI0 RUFGOUQ0REZBRkVGNzEyMDM5RDQyNjE1QUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCmuNS/wJX0atGXLxxWS+FI1OoDZ3+qic+JkdWv1a3jCZPpyNsg Rrv3wvULNGGWhM98UVCXIMaxktV1NGKqGByFi3DPIBjuyQjIXcxmca0bpZnmS6Ff cNDWfBoyuc8cwUYBCmQ4Re6Fsfu9oj70sROhMIcvmPIehoeruUbgrbO0cwZ3edqY KMp7HeJE3ayA+RCrLXJKnrtgt+9c/mffHoPxUpS4OKp2zqIQK7xhj9VfdZMZUY9a ymL1PCcfgi1dnbWAKzE5aCS5CL0VfoX23f7bMKL2qmE0XNzC6jrxcEzN0DccAQHV 8uMxGqlBF9q1+B+EPew4+TH/G/j/mRSdz8NzAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUZtEW3mf0tOr51N+v73EgOdQmFa8wHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ +wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvWnRFVzNtZjB0T3I1 MU4tdjczRWdPZFFtRmE4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEB3a4gDANBgkqhkiG9w0BAQsFAAOCAQEAc8ICd6g8qMj2C7AU0Y+gJXVZRJ3q FvbhgPbVmCwlYUUUoD23lYwG0iELggnFT7lkMA8YGlv+UlU7hxog99VSvw3qSUJr PHID02xclW69WaTsW7xHFJ487zOlyRhSENHAtnPt6Ub+EauFCfhcd0ZwfVpz4lJs SveZs/tTipJ+iWYKTgWOxUXLP8TQoy7qouHIj1jB/cgoMOp4Qj8lLPxuN7wgTKMo E7cH7+MudFc6UFyuX8EhZ2SBPBXatnbSW2IQlP9eiB2rHvosuOIek4stXeDO1jPK CJcBoLdWR2DqQ6gG5ZrERP0UGg64VdyQB0sI7tyeNq81A+1RMTh8v3kypA== -----END CERTIFICATE-----Generated at Mon Oct 20 12:10:18 2025 by rpki-client