$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/bGKERT2i7Kg7erENgDhlZoQVV4U.roa File: bGKERT2i7Kg7erENgDhlZoQVV4U.roa (raw, json) Hash identifier: w1VPC2jQipuGeYvKEgjTTSU/2tR9i/LYPMYPOPh+jSM= Subject key identifier: 6C:62:84:45:3D:A2:EC:A8:3B:7A:B1:0D:80:38:65:66:84:15:57:85 Certificate issuer: /CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Certificate serial: 2095 Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/bGKERT2i7Kg7erENgDhlZoQVV4U.roa Signing time: Sat 13 Sep 2025 03:10:29 +0000 ROA not before: Sat 13 Sep 2025 03:10:29 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23650 IP address blocks: 118.184.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 04:09:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8341 (0x2095) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Validity Not Before: Sep 13 03:10:29 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=6C6284453DA2ECA83B7AB10D8038656684155785 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:2e:22:ce:55:d2:c4:58:4a:a1:e2:51:d2:de: 98:a4:7e:ef:e9:1c:0a:93:1f:d8:d4:d6:4a:61:8e: 8d:3e:82:b3:4b:51:51:d9:9e:aa:0c:26:c1:01:f6: dc:d2:9c:27:57:31:02:9a:68:80:cf:50:12:5b:24: 5a:96:d2:d9:de:98:f7:58:ec:b6:a9:d2:b1:37:aa: 01:45:d1:15:95:ef:5b:9c:d1:84:fb:aa:df:03:a5: ad:9a:2e:e2:22:dc:2e:e9:38:8b:2d:8d:8e:7d:d6: 3d:89:e7:fe:29:28:8e:64:82:5c:85:f5:d3:00:9b: 80:6f:3b:6d:b7:3e:e0:1f:10:82:b4:e2:88:e4:65: a1:46:fc:18:7a:84:29:40:57:d0:94:7f:5f:8b:a8: 5b:a4:51:f5:22:01:f1:7b:3a:d7:e7:c4:3d:38:bb: 75:bf:29:34:e6:8f:3d:22:05:40:c1:25:3b:b8:44: 55:7d:48:38:8f:07:ad:3d:ad:27:0d:cf:50:db:d8: a2:10:f1:3c:24:7d:a1:04:9b:69:16:56:90:cd:0d: d6:22:c2:a4:0a:7e:7b:0a:c5:0c:73:6f:64:bb:09: 46:10:3f:b0:df:2e:c9:d6:46:4f:11:62:a2:8d:da: b7:1e:f2:04:07:7c:33:3d:87:e8:4b:25:3f:fd:cf: 86:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:62:84:45:3D:A2:EC:A8:3B:7A:B1:0D:80:38:65:66:84:15:57:85 X509v3 Authority Key Identifier: keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/bGKERT2i7Kg7erENgDhlZoQVV4U.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.184.128.0/17 Signature Algorithm: sha256WithRSAEncryption 9f:e4:ac:2a:8c:4b:39:60:a0:81:31:33:ad:2b:b5:38:45:ef: f0:71:35:f5:f3:13:fd:31:cb:fa:69:f7:ce:5a:e4:fa:2e:7b: eb:b3:4b:de:56:db:11:41:90:d5:f0:cf:e1:d3:d3:37:7d:b3: 21:56:d1:fa:f9:c6:5d:50:3a:46:65:85:3c:fd:b5:da:f5:fa: 6e:ed:e3:07:cf:bf:c0:3e:10:fb:4f:43:56:9a:13:bc:04:57: 8d:89:3b:d1:67:da:e1:05:85:0f:93:07:72:c2:06:3d:6f:7b: 25:e5:35:01:cc:88:3c:33:74:8b:c6:66:4f:c6:e5:67:d9:21: 56:57:1b:10:d2:49:f1:4b:33:48:94:31:0a:62:d8:b7:9d:21: 43:97:4e:9e:5a:71:80:e9:54:c8:89:90:3f:4a:22:1c:77:8f: e2:be:f2:b8:bc:1a:2d:c3:05:9e:58:ba:3f:e0:0c:98:a3:19: 79:29:07:51:e5:50:c1:44:fb:21:ad:30:89:7a:af:6b:dc:60: 74:79:f9:6c:a6:11:2e:df:41:0d:33:9b:b4:cd:22:43:3b:c9: 5e:cd:6f:fa:5d:88:62:5c:5d:b2:14:6a:4a:64:68:9d:78:20: 42:81:dc:ea:7b:1f:75:17:c0:22:8a:40:40:0c:39:90:93:e3: 31:01:2c:c2 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIJUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNTA5MTMw MzEwMjlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDZDNjI4NDQ1M0RBMkVD QTgzQjdBQjEwRDgwMzg2NTY2ODQxNTU3ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTLiLOVdLEWEqh4lHS3pikfu/pHAqTH9jU1kphjo0+grNLUVHZ nqoMJsEB9tzSnCdXMQKaaIDPUBJbJFqW0tnemPdY7Lap0rE3qgFF0RWV71uc0YT7 qt8Dpa2aLuIi3C7pOIstjY591j2J5/4pKI5kglyF9dMAm4BvO223PuAfEIK04ojk ZaFG/Bh6hClAV9CUf1+LqFukUfUiAfF7OtfnxD04u3W/KTTmjz0iBUDBJTu4RFV9 SDiPB609rScNz1Db2KIQ8TwkfaEEm2kWVpDNDdYiwqQKfnsKxQxzb2S7CUYQP7Df LsnWRk8RYqKN2rce8gQHfDM9h+hLJT/9z4ahAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUbGKERT2i7Kg7erENgDhlZoQVV4UwHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ +wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvYkdLRVJUMmk3S2c3 ZXJFTmdEaGxab1FWVjRVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEB3a4gDANBgkqhkiG9w0BAQsFAAOCAQEAn+SsKoxLOWCggTEzrSu1OEXv8HE1 9fMT/THL+mn3zlrk+i5767NL3lbbEUGQ1fDP4dPTN32zIVbR+vnGXVA6RmWFPP21 2vX6bu3jB8+/wD4Q+09DVpoTvARXjYk70Wfa4QWFD5MHcsIGPW97JeU1AcyIPDN0 i8ZmT8blZ9khVlcbENJJ8UszSJQxCmLYt50hQ5dOnlpxgOlUyImQP0oiHHeP4r7y uLwaLcMFnli6P+AMmKMZeSkHUeVQwUT7Ia0wiXqva9xgdHn5bKYRLt9BDTObtM0i QzvJXs1v+l2IYlxdshRqSmRonXggQoHc6nsfdRfAIopAQAw5kJPjMQEswg== -----END CERTIFICATE-----Generated at Tue Oct 21 02:19:17 2025 by rpki-client