$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/f_Vjrqe4d2JgUhcmGXzjlF0OOpI.roa File: f_Vjrqe4d2JgUhcmGXzjlF0OOpI.roa (raw, json) Hash identifier: 7t1s/FDaF+lAvSx83zMhNai1MQH5TkwUR13K3qHRDaw= Subject key identifier: 7F:F5:63:AE:A7:B8:77:62:60:52:17:26:19:7C:E3:94:5D:0E:3A:92 Certificate issuer: /CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Certificate serial: 209B Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/f_Vjrqe4d2JgUhcmGXzjlF0OOpI.roa Signing time: Sat 13 Sep 2025 03:10:31 +0000 ROA not before: Sat 13 Sep 2025 03:10:31 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 138950 IP address blocks: 118.184.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8347 (0x209b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Validity Not Before: Sep 13 03:10:31 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=7FF563AEA7B8776260521726197CE3945D0E3A92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:e0:39:35:e7:14:5f:6e:d0:69:46:d6:6c:c5: 02:0c:72:bf:2f:c1:e2:c2:99:5a:ee:c0:4f:02:d5: 5b:b8:c6:55:95:d1:00:15:b8:bb:2d:f7:7c:d0:58: 2c:45:52:b5:76:37:cf:7a:05:d1:e8:55:7a:1d:5f: 4c:9b:5c:2a:40:d5:bf:43:ca:a3:28:18:9d:ee:b3: a6:ad:b0:5f:63:38:07:bf:37:af:a6:c0:35:f9:25: 00:c2:97:a1:6d:8e:1a:ec:64:22:fc:af:34:8e:76: d9:c8:29:63:f4:8f:9a:81:45:1f:47:40:dd:41:55: fd:29:bb:6f:7a:4e:3d:b5:8b:91:42:9a:2a:2e:16: 98:7f:16:6a:78:1a:c7:59:77:bb:8b:4f:73:20:7b: 00:a0:48:fb:46:5e:4c:fe:91:3e:55:fe:cf:31:21: e8:59:ef:3e:b7:88:ee:97:68:cf:d2:de:78:d2:9a: ca:55:d4:d4:1f:66:76:9d:bc:3c:84:a5:5a:cd:30: d8:f8:f9:46:42:47:00:97:1d:6d:5e:a0:a4:6e:14: f4:2f:39:4a:b0:c9:47:d1:a0:f9:53:fe:42:49:bc: cb:4c:da:1e:49:fa:03:58:32:2c:35:84:aa:ce:5b: b0:2d:68:dc:cc:cf:58:7a:91:72:c0:4a:47:84:32: 64:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:F5:63:AE:A7:B8:77:62:60:52:17:26:19:7C:E3:94:5D:0E:3A:92 X509v3 Authority Key Identifier: keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/f_Vjrqe4d2JgUhcmGXzjlF0OOpI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.184.128.0/17 Signature Algorithm: sha256WithRSAEncryption ae:bb:15:1a:46:6d:41:5f:b1:7d:bd:6f:6b:46:d2:2d:3d:68: f1:04:27:98:cc:0f:1a:88:84:46:44:7e:02:8a:9b:cb:ef:ff: 9f:8b:85:b5:9a:67:de:d2:a8:2a:58:cb:f5:57:32:3a:de:6d: e7:7d:b3:e5:8c:cf:dc:d2:b7:21:3b:ed:43:9c:a5:64:f8:56: a0:9d:75:aa:b2:f0:3e:6a:e7:9c:23:f4:97:d0:c0:46:8f:95: f3:44:3e:b0:04:80:f4:c7:d9:9b:22:84:0c:e2:76:80:8f:8a: 45:1e:24:6b:22:0a:64:f3:1d:3d:e3:cd:37:b5:c5:b9:b8:d7: e6:98:e9:4c:d2:48:11:46:95:98:47:ea:0a:24:ce:5a:48:71: 5b:1a:18:0e:be:2d:f3:25:84:f1:93:cd:ef:f8:88:dc:02:f8: 57:45:d9:bb:ab:b6:ba:0f:fc:28:c5:e8:94:7d:59:30:be:21: 3d:82:2f:da:0e:f9:de:3d:e3:7e:1f:9e:6e:dd:bf:4d:39:86: a9:2c:db:9f:c4:9b:80:5c:92:d5:65:d5:cc:04:51:f0:a4:ed: e7:63:d2:a1:33:2f:23:6d:35:28:eb:5f:d1:54:b5:df:3a:13: 03:55:ca:1c:4e:96:8c:01:e0:38:c1:65:b3:05:06:5b:cd:b0: 85:60:c7:92 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIJswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNTA5MTMw MzEwMzFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDdGRjU2M0FFQTdCODc3 NjI2MDUyMTcyNjE5N0NFMzk0NUQwRTNBOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/4Dk15xRfbtBpRtZsxQIMcr8vweLCmVruwE8C1Vu4xlWV0QAV uLst93zQWCxFUrV2N896BdHoVXodX0ybXCpA1b9DyqMoGJ3us6atsF9jOAe/N6+m wDX5JQDCl6FtjhrsZCL8rzSOdtnIKWP0j5qBRR9HQN1BVf0pu296Tj21i5FCmiou Fph/Fmp4GsdZd7uLT3MgewCgSPtGXkz+kT5V/s8xIehZ7z63iO6XaM/S3njSmspV 1NQfZnadvDyEpVrNMNj4+UZCRwCXHW1eoKRuFPQvOUqwyUfRoPlT/kJJvMtM2h5J +gNYMiw1hKrOW7AtaNzMz1h6kXLASkeEMmSPAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUf/Vjrqe4d2JgUhcmGXzjlF0OOpIwHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ +wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvZl9WanJxZTRkMkpn VWhjbUdYempsRjBPT3BJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEB3a4gDANBgkqhkiG9w0BAQsFAAOCAQEArrsVGkZtQV+xfb1va0bSLT1o8QQn mMwPGoiERkR+Aoqby+//n4uFtZpn3tKoKljL9VcyOt5t532z5YzP3NK3ITvtQ5yl ZPhWoJ11qrLwPmrnnCP0l9DARo+V80Q+sASA9MfZmyKEDOJ2gI+KRR4kayIKZPMd PePNN7XFubjX5pjpTNJIEUaVmEfqCiTOWkhxWxoYDr4t8yWE8ZPN7/iI3AL4V0XZ u6u2ug/8KMXolH1ZML4hPYIv2g753j3jfh+ebt2/TTmGqSzbn8SbgFyS1WXVzARR 8KTt52PSoTMvI201KOtf0VS13zoTA1XKHE6WjAHgOMFlswUGW82whWDHkg== -----END CERTIFICATE-----Generated at Mon Oct 20 14:37:56 2025 by rpki-client