$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/233/jh-jvFWeDg5m8Hy2UFlyqMjpbec.roa File: jh-jvFWeDg5m8Hy2UFlyqMjpbec.roa (raw, json) Hash identifier: Q26fJHGd729Ouq3DlNACOcIHmDfFKrHp3JT6NEvfgkk= Subject key identifier: 8E:1F:A3:BC:55:9E:0E:0E:66:F0:7C:B6:50:59:72:A8:C8:E9:6D:E7 Certificate issuer: /CN=AF3AF4D01F0CD056F0E3F698800B223AEE773D20 Certificate serial: 26B9 Authority key identifier: AF:3A:F4:D0:1F:0C:D0:56:F0:E3:F6:98:80:0B:22:3A:EE:77:3D:20 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rzr00B8M0Fbw4_aYgAsiOu53PSA.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/jh-jvFWeDg5m8Hy2UFlyqMjpbec.roa Signing time: Sat 13 Sep 2025 03:09:42 +0000 ROA not before: Sat 13 Sep 2025 03:09:42 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 37965 IP address blocks: 222.126.138.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/rzr00B8M0Fbw4_aYgAsiOu53PSA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/rzr00B8M0Fbw4_aYgAsiOu53PSA.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rzr00B8M0Fbw4_aYgAsiOu53PSA.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9913 (0x26b9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AF3AF4D01F0CD056F0E3F698800B223AEE773D20 Validity Not Before: Sep 13 03:09:42 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=8E1FA3BC559E0E0E66F07CB6505972A8C8E96DE7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:04:74:33:5e:c9:dc:2b:ec:45:da:12:8f:94: 95:b9:2c:06:5a:8a:80:27:ab:f8:4c:6a:60:d3:2f: e3:f0:1d:e0:6a:04:de:af:d3:6c:1f:92:a5:cb:61: 30:ed:46:3a:0d:88:d7:2a:6d:da:c3:1e:65:23:05: 5b:e9:e0:13:f8:a1:21:36:02:b7:42:0a:e9:58:5d: 23:53:75:b5:e2:50:7f:2b:73:be:9f:57:fe:63:2f: bd:18:8c:5f:19:a7:55:fc:84:e0:20:1f:19:3c:64: 65:17:56:d6:2f:ff:44:c4:93:20:35:f3:ea:02:54: 0d:2e:6b:c1:48:25:66:30:93:3f:09:e2:07:16:71: 01:a5:42:39:b2:b0:16:34:83:ee:77:8f:1b:00:75: c0:9d:56:86:0b:bd:c1:8d:2a:88:4a:d5:d8:d2:cd: fe:d8:d7:5d:52:25:8b:df:69:66:94:60:69:59:3f: 8c:fe:1a:45:e2:e4:f4:a6:3f:06:b0:18:19:c3:db: 9a:c2:f1:60:5e:9f:a4:93:0f:86:24:8d:4b:ed:45: 42:7b:33:9a:79:49:6d:cb:fa:f6:bb:e2:5a:ee:58: 8e:20:17:cd:a0:9e:ba:c7:09:b9:da:a8:83:48:88: a5:24:6c:75:ba:3a:73:22:f5:70:2b:f6:e6:3f:9d: 7e:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:1F:A3:BC:55:9E:0E:0E:66:F0:7C:B6:50:59:72:A8:C8:E9:6D:E7 X509v3 Authority Key Identifier: keyid:AF:3A:F4:D0:1F:0C:D0:56:F0:E3:F6:98:80:0B:22:3A:EE:77:3D:20 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/rzr00B8M0Fbw4_aYgAsiOu53PSA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rzr00B8M0Fbw4_aYgAsiOu53PSA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/jh-jvFWeDg5m8Hy2UFlyqMjpbec.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 222.126.138.0/24 Signature Algorithm: sha256WithRSAEncryption 91:6c:75:fc:a7:2d:ec:e2:8c:0f:7d:d5:9c:0a:f4:8d:bd:07: 1b:eb:10:8b:70:75:e2:41:79:07:65:0b:e7:5d:64:cd:36:d7: e7:de:37:31:6f:54:a3:b0:f4:1d:f5:e2:d0:7f:d8:d6:0e:6c: 8a:1f:f1:77:21:00:c3:7c:e3:9b:34:cf:e9:41:dd:e7:25:75: 63:53:aa:20:1a:20:8c:5d:39:b6:0f:3d:94:a3:8c:4e:67:88: a0:47:14:f5:66:ad:cd:21:6d:fb:21:21:c3:bd:fb:02:67:1b: 2e:72:c1:de:4a:92:32:14:30:3d:30:aa:08:36:e1:f4:d2:a3: 51:d4:ed:63:c5:50:ae:e1:c6:40:70:1e:13:e9:54:8f:9e:2f: 36:34:c4:f2:1a:97:40:db:de:41:aa:da:86:28:a9:07:aa:d6: c6:82:c0:cf:5a:26:69:08:02:59:ab:c2:0f:87:49:aa:fa:91: 1e:1a:56:2a:f0:62:86:cb:09:4a:36:41:8a:47:52:d5:51:0a: 5e:b5:9a:68:76:37:40:fe:ad:0d:ec:e6:49:90:9f:2e:bb:3d: 83:52:18:13:96:74:c0:32:ec:be:43:47:9a:22:be:23:fb:e2: bd:02:0a:4b:7d:c0:73:e6:43:d3:1e:22:8b:04:a9:c6:a3:09: 1b:6d:da:e6 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICJrkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUYz QUY0RDAxRjBDRDA1NkYwRTNGNjk4ODAwQjIyM0FFRTc3M0QyMDAeFw0yNTA5MTMw MzA5NDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDhFMUZBM0JDNTU5RTBF MEU2NkYwN0NCNjUwNTk3MkE4QzhFOTZERTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtBHQzXsncK+xF2hKPlJW5LAZaioAnq/hMamDTL+PwHeBqBN6v 02wfkqXLYTDtRjoNiNcqbdrDHmUjBVvp4BP4oSE2ArdCCulYXSNTdbXiUH8rc76f V/5jL70YjF8Zp1X8hOAgHxk8ZGUXVtYv/0TEkyA18+oCVA0ua8FIJWYwkz8J4gcW cQGlQjmysBY0g+53jxsAdcCdVoYLvcGNKohK1djSzf7Y111SJYvfaWaUYGlZP4z+ GkXi5PSmPwawGBnD25rC8WBen6STD4YkjUvtRUJ7M5p5SW3L+va74lruWI4gF82g nrrHCbnaqINIiKUkbHW6OnMi9XAr9uY/nX5XAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUjh+jvFWeDg5m8Hy2UFlyqMjpbecwHwYDVR0jBBgwFoAUrzr00B8M0Fbw4/aY gAsiOu53PSAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMz L3J6cjAwQjhNMEZidzRfYVlnQXNpT3U1M1BTQS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvcnpyMDBCOE0wRmJ3NF9hWWdBc2lPdTUzUFNBLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMzL2poLWp2RldlRGc1bThI eTJVRmx5cU1qcGJlYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADefoowDQYJKoZIhvcNAQELBQADggEBAJFsdfynLezijA991ZwK9I29BxvrEItw deJBeQdlC+ddZM021+feNzFvVKOw9B314tB/2NYObIof8XchAMN845s0z+lB3ecl dWNTqiAaIIxdObYPPZSjjE5niKBHFPVmrc0hbfshIcO9+wJnGy5ywd5KkjIUMD0w qgg24fTSo1HU7WPFUK7hxkBwHhPpVI+eLzY0xPIal0Db3kGq2oYoqQeq1saCwM9a JmkIAlmrwg+HSar6kR4aVirwYobLCUo2QYpHUtVRCl61mmh2N0D+rQ3s5kmQny67 PYNSGBOWdMAy7L5DR5oiviP74r0CCkt9wHPmQ9MeIosEqcajCRtt2uY= -----END CERTIFICATE-----Generated at Mon Oct 20 19:56:05 2025 by rpki-client