$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2776/YE4mdPIQk-iboVxs-qaXSZWIHiI.roa File: YE4mdPIQk-iboVxs-qaXSZWIHiI.roa (raw, json) Hash identifier: ykL33NbMpu4kkRnT9X5W6Z6BNXk+SqiKJo3zDjd6Ekw= Subject key identifier: 60:4E:26:74:F2:10:93:E8:9B:A1:5C:6C:FA:A6:97:49:95:88:1E:22 Certificate issuer: /CN=86DB0D88746FFC0814E589A139240F2F742D0C56 Certificate serial: 1747 Authority key identifier: 86:DB:0D:88:74:6F:FC:08:14:E5:89:A1:39:24:0F:2F:74:2D:0C:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/htsNiHRv_AgU5YmhOSQPL3QtDFY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/YE4mdPIQk-iboVxs-qaXSZWIHiI.roa Signing time: Sat 13 Sep 2025 03:09:14 +0000 ROA not before: Sat 13 Sep 2025 03:09:14 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63566 IP address blocks: 122.11.0.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/htsNiHRv_AgU5YmhOSQPL3QtDFY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/htsNiHRv_AgU5YmhOSQPL3QtDFY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/htsNiHRv_AgU5YmhOSQPL3QtDFY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5959 (0x1747) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86DB0D88746FFC0814E589A139240F2F742D0C56 Validity Not Before: Sep 13 03:09:14 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=604E2674F21093E89BA15C6CFAA6974995881E22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:07:01:c5:1f:06:88:1a:cd:86:c3:50:aa:ba: 18:07:d9:0a:82:ff:24:49:32:a6:fb:b5:5f:2c:81: 87:d4:0e:c0:23:3f:5b:bf:b0:21:2f:9c:16:a0:29: 9f:4b:f8:d3:17:d9:5b:24:c8:61:db:b9:37:4e:48: 65:bc:86:ad:6d:5a:32:f6:20:91:5b:f9:d8:f4:55: 4e:e6:3e:ad:71:e9:bc:2d:6c:2a:96:7f:24:51:dd: 43:67:cc:83:5e:21:0e:bd:33:ed:ea:d5:16:4f:fc: af:61:33:a0:6e:5e:29:c7:cc:c7:94:d7:cd:9b:99: 59:2c:ed:72:ee:60:3c:fe:a2:0a:de:b5:66:d7:24: 15:17:9f:c3:1a:0d:ad:5b:ad:f4:e9:c4:eb:13:de: 67:d2:2f:89:ad:ee:60:fb:6a:80:fa:4b:f3:17:03: 50:f4:60:29:f8:89:e2:77:2d:8b:57:3c:08:1d:f1: 7e:6f:dd:a5:ba:af:8d:87:1e:5c:f8:4e:3f:9a:9c: c1:f7:36:16:a0:53:ad:20:07:3e:db:d4:f2:17:4e: b2:7c:ec:1a:ed:7b:bf:ad:e5:ab:5d:fa:60:21:9c: ef:95:e2:7f:9d:4d:06:b3:8f:ba:5c:5a:9d:d4:46: a4:75:6a:06:fd:02:3b:ab:2a:da:4b:0c:ad:60:7b: 43:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:4E:26:74:F2:10:93:E8:9B:A1:5C:6C:FA:A6:97:49:95:88:1E:22 X509v3 Authority Key Identifier: keyid:86:DB:0D:88:74:6F:FC:08:14:E5:89:A1:39:24:0F:2F:74:2D:0C:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/htsNiHRv_AgU5YmhOSQPL3QtDFY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/htsNiHRv_AgU5YmhOSQPL3QtDFY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/YE4mdPIQk-iboVxs-qaXSZWIHiI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 122.11.0.0/19 Signature Algorithm: sha256WithRSAEncryption ae:77:6a:88:dd:0d:e8:58:be:f5:55:36:58:67:11:79:36:83: 7b:02:0e:a8:89:df:06:3c:66:6b:6a:ab:e6:30:ef:af:e4:c3: e0:15:f7:6d:d7:72:5e:a1:0a:d5:5d:f2:2d:f6:89:a7:74:12: 0b:cc:86:52:30:48:3f:82:e4:e2:d0:e9:86:5d:f6:27:ba:90: e4:4c:06:85:6d:5f:fb:10:0e:54:40:8b:95:f6:3f:14:4b:a2: 0e:cf:5e:db:24:d9:5d:46:0b:54:40:c9:7f:20:8d:05:57:de: ed:64:22:5a:3b:0b:69:68:85:58:38:44:90:54:2f:ed:9a:07: 3c:3c:b0:b7:ef:e7:8c:a3:4d:16:18:92:17:6d:03:15:45:ba: af:8c:13:28:d0:a1:5f:36:57:7e:96:5e:b9:fd:e5:08:a6:27: 67:78:cc:45:a2:e1:fc:fc:f3:2a:5c:2e:fa:1e:bc:50:94:1c: 6b:0b:2d:e6:ea:43:9d:60:96:18:3e:6f:1c:5d:78:3d:2f:23: 35:89:1f:4a:f5:8f:80:ed:92:e9:69:86:ff:98:0e:04:e5:1e: 29:36:2d:1e:5d:ec:94:e4:df:4d:f1:06:e8:a5:6b:13:01:f7: d0:65:31:0f:53:3b:98:dd:81:7b:84:30:f6:fa:04:07:cb:85: 68:f2:9d:a6 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICF0cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODZE QjBEODg3NDZGRkMwODE0RTU4OUExMzkyNDBGMkY3NDJEMEM1NjAeFw0yNTA5MTMw MzA5MTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDYwNEUyNjc0RjIxMDkz RTg5QkExNUM2Q0ZBQTY5NzQ5OTU4ODFFMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQClBwHFHwaIGs2Gw1CquhgH2QqC/yRJMqb7tV8sgYfUDsAjP1u/ sCEvnBagKZ9L+NMX2VskyGHbuTdOSGW8hq1tWjL2IJFb+dj0VU7mPq1x6bwtbCqW fyRR3UNnzINeIQ69M+3q1RZP/K9hM6BuXinHzMeU182bmVks7XLuYDz+ogretWbX JBUXn8MaDa1brfTpxOsT3mfSL4mt7mD7aoD6S/MXA1D0YCn4ieJ3LYtXPAgd8X5v 3aW6r42HHlz4Tj+anMH3NhagU60gBz7b1PIXTrJ87Brte7+t5atd+mAhnO+V4n+d TQazj7pcWp3URqR1agb9AjurKtpLDK1ge0NtAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUYE4mdPIQk+iboVxs+qaXSZWIHiIwHwYDVR0jBBgwFoAUhtsNiHRv/AgU5Ymh OSQPL3QtDFYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc3 Ni9odHNOaUhSdl9BZ1U1WW1oT1NRUEwzUXRERlkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2h0c05pSFJ2X0FnVTVZbWhPU1FQTDNRdERGWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NzYvWUU0bWRQSVFrLWli b1Z4cy1xYVhTWldJSGlJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXoLADANBgkqhkiG9w0BAQsFAAOCAQEArndqiN0N6Fi+9VU2WGcReTaDewIO qInfBjxma2qr5jDvr+TD4BX3bddyXqEK1V3yLfaJp3QSC8yGUjBIP4Lk4tDphl32 J7qQ5EwGhW1f+xAOVECLlfY/FEuiDs9e2yTZXUYLVEDJfyCNBVfe7WQiWjsLaWiF WDhEkFQv7ZoHPDywt+/njKNNFhiSF20DFUW6r4wTKNChXzZXfpZeuf3lCKYnZ3jM RaLh/PzzKlwu+h68UJQcawst5upDnWCWGD5vHF14PS8jNYkfSvWPgO2S6WmG/5gO BOUeKTYtHl3slOTfTfEG6KVrEwH30GUxD1M7mN2Be4Qw9voEB8uFaPKdpg== -----END CERTIFICATE-----Generated at Mon Oct 20 14:49:30 2025 by rpki-client