$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/Ga7f36EbcZFDn5BnJcKbsVFAxr8.roa File: Ga7f36EbcZFDn5BnJcKbsVFAxr8.roa (raw, json) Hash identifier: sKcV/wEFZpASBMvxX6N49WW3WHRyegqNqDOxs98YFbw= Subject key identifier: 19:AE:DF:DF:A1:1B:71:91:43:9F:90:67:25:C2:9B:B1:51:40:C6:BF Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Certificate serial: 206C Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/Ga7f36EbcZFDn5BnJcKbsVFAxr8.roa Signing time: Sat 13 Sep 2025 03:09:25 +0000 ROA not before: Sat 13 Sep 2025 03:09:25 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139021 IP address blocks: 218.247.64.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8300 (0x206c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Validity Not Before: Sep 13 03:09:25 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=19AEDFDFA11B7191439F906725C29BB15140C6BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:d6:5e:75:d8:c6:36:72:66:19:0d:60:28:fb: 39:4c:65:bc:bb:89:f5:d3:1b:78:f5:36:53:43:8f: 81:c1:2e:d3:da:2c:62:e4:4c:8a:c2:0b:62:45:61: e4:f5:46:13:a5:2b:84:94:63:53:45:c1:0a:b1:ed: 7d:12:84:68:db:dd:a2:8e:02:12:9f:bc:95:c9:cd: c1:a0:e3:d8:6f:d9:c1:8f:5e:d5:27:f4:3d:12:95: 2b:02:9c:1f:86:7a:f9:2f:d9:cd:30:49:23:30:02: b9:ee:41:e4:d2:eb:f2:44:ed:8f:b4:51:a9:2b:7c: 18:ec:09:d4:7b:58:2e:d5:50:d8:81:9b:48:97:b0: c3:6d:3b:e1:3f:02:3a:24:37:24:c9:aa:0d:ea:19: 68:53:4e:28:b6:03:96:41:c0:0a:9b:cb:c7:97:08: b0:70:a6:39:a0:e0:6b:a1:07:81:3c:d4:1d:d8:de: cf:cd:d0:4c:65:d1:b2:43:6c:6a:9d:b6:41:f3:c3: d0:4d:50:3a:56:2d:1f:13:75:af:91:70:d4:c3:77: 5f:e2:f5:b0:7d:01:57:19:d3:f4:0d:53:93:ce:b1: 7c:40:16:15:93:0c:c8:3b:29:cf:86:6c:10:ac:6c: 92:ce:7b:7a:76:b4:64:2d:9e:f4:38:d2:2e:8e:6f: d1:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:AE:DF:DF:A1:1B:71:91:43:9F:90:67:25:C2:9B:B1:51:40:C6:BF X509v3 Authority Key Identifier: keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/Ga7f36EbcZFDn5BnJcKbsVFAxr8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 218.247.64.0/19 Signature Algorithm: sha256WithRSAEncryption 53:39:aa:4d:ad:97:6c:6f:35:7b:96:bf:8e:b7:55:03:8d:67: c3:08:25:60:1d:79:58:a6:4d:8a:44:36:e9:fc:0b:3e:46:a4: e7:ce:b4:4b:f2:ae:b6:4e:1a:8b:3f:91:6d:9e:94:89:b7:c8: b1:32:1c:8e:d8:de:13:c8:c0:0a:a5:25:86:9d:8a:c1:c8:e5: ce:6e:64:62:13:17:02:3e:71:e6:ef:6d:5c:d7:ed:02:86:3d: 4e:b7:45:e3:52:54:c0:18:ea:b7:28:4e:9e:5e:bf:4b:58:e0: b2:29:36:f6:cd:88:ae:d9:76:97:df:b9:f5:e9:87:47:da:56: d3:f7:44:90:11:30:1b:1b:65:1d:92:54:30:1d:a9:09:8d:e3: 90:59:79:f1:50:45:88:cd:31:24:e3:3e:d5:aa:7e:ad:93:80: 5a:c5:93:46:3b:bf:c9:6d:1e:81:41:29:80:c3:ea:28:cd:f4: df:8d:f8:a6:1c:59:22:64:9a:e8:6f:37:11:17:ba:e3:40:99: e0:3f:69:2c:93:61:60:0b:52:da:69:b3:d2:81:c0:b6:bf:2d: aa:c7:db:d5:df:27:9a:c7:c8:53:e4:c5:3a:9f:26:13:dd:c9: de:3b:40:67:d8:85:5c:3f:77:32:6a:0f:be:3a:95:fd:08:7d: 45:68:82:27 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIGwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNTA5MTMw MzA5MjVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDE5QUVERkRGQTExQjcx OTE0MzlGOTA2NzI1QzI5QkIxNTE0MEM2QkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDx1l512MY2cmYZDWAo+zlMZby7ifXTG3j1NlNDj4HBLtPaLGLk TIrCC2JFYeT1RhOlK4SUY1NFwQqx7X0ShGjb3aKOAhKfvJXJzcGg49hv2cGPXtUn 9D0SlSsCnB+Gevkv2c0wSSMwArnuQeTS6/JE7Y+0UakrfBjsCdR7WC7VUNiBm0iX sMNtO+E/AjokNyTJqg3qGWhTTii2A5ZBwAqby8eXCLBwpjmg4GuhB4E81B3Y3s/N 0Exl0bJDbGqdtkHzw9BNUDpWLR8Tda+RcNTDd1/i9bB9AVcZ0/QNU5POsXxAFhWT DMg7Kc+GbBCsbJLOe3p2tGQtnvQ40i6Ob9HJAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUGa7f36EbcZFDn5BnJcKbsVFAxr8wHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4 OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvR2E3ZjM2RWJjWkZE bjVCbkpjS2JzVkZBeHI4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBdr3QDANBgkqhkiG9w0BAQsFAAOCAQEAUzmqTa2XbG81e5a/jrdVA41nwwgl YB15WKZNikQ26fwLPkak5860S/Kutk4aiz+RbZ6UibfIsTIcjtjeE8jACqUlhp2K wcjlzm5kYhMXAj5x5u9tXNftAoY9TrdF41JUwBjqtyhOnl6/S1jgsik29s2Irtl2 l9+59emHR9pW0/dEkBEwGxtlHZJUMB2pCY3jkFl58VBFiM0xJOM+1ap+rZOAWsWT Rju/yW0egUEpgMPqKM303434phxZImSa6G83ERe640CZ4D9pLJNhYAtS2mmz0oHA tr8tqsfb1d8nmsfIU+TFOp8mE93J3jtAZ9iFXD93MmoPvjqV/Qh9RWiCJw== -----END CERTIFICATE-----Generated at Mon Oct 20 08:31:30 2025 by rpki-client