$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2927/o9c-0vAFreiP5dn3zxHpzRYAHXQ.roa File: o9c-0vAFreiP5dn3zxHpzRYAHXQ.roa (raw, json) Hash identifier: +cwYJdZm3O7MmEFthMOEswTzqEavVmdybhhfTKCcWXY= Subject key identifier: A3:D7:3E:D2:F0:05:AD:E8:8F:E5:D9:F7:CF:11:E9:CD:16:00:1D:74 Certificate issuer: /CN=73D211D5B210E3B196054DB71892D8E38A4E09EF Certificate serial: 08 Authority key identifier: 73:D2:11:D5:B2:10:E3:B1:96:05:4D:B7:18:92:D8:E3:8A:4E:09:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/o9c-0vAFreiP5dn3zxHpzRYAHXQ.roa Signing time: Wed 25 Jun 2025 02:40:31 +0000 ROA not before: Wed 25 Jun 2025 02:40:31 +0000 ROA not after: Thu 25 Jun 2026 02:35:12 +0000 asID: 131574 IP address blocks: 211.101.208.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 18:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8 (0x8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=73D211D5B210E3B196054DB71892D8E38A4E09EF Validity Not Before: Jun 25 02:40:31 2025 GMT Not After : Jun 25 02:35:12 2026 GMT Subject: CN=A3D73ED2F005ADE88FE5D9F7CF11E9CD16001D74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:c5:a9:fd:70:7d:66:4c:74:ec:3a:2e:c5:a2: 91:8d:e9:78:fb:91:2a:d2:c6:e1:7e:d5:24:27:b1: 60:31:b8:82:b3:93:44:7b:e4:cd:88:5d:01:d2:67: 9a:ac:d9:90:6d:f8:f9:80:44:28:cb:07:d3:f3:ce: f7:c7:6d:01:e2:56:5e:3e:5c:43:ec:27:e4:aa:e2: d6:4b:3f:b6:e3:92:d6:90:39:88:c8:22:45:78:14: e7:b1:de:60:dc:45:ec:aa:3f:b2:98:0c:7a:67:7c: 2d:00:7f:46:18:01:4b:bb:73:60:fb:96:a7:d8:c6: 06:64:a0:4c:d0:65:d9:84:7a:4a:dd:7e:6e:13:4c: eb:3d:75:2a:67:af:58:2c:b1:27:6f:6c:84:88:b7: 32:4a:8f:00:8f:ea:83:11:21:b7:ac:f2:d3:d2:3b: de:c5:a9:8b:f5:07:4b:6b:50:7e:e2:b9:d5:0d:c2: 15:2d:da:ec:06:e5:07:c6:37:87:03:c7:57:2c:60: aa:93:ab:f8:5c:d3:0a:69:4b:29:8b:39:36:29:40: 7e:be:d8:8d:0d:60:14:72:af:69:14:af:52:7a:2e: b2:f4:46:83:4d:46:7b:96:4d:0f:72:97:66:2c:54: a7:78:ce:60:16:2c:0b:9c:dc:1e:66:93:77:68:87: 70:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:D7:3E:D2:F0:05:AD:E8:8F:E5:D9:F7:CF:11:E9:CD:16:00:1D:74 X509v3 Authority Key Identifier: keyid:73:D2:11:D5:B2:10:E3:B1:96:05:4D:B7:18:92:D8:E3:8A:4E:09:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/o9c-0vAFreiP5dn3zxHpzRYAHXQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.101.208.0/20 Signature Algorithm: sha256WithRSAEncryption b6:e2:44:8c:08:a4:69:4e:d5:c9:7c:19:ac:d4:a9:92:9d:df: 89:be:ba:57:49:bb:53:5f:2d:05:fb:f5:1b:d0:e4:5d:4d:b2: 17:77:3f:69:6b:44:67:a6:3c:e8:4e:6a:ea:43:34:86:96:7b: da:75:13:a6:39:e5:41:37:eb:ff:6c:6b:88:e5:5a:5e:66:d5: 96:ad:08:18:b9:fa:91:1a:3f:5e:2d:cb:ff:cc:1c:a1:a1:16: 4d:2c:ca:ce:f4:4b:1e:42:39:cc:0b:43:62:0b:a6:25:0c:5e: b4:01:73:01:fb:fb:12:8e:3e:55:db:7f:f9:55:58:32:44:a4: 7a:15:ae:95:dc:8e:3e:36:47:4f:c3:b8:b2:7c:93:8e:e9:69: d4:a2:02:c4:7c:76:2a:98:35:12:9e:87:b6:9f:ed:94:b9:db: ce:15:00:69:9f:73:67:43:8f:01:7c:24:9d:49:e2:c5:5d:fd: 50:18:6d:0a:92:c0:b7:8e:4e:1a:0b:54:ab:ae:d1:50:06:13: 23:76:bb:df:41:0a:f1:9b:2c:8f:1c:00:49:77:ea:5c:94:24: 1a:b8:2e:f5:65:71:05:33:54:c2:7d:5d:1d:c6:00:09:10:f3: c1:65:8c:3a:b8:cb:cd:65:ff:16:c5:40:e8:00:10:92:bb:46: b5:58:29:f6 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3M0Qy MTFENUIyMTBFM0IxOTYwNTREQjcxODkyRDhFMzhBNEUwOUVGMB4XDTI1MDYyNTAy NDAzMVoXDTI2MDYyNTAyMzUxMlowMzExMC8GA1UEAxMoQTNENzNFRDJGMDA1QURF ODhGRTVEOUY3Q0YxMUU5Q0QxNjAwMUQ3NDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANzFqf1wfWZMdOw6LsWikY3pePuRKtLG4X7VJCexYDG4grOTRHvk zYhdAdJnmqzZkG34+YBEKMsH0/PO98dtAeJWXj5cQ+wn5Kri1ks/tuOS1pA5iMgi RXgU57HeYNxF7Ko/spgMemd8LQB/RhgBS7tzYPuWp9jGBmSgTNBl2YR6St1+bhNM 6z11KmevWCyxJ29shIi3MkqPAI/qgxEht6zy09I73sWpi/UHS2tQfuK51Q3CFS3a 7AblB8Y3hwPHVyxgqpOr+FzTCmlLKYs5NilAfr7YjQ1gFHKvaRSvUnousvRGg01G e5ZND3KXZixUp3jOYBYsC5zcHmaTd2iHcAECAwEAAaOCAfMwggHvMB0GA1UdDgQW BBSj1z7S8AWt6I/l2ffPEenNFgAddDAfBgNVHSMEGDAWgBRz0hHVshDjsZYFTbcY ktjjik4J7zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yOTI3 L2M5SVIxYklRNDdHV0JVMjNHSkxZNDRwT0NlOC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvYzlJUjFiSVE0N0dXQlUyM0dKTFk0NHBPQ2U4LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjkyNy9vOWMtMHZBRnJlaVA1 ZG4zenhIcHpSWUFIWFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQE02XQMA0GCSqGSIb3DQEBCwUAA4IBAQC24kSMCKRpTtXJfBms1KmSnd+JvrpX SbtTXy0F+/Ub0ORdTbIXdz9pa0RnpjzoTmrqQzSGlnvadROmOeVBN+v/bGuI5Vpe ZtWWrQgYufqRGj9eLcv/zByhoRZNLMrO9EseQjnMC0NiC6YlDF60AXMB+/sSjj5V 23/5VVgyRKR6Fa6V3I4+NkdPw7iyfJOO6WnUogLEfHYqmDUSnoe2n+2UudvOFQBp n3NnQ48BfCSdSeLFXf1QGG0KksC3jk4aC1SrrtFQBhMjdrvfQQrxmyyPHABJd+pc lCQauC71ZXEFM1TCfV0dxgAJEPPBZYw6uMvNZf8WxUDoABCSu0a1WCn2 -----END CERTIFICATE-----Generated at Fri Jul 4 15:21:26 2025 by rpki-client