$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/9HBdl6gRQZmnl3glpYgf0T4sBbM.roa File: 9HBdl6gRQZmnl3glpYgf0T4sBbM.roa (raw, json) Hash identifier: 2Zg7HjgXvB5pVin03OKU2Y71wXXbt55woxiBQpBTHL0= Subject key identifier: F4:70:5D:97:A8:11:41:99:A7:97:78:25:A5:88:1F:D1:3E:2C:05:B3 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 14B0 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/9HBdl6gRQZmnl3glpYgf0T4sBbM.roa Signing time: Wed 30 Jul 2025 02:48:00 +0000 ROA not before: Wed 30 Jul 2025 02:48:00 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 55990 IP address blocks: 115.120.152.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 11:04:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5296 (0x14b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Jul 30 02:48:00 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=F4705D97A8114199A7977825A5881FD13E2C05B3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:5f:1d:a3:5d:30:76:3f:83:a6:18:d5:cf:86: 20:68:22:a7:e1:4f:10:ef:2e:56:63:92:0a:a9:3d: e1:36:d5:5f:1b:51:f4:9d:1d:4a:63:e9:ad:ce:03: e7:7d:92:41:c8:62:ef:5a:cc:92:84:61:9d:cd:cf: c8:0d:85:60:f7:e5:cd:c8:e3:8e:0c:d6:bc:e2:db: 5f:8b:6c:e9:f6:21:2e:75:72:73:3f:74:88:8a:5a: 32:e7:cd:e1:cb:65:28:56:c4:47:41:df:1c:e8:37: ad:29:0a:2c:1f:bb:46:ee:31:36:24:7c:ab:49:9a: 91:5f:65:ed:95:d7:f3:53:a2:26:1d:ca:02:1e:66: dd:24:77:b0:28:55:f0:a6:d1:62:0f:1f:ec:d0:1b: 18:5a:5b:58:c9:75:f4:60:e4:0e:d5:af:5c:f6:d2: ae:ad:65:d7:0d:53:4b:63:0f:74:68:ea:de:36:2b: b4:63:41:05:30:22:a9:3a:43:88:02:15:d6:d6:a6: ec:31:ed:cf:e2:ca:b0:9c:9e:f0:ce:bd:fc:5d:d6: 20:d2:58:8a:5e:c4:55:05:56:28:a6:b5:ad:f2:0f: bc:72:69:ba:33:cc:c9:12:a8:de:f9:0f:b1:8a:11: b7:bc:48:3e:0a:37:d6:e5:3d:29:f9:de:93:0b:de: cb:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:70:5D:97:A8:11:41:99:A7:97:78:25:A5:88:1F:D1:3E:2C:05:B3 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/9HBdl6gRQZmnl3glpYgf0T4sBbM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.120.152.0/22 Signature Algorithm: sha256WithRSAEncryption 44:29:46:d4:d7:85:20:02:5b:3a:f7:b3:2a:87:5a:77:69:78: f0:45:b0:05:8b:75:6b:1e:b7:01:24:b8:7a:0c:e4:34:c6:a7: 30:d9:93:e8:dc:9e:8e:b2:e8:5d:09:25:fa:d9:c9:65:19:8b: cc:c2:18:0d:76:e9:59:4a:18:56:1f:d1:ac:ca:63:1e:dd:62: 84:fb:12:d1:03:3d:f3:41:15:1f:84:b3:c5:fc:37:26:b4:b7: 17:99:4e:20:e8:08:f1:54:1d:96:05:56:9e:6c:2e:3a:fc:be: d7:e1:de:13:71:70:07:f0:5b:29:b5:5d:ba:f5:c0:9f:e0:b7: ce:a0:3a:52:ca:54:62:3e:fb:06:ba:67:76:2e:66:52:e1:c6: 7e:d4:10:81:f3:a3:2a:b0:e6:39:99:e9:50:53:3d:96:d8:2f: 76:f0:bf:78:04:b4:c0:68:d5:85:9e:be:5e:55:39:ce:41:48: 8e:1c:3b:4f:52:e4:40:0f:1e:1a:95:bd:11:db:ba:74:e0:84: b0:6d:06:c6:a5:e4:fa:8e:3e:8d:2e:e7:d3:f7:a7:41:70:38: 2d:ef:a5:74:4f:4a:53:bf:0b:ff:dd:76:cc:ef:31:9e:b7:8e: 53:04:a6:33:95:00:ae:53:7d:9f:61:ba:88:3a:4a:99:fe:a0: d7:13:2f:2e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFLAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA3MzAw MjQ4MDBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEY0NzA1RDk3QTgxMTQx OTlBNzk3NzgyNUE1ODgxRkQxM0UyQzA1QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBXx2jXTB2P4OmGNXPhiBoIqfhTxDvLlZjkgqpPeE21V8bUfSd HUpj6a3OA+d9kkHIYu9azJKEYZ3Nz8gNhWD35c3I444M1rzi21+LbOn2IS51cnM/ dIiKWjLnzeHLZShWxEdB3xzoN60pCiwfu0buMTYkfKtJmpFfZe2V1/NToiYdygIe Zt0kd7AoVfCm0WIPH+zQGxhaW1jJdfRg5A7Vr1z20q6tZdcNU0tjD3Ro6t42K7Rj QQUwIqk6Q4gCFdbWpuwx7c/iyrCcnvDOvfxd1iDSWIpexFUFViimta3yD7xyaboz zMkSqN75D7GKEbe8SD4KN9blPSn53pML3ssVAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU9HBdl6gRQZmnl3glpYgf0T4sBbMwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvOUhCZGw2Z1JRWm1u bDNnbHBZZ2YwVDRzQmJNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAnN4mDANBgkqhkiG9w0BAQsFAAOCAQEARClG1NeFIAJbOvezKodad2l48EWw BYt1ax63ASS4egzkNManMNmT6NyejrLoXQkl+tnJZRmLzMIYDXbpWUoYVh/RrMpj Ht1ihPsS0QM980EVH4Szxfw3JrS3F5lOIOgI8VQdlgVWnmwuOvy+1+HeE3FwB/Bb KbVduvXAn+C3zqA6UspUYj77Brpndi5mUuHGftQQgfOjKrDmOZnpUFM9ltgvdvC/ eAS0wGjVhZ6+XlU5zkFIjhw7T1LkQA8eGpW9Edu6dOCEsG0GxqXk+o4+jS7n0/en QXA4Le+ldE9KU78L/912zO8xnreOUwSmM5UArlN9n2G6iDpKmf6g1xMvLg== -----END CERTIFICATE-----Generated at Sun Aug 24 09:06:19 2025 by rpki-client