$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/fJ1tJYYgwdZVdhoMPTqBWS9ETAI.roa File: fJ1tJYYgwdZVdhoMPTqBWS9ETAI.roa (raw, json) Hash identifier: YySf+4WKiAMHuLf7eaHuZzSHMWhTcX3jywIXIJBWLGY= Subject key identifier: 7C:9D:6D:25:86:20:C1:D6:55:76:1A:0C:3D:3A:81:59:2F:44:4C:02 Certificate issuer: /CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2 Certificate serial: 1502 Authority key identifier: C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/fJ1tJYYgwdZVdhoMPTqBWS9ETAI.roa Signing time: Sat 13 Sep 2025 03:06:48 +0000 ROA not before: Sat 13 Sep 2025 03:06:48 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 139.9.99.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 04:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5378 (0x1502) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2 Validity Not Before: Sep 13 03:06:48 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=7C9D6D258620C1D655761A0C3D3A81592F444C02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:dc:00:6a:b9:48:50:2a:e6:04:fd:67:c1:f3: d4:66:10:b8:d6:f8:8d:07:aa:c6:da:8f:e8:6c:ea: 8d:ef:04:8f:e5:4f:f5:68:b0:a3:73:8c:83:8a:14: d3:a9:57:b0:6e:25:e3:39:11:5e:db:ae:b9:4a:c6: 42:11:f7:a6:be:4d:be:08:a5:33:c3:df:4a:65:de: 38:68:f5:74:a3:b9:57:c9:ae:b0:f1:58:e7:50:f3: b5:9e:c4:82:e0:91:70:95:78:2a:af:97:9f:ee:a0: 6c:7f:91:4f:6b:9e:78:2d:c1:30:39:87:02:6e:76: 2b:77:a6:81:6a:b0:41:d4:f5:18:60:8b:22:f2:e3: bd:ba:09:e4:6b:bd:18:fe:6f:d5:6a:7d:39:26:0c: 6d:07:ab:12:61:30:39:12:a5:c9:20:35:1b:ab:f0: 1d:5a:eb:2b:4f:e6:cc:9c:3b:f1:4f:30:37:2f:78: 14:4d:11:fd:64:13:27:10:9e:fe:d7:d2:48:94:eb: 78:cc:0b:61:42:41:da:49:17:ca:7d:36:c0:ba:07: 0f:ea:4f:59:af:33:77:d8:86:1b:90:3b:e4:e4:ba: b4:ce:7f:b9:54:81:61:10:ec:18:05:1f:46:3d:d5: 04:51:ab:d8:66:9c:65:3a:a6:1d:ad:bc:f2:f4:15: a6:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:9D:6D:25:86:20:C1:D6:55:76:1A:0C:3D:3A:81:59:2F:44:4C:02 X509v3 Authority Key Identifier: keyid:C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/fJ1tJYYgwdZVdhoMPTqBWS9ETAI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.9.99.0/24 Signature Algorithm: sha256WithRSAEncryption 06:9c:6a:51:cc:59:23:43:64:db:1a:f6:4e:f8:b8:56:0c:ca: 9a:35:90:44:c6:f4:72:81:a5:b9:98:5a:41:10:4d:d8:94:49: 97:1f:50:fd:08:1b:61:4d:50:63:b3:5f:f0:d3:84:e4:3f:2b: 0a:c1:f6:f0:ee:fe:8b:22:b5:ec:cd:d0:41:09:f7:41:86:df: cd:dc:61:ae:ea:c7:de:20:ec:a2:ea:55:f2:ee:1c:f5:ee:0e: 8e:f8:06:bf:8f:8e:3f:1f:9c:9b:67:fc:2b:0c:40:9b:d6:6a: 7f:bd:b0:7c:70:18:12:d8:8d:b4:98:e9:e8:a6:91:5b:56:f7: 73:21:f9:16:93:da:dc:87:e8:bb:78:4f:e3:ab:ed:99:be:81: 99:e2:6a:65:78:27:65:58:a6:ca:ee:6c:b0:a4:f2:51:b4:03: fb:06:15:ee:3a:b8:cf:af:b1:bf:0f:38:14:43:0a:d7:57:fa: a8:a9:e1:2f:28:cc:49:96:3d:59:37:7c:42:15:46:e7:d6:7b: 5a:03:ce:bd:40:43:d5:6e:58:fa:3a:42:cc:c0:85:09:7c:2f: cf:fb:6a:76:cb:f0:d8:51:e0:81:9e:24:c5:c1:b8:ef:18:29: 8c:f7:4d:00:2a:5c:f9:63:60:04:49:ef:2f:d9:dd:9f:4c:20: a5:7b:ad:15 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFQIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzFE MzEyOTE2MzhGNEE0MDQwQ0QzRDUyREVDM0ZGMkI5NzA5QzVGMjAeFw0yNTA5MTMw MzA2NDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDdDOUQ2RDI1ODYyMEMx RDY1NTc2MUEwQzNEM0E4MTU5MkY0NDRDMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCj3ABquUhQKuYE/WfB89RmELjW+I0Hqsbaj+hs6o3vBI/lT/Vo sKNzjIOKFNOpV7BuJeM5EV7brrlKxkIR96a+Tb4IpTPD30pl3jho9XSjuVfJrrDx WOdQ87WexILgkXCVeCqvl5/uoGx/kU9rnngtwTA5hwJudit3poFqsEHU9RhgiyLy 4726CeRrvRj+b9VqfTkmDG0HqxJhMDkSpckgNRur8B1a6ytP5sycO/FPMDcveBRN Ef1kEycQnv7X0kiU63jMC2FCQdpJF8p9NsC6Bw/qT1mvM3fYhhuQO+TkurTOf7lU gWEQ7BgFH0Y91QRRq9hmnGU6ph2tvPL0FaYjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUfJ1tJYYgwdZVdhoMPTqBWS9ETAIwHwYDVR0jBBgwFoAUwdMSkWOPSkBAzT1S 3sP/K5cJxfIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC93ZE1Ta1dPUFNrQkF6VDFTM3NQX0s1Y0p4ZkkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3dkTVNrV09QU2tCQXpUMVMzc1BfSzVjSnhmSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvZkoxdEpZWWd3ZFpW ZGhvTVBUcUJXUzlFVEFJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAIsJYzANBgkqhkiG9w0BAQsFAAOCAQEABpxqUcxZI0Nk2xr2Tvi4VgzKmjWQ RMb0coGluZhaQRBN2JRJlx9Q/QgbYU1QY7Nf8NOE5D8rCsH28O7+iyK17M3QQQn3 QYbfzdxhrurH3iDsoupV8u4c9e4OjvgGv4+OPx+cm2f8KwxAm9Zqf72wfHAYEtiN tJjp6KaRW1b3cyH5FpPa3Ifou3hP46vtmb6BmeJqZXgnZVimyu5ssKTyUbQD+wYV 7jq4z6+xvw84FEMK11f6qKnhLyjMSZY9WTd8QhVG59Z7WgPOvUBD1W5Y+jpCzMCF CXwvz/tqdsvw2FHggZ4kxcG47xgpjPdNACpc+WNgBEnvL9ndn0wgpXutFQ== -----END CERTIFICATE-----Generated at Tue Oct 21 00:41:12 2025 by rpki-client