$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/-B9CGUz8J1scU_M3Fi-lcksfsAA.roa File: -B9CGUz8J1scU_M3Fi-lcksfsAA.roa (raw, json) Hash identifier: YD0jFuaVOKqUDo/pY/PT/0oWG21GrDmmJUTPB9oPyow= Subject key identifier: F8:1F:42:19:4C:FC:27:5B:1C:53:F3:37:16:2F:A5:72:4B:1F:B0:00 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21EC Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/-B9CGUz8J1scU_M3Fi-lcksfsAA.roa Signing time: Sat 13 Sep 2025 03:09:07 +0000 ROA not before: Sat 13 Sep 2025 03:09:07 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4811 IP address blocks: 180.184.168.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8684 (0x21ec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:07 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=F81F42194CFC275B1C53F337162FA5724B1FB000 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:2a:89:0f:7e:9b:90:81:f8:7d:8d:a0:3b:d2: 20:d3:a9:aa:28:90:f5:7a:9e:01:4b:b1:1d:86:b4: 48:8e:fc:c6:2b:ea:3c:ec:10:e2:1b:2d:e7:95:c1: 71:2a:2f:c7:2d:e0:31:10:89:15:43:f6:8f:b2:3c: 38:a6:c3:68:b5:09:36:7c:24:56:ad:76:a5:13:bf: 51:9d:f5:0b:e9:76:f8:85:6c:b8:9a:55:7c:13:4f: 30:f3:d6:11:ce:2c:92:a7:78:df:0e:74:f7:ec:f5: 7b:79:29:23:aa:64:65:a8:c3:0f:09:44:02:8f:6b: d1:60:00:ef:b9:31:eb:3a:ba:11:8d:60:4f:1c:87: cd:a2:2d:00:39:ab:ac:50:82:18:1e:2a:e0:cf:7f: f8:52:39:02:d3:55:ed:94:13:45:4d:bb:97:70:33: f1:3c:7e:bc:88:7d:e4:30:9f:01:60:24:5f:a8:14: 18:09:fb:50:86:97:5b:21:f2:94:77:7a:67:1e:ad: 16:30:da:22:95:61:e0:b7:b1:4c:51:22:00:dc:df: 4c:6f:86:35:77:1e:6b:fa:68:27:f6:82:7c:c7:60: 70:89:9f:9b:f1:81:88:b6:62:f4:92:15:17:47:0e: 07:b7:41:57:a4:5e:bb:da:37:e6:ab:a5:65:bb:b7: aa:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:1F:42:19:4C:FC:27:5B:1C:53:F3:37:16:2F:A5:72:4B:1F:B0:00 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/-B9CGUz8J1scU_M3Fi-lcksfsAA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.168.0/21 Signature Algorithm: sha256WithRSAEncryption 96:d5:5f:38:c5:ef:00:cb:18:eb:28:47:6f:f4:57:fc:40:47: 8c:79:60:db:d9:95:50:7e:3e:26:d3:31:d9:14:5c:09:72:ad: a3:08:b7:28:8a:8b:a5:43:de:20:7c:23:4d:8f:a9:b8:21:eb: 5c:e0:e5:d7:0c:42:fd:22:98:c5:a9:26:bc:5c:e7:8c:e7:a5: 86:4a:01:77:3d:ac:04:0a:b8:6f:34:5a:a8:86:9d:08:30:ae: 2f:17:ed:1a:84:dc:93:ba:1b:a6:ef:e4:92:9d:49:32:5a:d4: a6:21:4f:84:5c:40:0e:7a:be:28:57:77:c3:5c:47:85:1a:9d: 57:8b:53:a8:fd:61:40:e3:bb:a6:1e:31:1c:43:e6:86:3e:6e: 32:30:3d:36:d3:1e:41:00:a4:0f:3f:e6:e1:a8:8d:46:5f:45: 60:86:74:7c:bc:95:4c:4c:ea:8e:89:9f:38:9d:51:03:e1:b8: c3:87:1d:1c:e5:8c:61:2c:ac:e2:57:fb:c3:4c:90:f3:d3:84: 9f:2d:1b:fc:f7:af:f5:a6:81:86:fc:81:4a:c2:fb:25:ad:c7: 5f:d9:90:e6:6e:df:2f:43:83:16:4f:04:cc:06:3d:2a:1d:9a: d9:07:4d:64:08:89:bd:e4:10:c9:c9:26:7e:ae:7a:be:f1:7c: 5b:a3:66:46 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIewwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEY4MUY0MjE5NENGQzI3 NUIxQzUzRjMzNzE2MkZBNTcyNEIxRkIwMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWKokPfpuQgfh9jaA70iDTqaookPV6ngFLsR2GtEiO/MYr6jzs EOIbLeeVwXEqL8ct4DEQiRVD9o+yPDimw2i1CTZ8JFatdqUTv1Gd9QvpdviFbLia VXwTTzDz1hHOLJKneN8OdPfs9Xt5KSOqZGWoww8JRAKPa9FgAO+5Mes6uhGNYE8c h82iLQA5q6xQghgeKuDPf/hSOQLTVe2UE0VNu5dwM/E8fryIfeQwnwFgJF+oFBgJ +1CGl1sh8pR3emcerRYw2iKVYeC3sUxRIgDc30xvhjV3Hmv6aCf2gnzHYHCJn5vx gYi2YvSSFRdHDge3QVekXrvaN+arpWW7t6rpAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU+B9CGUz8J1scU/M3Fi+lcksfsAAwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvLUI5Q0dVejhKMXNj VV9NM0ZpLWxja3Nmc0FBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7S4qDANBgkqhkiG9w0BAQsFAAOCAQEAltVfOMXvAMsY6yhHb/RX/EBHjHlg 29mVUH4+JtMx2RRcCXKtowi3KIqLpUPeIHwjTY+puCHrXODl1wxC/SKYxakmvFzn jOelhkoBdz2sBAq4bzRaqIadCDCuLxftGoTck7obpu/kkp1JMlrUpiFPhFxADnq+ KFd3w1xHhRqdV4tTqP1hQOO7ph4xHEPmhj5uMjA9NtMeQQCkDz/m4aiNRl9FYIZ0 fLyVTEzqjomfOJ1RA+G4w4cdHOWMYSys4lf7w0yQ89OEny0b/Pev9aaBhvyBSsL7 Ja3HX9mQ5m7fL0ODFk8EzAY9Kh2a2QdNZAiJveQQyckmfq56vvF8W6NmRg== -----END CERTIFICATE-----Generated at Mon Oct 20 16:22:26 2025 by rpki-client