$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/-dEmjzmrp3St91V0F0SWkxSM9vc.roa File: -dEmjzmrp3St91V0F0SWkxSM9vc.roa (raw, json) Hash identifier: g2kE3Bmiw6EV6chD81xuqIUDobmIG4QjS3/4lIcf16E= Subject key identifier: F9:D1:26:8F:39:AB:A7:74:AD:F7:55:74:17:44:96:93:14:8C:F6:F7 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21F0 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/-dEmjzmrp3St91V0F0SWkxSM9vc.roa Signing time: Sat 13 Sep 2025 03:09:08 +0000 ROA not before: Sat 13 Sep 2025 03:09:08 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4808 IP address blocks: 180.184.24.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8688 (0x21f0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:08 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=F9D1268F39ABA774ADF7557417449693148CF6F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:d6:fa:ca:2f:4e:02:eb:50:b4:af:9e:da:ad: d9:3a:df:37:f1:c0:71:3f:bf:1c:f3:19:c1:88:0f: a1:b5:e6:4d:2b:04:70:ec:1e:d4:2e:8d:f5:f5:ea: e1:e4:83:3a:ec:69:2a:02:b7:09:c5:fc:b9:77:54: 6f:75:9b:b7:96:05:e6:ff:66:c4:4d:15:7b:60:94: 1b:a9:04:7d:db:99:ae:1d:bb:6b:a6:a5:3a:f2:7f: 33:5a:89:b3:46:fe:29:1d:79:0c:21:67:e7:c3:1e: 3b:af:ad:fd:24:c7:56:82:c8:d3:0f:17:de:a0:88: fe:6d:ad:1a:3c:d1:37:6e:bd:21:8c:b6:e0:67:ef: db:8a:71:46:aa:44:24:74:c2:e8:0e:01:9c:a4:a3: cc:52:21:fb:2d:64:8e:b2:dc:83:b3:ea:01:43:4d: 65:ef:13:87:ff:18:ba:a9:5b:d5:95:2b:47:f1:ae: 64:13:c4:70:0b:51:de:94:35:41:8c:49:bf:6e:63: 1d:0f:bd:61:db:31:64:9c:14:07:8d:44:02:d3:81: c5:f0:80:29:a1:f8:4f:b1:cf:16:8b:73:bc:33:68: 71:6e:38:c5:52:25:e4:ed:14:a5:89:2d:f3:8f:92: f7:61:f8:19:d2:f7:a1:9b:a9:4d:25:f6:36:fc:06: 13:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:D1:26:8F:39:AB:A7:74:AD:F7:55:74:17:44:96:93:14:8C:F6:F7 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/-dEmjzmrp3St91V0F0SWkxSM9vc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.24.0/21 Signature Algorithm: sha256WithRSAEncryption b9:07:69:70:73:35:fe:2d:3e:a8:50:32:5f:f5:78:8d:52:a5: 72:f1:ba:f5:50:6d:66:3d:08:0b:09:ac:c7:fc:4b:70:bf:8f: 34:a7:b1:3f:57:05:7b:87:02:23:44:7b:67:26:16:e8:61:65: c3:09:5a:d0:0c:31:3c:a6:c3:5c:62:9b:c0:a0:0b:81:49:47: 51:c0:0e:af:9f:e3:63:49:b8:14:d4:0d:4e:36:63:16:55:0c: dc:3d:2b:51:e6:26:15:cb:c2:7c:c7:ca:68:8b:55:01:7d:13: 33:4e:11:31:23:a8:e0:cf:32:5b:31:7a:64:82:03:a0:1c:ae: 96:35:47:a3:f4:12:aa:c6:f9:6b:da:e1:de:7a:98:77:c7:e4: 25:64:ce:9b:42:05:74:dd:07:7e:8b:2a:fd:f5:32:be:ec:6a: ae:31:bb:6f:c4:af:1b:f2:5d:83:f5:34:ad:40:60:6c:22:b0: 7a:be:2b:88:8e:f7:bc:e6:22:58:0f:df:b9:58:e5:f8:6f:d3: ed:a7:c8:b0:e6:07:90:89:32:f0:30:f9:27:8c:fe:6d:4b:d3: ff:57:08:3b:69:6c:d2:5d:4b:95:e9:00:86:bc:31:25:de:49: f0:a0:dc:e4:4f:8b:6a:85:75:ad:61:61:54:99:3f:97:8a:b8: 1e:7a:c8:be -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIfAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEY5RDEyNjhGMzlBQkE3 NzRBREY3NTU3NDE3NDQ5NjkzMTQ4Q0Y2RjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCe1vrKL04C61C0r57ardk63zfxwHE/vxzzGcGID6G15k0rBHDs HtQujfX16uHkgzrsaSoCtwnF/Ll3VG91m7eWBeb/ZsRNFXtglBupBH3bma4du2um pTryfzNaibNG/ikdeQwhZ+fDHjuvrf0kx1aCyNMPF96giP5trRo80TduvSGMtuBn 79uKcUaqRCR0wugOAZyko8xSIfstZI6y3IOz6gFDTWXvE4f/GLqpW9WVK0fxrmQT xHALUd6UNUGMSb9uYx0PvWHbMWScFAeNRALTgcXwgCmh+E+xzxaLc7wzaHFuOMVS JeTtFKWJLfOPkvdh+BnS96GbqU0l9jb8BhNtAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU+dEmjzmrp3St91V0F0SWkxSM9vcwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvLWRFbWp6bXJwM1N0 OTFWMEYwU1dreFNNOXZjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7S4GDANBgkqhkiG9w0BAQsFAAOCAQEAuQdpcHM1/i0+qFAyX/V4jVKlcvG6 9VBtZj0ICwmsx/xLcL+PNKexP1cFe4cCI0R7ZyYW6GFlwwla0AwxPKbDXGKbwKAL gUlHUcAOr5/jY0m4FNQNTjZjFlUM3D0rUeYmFcvCfMfKaItVAX0TM04RMSOo4M8y WzF6ZIIDoByuljVHo/QSqsb5a9rh3nqYd8fkJWTOm0IFdN0Hfosq/fUyvuxqrjG7 b8SvG/Jdg/U0rUBgbCKwer4riI73vOYiWA/fuVjl+G/T7afIsOYHkIky8DD5J4z+ bUvT/1cIO2ls0l1LlekAhrwxJd5J8KDc5E+LaoV1rWFhVJk/l4q4HnrIvg== -----END CERTIFICATE-----Generated at Mon Oct 20 22:35:37 2025 by rpki-client