$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/2PjHUZSI_y0JfAIUqmAYQJMp52Q.roa File: 2PjHUZSI_y0JfAIUqmAYQJMp52Q.roa (raw, json) Hash identifier: l3Fkt+YVOUAyuS3dB/eo3mGNW0oZ/PK+5DC6fQRB+DE= Subject key identifier: D8:F8:C7:51:94:88:FF:2D:09:7C:02:14:AA:60:18:40:93:29:E7:64 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21CA Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/2PjHUZSI_y0JfAIUqmAYQJMp52Q.roa Signing time: Sat 13 Sep 2025 03:09:00 +0000 ROA not before: Sat 13 Sep 2025 03:09:00 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137718 IP address blocks: 180.184.152.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 03:36:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8650 (0x21ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:00 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D8F8C7519488FF2D097C0214AA6018409329E764 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:6c:a5:25:27:3c:08:85:02:5b:4c:d6:f5:99: a7:03:e6:c0:40:4f:f7:dd:9b:79:a8:6f:99:ca:a2: 71:78:e4:bf:a2:7f:dc:38:d2:f1:0b:b0:66:d7:80: 81:7e:67:48:04:5e:f1:7c:f7:c5:e7:f2:0b:da:ae: a1:a4:df:58:5a:4d:65:f6:99:6b:c0:bb:a2:13:e8: 1d:fa:51:a9:19:89:dc:a1:c7:5d:58:3e:37:ee:93: 73:88:ad:e4:95:7b:84:eb:8b:61:5c:0c:4f:36:63: 49:df:df:86:4e:d7:fa:3b:7a:11:7c:85:80:cd:da: 12:c2:4d:e3:a9:40:8f:f9:4e:6f:e5:23:d0:e4:89: 84:01:b9:c8:b2:06:fd:81:50:a8:d2:e5:76:dd:90: 62:96:0b:d9:0a:7f:ae:81:3e:c8:c3:ff:93:ed:65: d1:22:27:70:8e:6f:97:0f:52:7b:5b:85:c8:36:c9: 23:69:d1:52:cc:4c:79:83:b7:ac:9b:27:95:27:b4: 6c:b9:01:d5:47:bb:40:b8:42:4b:bb:b0:de:48:4b: 86:2b:ed:17:6c:7d:8d:a2:23:d6:27:6d:a6:89:36: 2a:dd:9e:ba:51:26:10:3f:c5:e5:00:be:21:92:8d: f0:2b:ca:5b:f3:59:ce:73:67:d2:4c:d1:db:3d:4e: bd:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:F8:C7:51:94:88:FF:2D:09:7C:02:14:AA:60:18:40:93:29:E7:64 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/2PjHUZSI_y0JfAIUqmAYQJMp52Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.152.0/22 Signature Algorithm: sha256WithRSAEncryption 54:f0:41:a8:1a:f5:d0:b1:cc:cb:ce:6c:ab:46:86:e1:8e:ce: c9:11:da:73:a5:e6:94:d4:52:21:86:2d:35:8d:26:c8:96:9b: 0c:bb:c1:4d:96:66:c5:52:22:20:c7:8e:60:28:c2:8d:14:7c: 3e:9b:4c:71:e6:59:4d:bb:16:b3:66:3e:56:da:e4:56:36:d2: bf:05:2a:ea:69:d5:45:e7:71:11:6c:e1:76:f8:95:2e:df:a1: 6a:2a:bb:4f:44:f8:27:87:28:7b:00:1d:b7:5e:ce:e1:51:5e: 9f:fe:2c:83:72:95:47:f1:52:66:b7:b3:74:ea:82:71:d5:30: e9:b7:e7:b6:8d:ff:93:bf:38:81:75:2d:34:0c:e6:75:a9:1d: 15:57:e2:81:da:58:12:24:59:51:4f:f0:7a:8d:05:7b:11:7f: 73:91:d1:6f:d1:41:24:22:5f:1d:f3:d2:70:d0:bb:ec:59:8d: 31:12:8e:bb:cb:da:a5:90:49:75:79:18:59:f5:c7:65:51:88: c3:d9:dd:9b:b6:bc:1e:d7:ff:9e:0a:58:50:d9:28:37:d3:62: f4:aa:2b:ad:98:58:85:d5:28:e4:99:46:d1:ca:d5:42:ec:ca: bc:a5:f0:c8:8f:63:89:11:4d:74:1a:06:92:af:73:95:d9:88: eb:3d:96:de -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIcowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQ4RjhDNzUxOTQ4OEZG MkQwOTdDMDIxNEFBNjAxODQwOTMyOUU3NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDpbKUlJzwIhQJbTNb1macD5sBAT/fdm3mob5nKonF45L+if9w4 0vELsGbXgIF+Z0gEXvF898Xn8gvarqGk31haTWX2mWvAu6IT6B36UakZidyhx11Y Pjfuk3OIreSVe4Tri2FcDE82Y0nf34ZO1/o7ehF8hYDN2hLCTeOpQI/5Tm/lI9Dk iYQBuciyBv2BUKjS5XbdkGKWC9kKf66BPsjD/5PtZdEiJ3COb5cPUntbhcg2ySNp 0VLMTHmDt6ybJ5UntGy5AdVHu0C4Qku7sN5IS4Yr7RdsfY2iI9YnbaaJNirdnrpR JhA/xeUAviGSjfArylvzWc5zZ9JM0ds9Tr3vAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU2PjHUZSI/y0JfAIUqmAYQJMp52QwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvMlBqSFVaU0lfeTBK ZkFJVXFtQVlRSk1wNTJRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArS4mDANBgkqhkiG9w0BAQsFAAOCAQEAVPBBqBr10LHMy85sq0aG4Y7OyRHa c6XmlNRSIYYtNY0myJabDLvBTZZmxVIiIMeOYCjCjRR8PptMceZZTbsWs2Y+Vtrk VjbSvwUq6mnVRedxEWzhdviVLt+haiq7T0T4J4coewAdt17O4VFen/4sg3KVR/FS ZrezdOqCcdUw6bfnto3/k784gXUtNAzmdakdFVfigdpYEiRZUU/weo0FexF/c5HR b9FBJCJfHfPScNC77FmNMRKOu8vapZBJdXkYWfXHZVGIw9ndm7a8Htf/ngpYUNko N9Ni9KorrZhYhdUo5JlG0crVQuzKvKXwyI9jiRFNdBoGkq9zldmI6z2W3g== -----END CERTIFICATE-----Generated at Tue Oct 21 01:27:45 2025 by rpki-client