$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/6rNkEMwVU98JkGu3MkgIu3jrv90.roa File: 6rNkEMwVU98JkGu3MkgIu3jrv90.roa (raw, json) Hash identifier: 2nzkGKO/Q0izzXjrOG20ERt6zT+SkarGb275gWfb8Hg= Subject key identifier: EA:B3:64:10:CC:15:53:DF:09:90:6B:B7:32:48:08:BB:78:EB:BF:DD Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21CB Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/6rNkEMwVU98JkGu3MkgIu3jrv90.roa Signing time: Sat 13 Sep 2025 03:09:00 +0000 ROA not before: Sat 13 Sep 2025 03:09:00 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 138421 IP address blocks: 180.184.152.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 03:36:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8651 (0x21cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:00 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=EAB36410CC1553DF09906BB7324808BB78EBBFDD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:1d:b8:09:4f:85:44:8c:85:0e:d5:ad:e8:65: 19:3c:33:80:3f:e7:cb:7c:e2:f5:2a:df:69:cc:30: b0:59:c0:ea:23:6b:5b:11:a7:35:66:d6:a7:e8:a0: 4a:ae:6e:23:5e:50:b6:4c:0f:5a:b7:4b:56:72:8b: a0:f4:e0:c9:a6:d4:4a:8f:fe:9b:92:93:0f:b1:7d: 84:d8:cb:8f:ff:51:a6:ce:4f:9a:d7:a4:0c:d4:bd: 62:39:ab:47:d7:e4:97:03:44:7d:42:75:c2:c0:56: 12:4f:d7:ed:7e:42:a6:ea:91:f8:29:7a:44:49:f7: 67:ef:dd:15:43:1b:e8:a7:41:b6:91:85:f8:ae:5d: 37:ce:24:b9:84:44:d5:0f:b6:01:2c:46:90:47:12: 0e:68:2e:e8:c5:3b:1e:6e:dd:18:89:2c:5a:ee:6e: 55:44:f8:9a:a6:1a:45:cf:a4:c8:b2:3c:33:eb:4d: e4:c9:6b:96:55:87:47:35:1c:00:12:76:f6:05:43: 31:5b:a8:b0:40:56:72:0a:1f:97:77:7e:af:f9:21: 1e:aa:17:49:c1:b8:9d:6c:c2:83:22:b5:e1:f3:c3: 9c:80:b0:ee:0c:d5:f7:4f:57:b8:f2:ea:3c:b9:05: b5:77:b6:62:de:66:e8:b6:e7:63:3e:31:85:7d:70: b1:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:B3:64:10:CC:15:53:DF:09:90:6B:B7:32:48:08:BB:78:EB:BF:DD X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/6rNkEMwVU98JkGu3MkgIu3jrv90.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.152.0/22 Signature Algorithm: sha256WithRSAEncryption 44:5a:49:74:67:db:82:8c:04:c9:62:99:c4:36:5a:8c:70:0c: 02:12:06:29:74:b9:95:d6:19:3f:5c:72:a0:66:7c:6d:3b:f9: d2:3b:46:07:fe:a4:d1:f3:8b:c4:fb:c7:20:5d:66:39:40:69: 80:2e:29:b5:ac:6d:82:5d:9d:c9:a1:d3:35:71:b2:d6:88:01: 16:2d:16:58:0b:78:1f:bf:93:56:b2:dd:9c:a7:fb:1c:b7:70: 79:4c:08:6f:48:92:6d:30:d4:20:9d:43:78:b4:e6:15:22:71: f6:3b:15:ba:9d:59:46:66:2b:a2:74:fc:87:1d:39:04:40:74: 9b:39:33:5d:56:af:fd:1e:39:73:f8:11:3e:8a:0f:f6:8c:2f: cd:18:20:75:0b:e5:af:6d:58:90:1b:d0:6b:54:9b:9b:9d:c8: 39:77:51:21:85:59:0e:9b:5e:a0:d3:8e:52:ed:8a:ea:e4:86: a0:c4:21:32:38:2c:5b:4f:41:e2:4d:b0:d5:7c:11:fe:7e:99: 16:77:52:37:66:63:17:2f:d2:d8:7e:af:7b:55:03:08:c3:e0: de:f6:c6:03:37:54:83:83:04:a5:83:73:37:62:df:02:fd:db: 46:c5:2a:c7:56:cf:cd:60:f1:c2:e3:b8:2d:9d:f2:51:c0:1b: 1d:42:42:4e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIcswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEVBQjM2NDEwQ0MxNTUz REYwOTkwNkJCNzMyNDgwOEJCNzhFQkJGREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4HbgJT4VEjIUO1a3oZRk8M4A/58t84vUq32nMMLBZwOoja1sR pzVm1qfooEqubiNeULZMD1q3S1Zyi6D04Mmm1EqP/puSkw+xfYTYy4//UabOT5rX pAzUvWI5q0fX5JcDRH1CdcLAVhJP1+1+QqbqkfgpekRJ92fv3RVDG+inQbaRhfiu XTfOJLmERNUPtgEsRpBHEg5oLujFOx5u3RiJLFrublVE+JqmGkXPpMiyPDPrTeTJ a5ZVh0c1HAASdvYFQzFbqLBAVnIKH5d3fq/5IR6qF0nBuJ1swoMiteHzw5yAsO4M 1fdPV7jy6jy5BbV3tmLeZui252M+MYV9cLGpAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU6rNkEMwVU98JkGu3MkgIu3jrv90wHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvNnJOa0VNd1ZVOThK a0d1M01rZ0l1M2pydjkwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArS4mDANBgkqhkiG9w0BAQsFAAOCAQEARFpJdGfbgowEyWKZxDZajHAMAhIG KXS5ldYZP1xyoGZ8bTv50jtGB/6k0fOLxPvHIF1mOUBpgC4ptaxtgl2dyaHTNXGy 1ogBFi0WWAt4H7+TVrLdnKf7HLdweUwIb0iSbTDUIJ1DeLTmFSJx9jsVup1ZRmYr onT8hx05BEB0mzkzXVav/R45c/gRPooP9owvzRggdQvlr21YkBvQa1Sbm53IOXdR IYVZDpteoNOOUu2K6uSGoMQhMjgsW09B4k2w1XwR/n6ZFndSN2ZjFy/S2H6ve1UD CMPg3vbGAzdUg4MEpYNzN2LfAv3bRsUqx1bPzWDxwuO4LZ3yUcAbHUJCTg== -----END CERTIFICATE-----Generated at Tue Oct 21 01:21:45 2025 by rpki-client