$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/CfQDx2RPobQ8ei_G8oDyZOBbY6Q.roa File: CfQDx2RPobQ8ei_G8oDyZOBbY6Q.roa (raw, json) Hash identifier: k8NZo9u0YoK71vYenzVDhq4GHFw71niInyzuEbKMm90= Subject key identifier: 09:F4:03:C7:64:4F:A1:B4:3C:7A:2F:C6:F2:80:F2:64:E0:5B:63:A4 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21F8 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/CfQDx2RPobQ8ei_G8oDyZOBbY6Q.roa Signing time: Sat 13 Sep 2025 03:09:10 +0000 ROA not before: Sat 13 Sep 2025 03:09:10 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4811 IP address blocks: 14.103.72.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8696 (0x21f8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:10 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=09F403C7644FA1B43C7A2FC6F280F264E05B63A4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f5:d3:71:da:42:5c:98:67:cd:11:89:d0:1c: ab:48:1d:65:e7:47:c4:ac:2b:38:e7:b1:28:13:9d: 38:9e:97:7e:8c:88:51:93:25:bd:52:fd:a1:3c:e5: f7:fc:a2:b2:b2:f4:f5:de:25:e5:2f:d3:26:43:f9: 70:d6:99:86:de:b6:f1:5b:b6:a2:94:4b:3d:fd:54: 51:66:a9:f5:7c:51:86:cf:9a:74:23:ba:d5:2a:1a: a7:04:6a:48:16:15:45:5d:a0:be:0a:75:d3:16:a9: 91:cf:97:77:f5:8a:3c:35:a3:7b:d2:20:2f:c0:49: ef:ac:96:d7:6a:4b:bb:e2:0d:f3:3a:1e:9f:93:db: e8:61:c1:ea:c9:d8:bf:c1:a0:d0:ca:00:b6:12:80: 3a:8c:77:f2:11:7b:34:a4:29:1e:23:c0:6e:d7:3e: b0:c1:44:4c:2f:fb:24:ab:b7:6d:e3:30:d5:55:13: 6f:92:9d:63:b5:b6:d1:8d:0a:36:a4:6e:c1:42:8e: 6e:9e:a4:29:40:b0:5e:79:db:e4:46:18:19:ce:f5: 8f:35:97:2d:2b:a0:b8:64:d8:15:af:11:79:b8:6a: 55:b9:d3:3f:3e:69:42:f1:01:64:0d:4c:78:2c:ae: d9:fd:a6:80:10:d3:e7:dc:38:31:69:91:60:be:ac: 7d:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:F4:03:C7:64:4F:A1:B4:3C:7A:2F:C6:F2:80:F2:64:E0:5B:63:A4 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/CfQDx2RPobQ8ei_G8oDyZOBbY6Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 14.103.72.0/21 Signature Algorithm: sha256WithRSAEncryption 13:2f:b6:b6:5f:82:4b:38:d1:80:5e:27:88:d4:a4:09:5f:a6: dd:bf:3f:1a:12:c6:32:62:31:d6:04:0c:be:7a:14:74:70:fe: 71:99:83:48:0d:82:08:f6:51:f7:09:35:a4:e1:18:46:ee:9f: b4:97:4c:27:4a:b9:bb:e1:ec:de:a2:2a:82:14:53:ea:22:52: fb:c3:9f:9d:70:49:53:ff:1a:c7:8f:b9:4b:8b:5d:7e:8e:e6: 9a:81:cb:45:35:3b:28:0a:8f:64:58:57:1f:43:7b:1c:26:0f: e3:ab:35:5f:4c:34:c5:09:3f:96:8d:fc:f6:99:85:b7:37:83: 17:7e:26:a2:e8:7f:b9:c8:f3:df:cd:27:98:71:21:c8:61:d4: ae:b2:c2:98:35:5d:44:84:63:82:8e:79:fe:de:61:bf:07:b9: b2:93:b7:e5:7c:9f:fa:fc:3f:7e:f9:59:09:a1:54:07:3d:4e: 7e:3b:df:fa:fa:44:36:15:51:8c:fb:c9:b2:e9:b4:02:b4:30: 46:b9:fa:dc:67:97:4d:1f:60:6c:9f:82:42:91:6e:b0:35:c5: 72:5b:31:7f:5c:3c:6e:ca:99:0f:a8:e4:54:b9:36:27:04:d5: b6:7a:93:9b:04:e9:31:35:09:17:3b:a4:82:62:85:76:4d:1c: 64:5a:3c:5d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIfgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MTBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDA5RjQwM0M3NjQ0RkEx QjQzQzdBMkZDNkYyODBGMjY0RTA1QjYzQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC99dNx2kJcmGfNEYnQHKtIHWXnR8SsKzjnsSgTnTiel36MiFGT Jb1S/aE85ff8orKy9PXeJeUv0yZD+XDWmYbetvFbtqKUSz39VFFmqfV8UYbPmnQj utUqGqcEakgWFUVdoL4KddMWqZHPl3f1ijw1o3vSIC/ASe+sltdqS7viDfM6Hp+T 2+hhwerJ2L/BoNDKALYSgDqMd/IRezSkKR4jwG7XPrDBREwv+ySrt23jMNVVE2+S nWO1ttGNCjakbsFCjm6epClAsF552+RGGBnO9Y81ly0roLhk2BWvEXm4alW50z8+ aULxAWQNTHgsrtn9poAQ0+fcODFpkWC+rH3/AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUCfQDx2RPobQ8ei/G8oDyZOBbY6QwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvQ2ZRRHgyUlBvYlE4 ZWlfRzhvRHlaT0JiWTZRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAw5nSDANBgkqhkiG9w0BAQsFAAOCAQEAEy+2tl+CSzjRgF4niNSkCV+m3b8/ GhLGMmIx1gQMvnoUdHD+cZmDSA2CCPZR9wk1pOEYRu6ftJdMJ0q5u+Hs3qIqghRT 6iJS+8OfnXBJU/8ax4+5S4tdfo7mmoHLRTU7KAqPZFhXH0N7HCYP46s1X0w0xQk/ lo389pmFtzeDF34mouh/ucjz380nmHEhyGHUrrLCmDVdRIRjgo55/t5hvwe5spO3 5Xyf+vw/fvlZCaFUBz1Ofjvf+vpENhVRjPvJsum0ArQwRrn63GeXTR9gbJ+CQpFu sDXFclsxf1w8bsqZD6jkVLk2JwTVtnqTmwTpMTUJFzukgmKFdk0cZFo8XQ== -----END CERTIFICATE-----Generated at Mon Oct 20 16:22:28 2025 by rpki-client