$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/CrIFnN0NEgKCMYmOJQwvOsAXVbk.roa File: CrIFnN0NEgKCMYmOJQwvOsAXVbk.roa (raw, json) Hash identifier: EJnrpL3EcnjXhSbmqpd0W5EcUoKt7cGvCRuBMaCdot0= Subject key identifier: 0A:B2:05:9C:DD:0D:12:02:82:31:89:8E:25:0C:2F:3A:C0:17:55:B9 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21D7 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/CrIFnN0NEgKCMYmOJQwvOsAXVbk.roa Signing time: Sat 13 Sep 2025 03:09:02 +0000 ROA not before: Sat 13 Sep 2025 03:09:02 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4811 IP address blocks: 14.103.24.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8663 (0x21d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:02 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=0AB2059CDD0D12028231898E250C2F3AC01755B9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:7e:01:64:74:18:d8:ac:13:d6:8a:a4:c7:f2: 4a:85:fe:1b:eb:1b:ee:e6:02:45:c8:a5:f5:84:42: 21:c9:de:0e:1e:d6:4e:52:21:33:f0:84:24:fa:11: fc:8d:28:65:db:8d:23:be:4c:da:22:4f:16:8e:a5: f9:73:e0:56:c2:41:d6:b7:b5:90:f8:0d:65:3b:d3: 61:b4:70:22:fd:87:87:5d:97:da:10:47:05:4e:c1: 41:4a:df:2c:db:d4:db:cb:ad:05:f0:2c:5f:32:b0: 20:35:3c:08:ae:99:5a:8f:01:ea:d2:3f:e8:35:bd: b1:9a:5a:65:a2:0a:fd:87:e8:86:dd:b3:6a:f9:60: 31:c9:b6:fe:4e:7d:fa:15:b5:41:a2:0a:13:c4:82: 71:3e:bd:24:b3:d8:cd:c7:1c:80:98:f8:b3:4e:53: d2:38:95:03:2e:6a:d9:b3:8f:ca:56:22:65:87:99: 74:9e:f4:be:09:30:f5:75:48:82:9a:73:59:2e:9d: 1a:57:d1:56:84:4a:30:c1:e9:54:97:57:0f:5d:e4: c6:74:4f:ab:99:c2:d4:e7:ec:b2:e6:e5:28:c6:13: 91:1d:cb:4d:13:50:48:fd:7c:5b:80:7a:0a:f5:23: 30:54:09:ae:a3:55:58:33:5d:9c:92:f2:8c:43:ca: 2b:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:B2:05:9C:DD:0D:12:02:82:31:89:8E:25:0C:2F:3A:C0:17:55:B9 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/CrIFnN0NEgKCMYmOJQwvOsAXVbk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 14.103.24.0/21 Signature Algorithm: sha256WithRSAEncryption 71:0c:af:27:e4:82:b7:23:17:8e:b5:40:e8:2d:b6:fd:e2:4b: b7:ac:7d:9b:7c:cf:24:c6:03:96:87:e8:4a:ee:11:cf:5a:ee: 2c:2a:18:a5:46:2e:a4:d9:27:3d:26:33:5c:93:8b:fb:56:bc: b1:06:75:62:06:56:36:04:e8:94:84:1a:18:17:11:b1:27:bc: 5e:ae:7b:a7:bc:39:2a:f5:f3:7b:da:6a:b6:45:b6:98:e5:82: 73:f8:4d:de:f5:b6:a5:38:75:29:a6:f6:20:c1:fb:14:56:1f: 72:75:5a:c3:67:04:f8:89:2d:85:42:be:f7:f4:ea:ba:b6:f3: 7e:6b:37:58:84:b1:6d:cf:43:fd:1e:0d:59:89:eb:d4:13:31: de:66:47:57:aa:15:3e:b9:ac:83:9d:a8:be:cb:e6:3e:0e:b6: b0:be:96:93:e3:6d:3f:49:af:d0:49:e8:81:d0:48:23:ab:5c: 81:4e:4c:c2:00:80:9a:2b:6d:35:cd:5c:d7:ea:73:0a:50:2a: cb:55:8c:eb:21:05:a6:bd:1d:c2:c4:06:3e:32:d2:52:0c:23: 02:98:19:d3:25:c9:6e:16:d3:0e:ea:a6:51:c5:aa:7a:c0:48: c2:7a:6e:de:81:cd:ea:fc:90:97:b2:1a:98:8f:6c:9f:ad:eb: 62:a5:aa:e2 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIdcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDBBQjIwNTlDREQwRDEy MDI4MjMxODk4RTI1MEMyRjNBQzAxNzU1QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyfgFkdBjYrBPWiqTH8kqF/hvrG+7mAkXIpfWEQiHJ3g4e1k5S ITPwhCT6EfyNKGXbjSO+TNoiTxaOpflz4FbCQda3tZD4DWU702G0cCL9h4ddl9oQ RwVOwUFK3yzb1NvLrQXwLF8ysCA1PAiumVqPAerSP+g1vbGaWmWiCv2H6Ibds2r5 YDHJtv5OffoVtUGiChPEgnE+vSSz2M3HHICY+LNOU9I4lQMuatmzj8pWImWHmXSe 9L4JMPV1SIKac1kunRpX0VaESjDB6VSXVw9d5MZ0T6uZwtTn7LLm5SjGE5Edy00T UEj9fFuAegr1IzBUCa6jVVgzXZyS8oxDyiuLAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUCrIFnN0NEgKCMYmOJQwvOsAXVbkwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvQ3JJRm5OME5FZ0tD TVltT0pRd3ZPc0FYVmJrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAw5nGDANBgkqhkiG9w0BAQsFAAOCAQEAcQyvJ+SCtyMXjrVA6C22/eJLt6x9 m3zPJMYDlofoSu4Rz1ruLCoYpUYupNknPSYzXJOL+1a8sQZ1YgZWNgTolIQaGBcR sSe8Xq57p7w5KvXze9pqtkW2mOWCc/hN3vW2pTh1Kab2IMH7FFYfcnVaw2cE+Ikt hUK+9/Tqurbzfms3WISxbc9D/R4NWYnr1BMx3mZHV6oVPrmsg52ovsvmPg62sL6W k+NtP0mv0EnogdBII6tcgU5MwgCAmittNc1c1+pzClAqy1WM6yEFpr0dwsQGPjLS UgwjApgZ0yXJbhbTDuqmUcWqesBIwnpu3oHN6vyQl7IamI9sn63rYqWq4g== -----END CERTIFICATE-----Generated at Mon Oct 20 16:22:30 2025 by rpki-client