$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/DjYhqm8XNcgCYNb0ewnkzzwsjwE.roa File: DjYhqm8XNcgCYNb0ewnkzzwsjwE.roa (raw, json) Hash identifier: bjV2xZw8SGNl9hlijZaSib/E1EOVGdGdF9Ied8Qr6GM= Subject key identifier: 0E:36:21:AA:6F:17:35:C8:02:60:D6:F4:7B:09:E4:CF:3C:2C:8F:01 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21E5 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/DjYhqm8XNcgCYNb0ewnkzzwsjwE.roa Signing time: Sat 13 Sep 2025 03:09:05 +0000 ROA not before: Sat 13 Sep 2025 03:09:05 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4811 IP address blocks: 14.103.16.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8677 (0x21e5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:05 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=0E3621AA6F1735C80260D6F47B09E4CF3C2C8F01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:49:61:d1:23:dd:a2:dd:43:94:bb:00:48:d9: 7a:5d:8a:d0:ea:b0:4c:4b:ed:17:8f:2d:9c:4e:52: 84:96:1b:8a:64:87:13:4b:87:06:24:fb:2d:77:47: 75:51:05:c8:56:20:4b:9f:a6:fb:c2:79:74:55:e0: d8:fc:b5:7f:02:d5:fa:6d:15:04:17:d9:13:60:db: 5c:01:c0:ba:b3:c3:9f:3c:84:ae:a7:18:62:ec:3e: ef:d6:07:4b:73:ef:63:8b:66:f1:4e:64:a4:42:9f: a3:79:bc:92:cd:a2:0e:69:e8:fa:44:f7:13:d7:f7: 60:d5:27:b1:f0:4c:ff:aa:42:48:4e:df:a5:01:7f: ba:60:28:8f:63:1c:2e:54:22:c5:3e:cd:f7:78:8c: 67:dc:a1:3a:28:2c:a3:1a:c2:af:a4:47:3e:34:63: fb:9b:18:31:f0:24:2f:e5:17:1e:92:c6:8d:3a:f8: 2b:56:8f:a3:03:cc:2d:b8:70:83:09:9a:de:a8:98: 4b:6a:1c:af:ed:ec:89:4f:ce:06:48:c3:bc:84:18: ae:ae:1b:66:bc:3c:f3:3a:6e:0d:c2:bb:3d:62:3f: 9f:70:a9:ef:ac:b1:52:8e:0e:eb:ea:c2:37:f2:18: 3f:9b:b3:0d:16:fe:3d:a5:71:c5:b3:35:f9:4a:e6: d5:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:36:21:AA:6F:17:35:C8:02:60:D6:F4:7B:09:E4:CF:3C:2C:8F:01 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/DjYhqm8XNcgCYNb0ewnkzzwsjwE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 14.103.16.0/21 Signature Algorithm: sha256WithRSAEncryption 09:48:65:ab:0e:d4:25:68:13:aa:ab:d3:a3:9b:a3:40:bb:ce: 84:9f:f4:bb:ae:54:83:8e:dc:31:84:e7:ea:5a:77:09:9f:cb: 5d:0f:0e:7f:71:2a:ab:53:72:ba:c3:9c:e4:9e:3a:02:07:a0: cf:d6:c9:29:1b:15:f8:8c:d7:33:55:ad:ad:b9:35:e5:30:25: e5:e0:ee:8c:c7:b8:33:97:f3:5f:03:2d:95:03:aa:87:71:53: 31:25:ab:88:6c:9d:bc:3f:bf:d6:34:40:f6:58:53:55:f8:e6: f6:48:89:a8:0e:70:7a:f3:65:25:3d:54:e8:d5:50:eb:61:30: 5e:a6:b6:57:b2:9e:ee:a7:bf:ce:8d:c5:74:b6:90:a6:77:01: b1:8b:4d:c9:fb:40:fb:49:3b:43:08:d9:40:9d:f7:01:04:48: 45:9a:c2:3e:14:26:2b:03:19:6f:7b:17:90:3e:f5:02:49:1d: 98:2c:11:24:0d:8d:4f:89:30:91:c4:78:11:31:9a:0e:24:5a: 4f:f2:f0:06:ca:4b:eb:58:1f:16:46:c9:4b:cc:77:02:89:21: 81:e7:e1:c2:18:52:1d:7b:02:14:a4:55:59:e5:36:e3:e6:0d: b1:cb:c9:10:b7:ab:39:f7:e7:63:be:dd:a2:44:59:19:e0:03: f2:b2:f8:4c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIeUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDBFMzYyMUFBNkYxNzM1 QzgwMjYwRDZGNDdCMDlFNENGM0MyQzhGMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDiSWHRI92i3UOUuwBI2XpditDqsExL7RePLZxOUoSWG4pkhxNL hwYk+y13R3VRBchWIEufpvvCeXRV4Nj8tX8C1fptFQQX2RNg21wBwLqzw588hK6n GGLsPu/WB0tz72OLZvFOZKRCn6N5vJLNog5p6PpE9xPX92DVJ7HwTP+qQkhO36UB f7pgKI9jHC5UIsU+zfd4jGfcoTooLKMawq+kRz40Y/ubGDHwJC/lFx6Sxo06+CtW j6MDzC24cIMJmt6omEtqHK/t7IlPzgZIw7yEGK6uG2a8PPM6bg3Cuz1iP59wqe+s sVKODuvqwjfyGD+bsw0W/j2lccWzNflK5tV9AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUDjYhqm8XNcgCYNb0ewnkzzwsjwEwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvRGpZaHFtOFhOY2dD WU5iMGV3bmt6endzandFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAw5nEDANBgkqhkiG9w0BAQsFAAOCAQEACUhlqw7UJWgTqqvTo5ujQLvOhJ/0 u65Ug47cMYTn6lp3CZ/LXQ8Of3Eqq1NyusOc5J46Agegz9bJKRsV+IzXM1Wtrbk1 5TAl5eDujMe4M5fzXwMtlQOqh3FTMSWriGydvD+/1jRA9lhTVfjm9kiJqA5wevNl JT1U6NVQ62EwXqa2V7Ke7qe/zo3FdLaQpncBsYtNyftA+0k7QwjZQJ33AQRIRZrC PhQmKwMZb3sXkD71AkkdmCwRJA2NT4kwkcR4ETGaDiRaT/LwBspL61gfFkbJS8x3 AokhgefhwhhSHXsCFKRVWeU24+YNscvJELerOffnY77dokRZGeAD8rL4TA== -----END CERTIFICATE-----Generated at Mon Oct 20 16:22:26 2025 by rpki-client