$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/H73cHR4ff5BfoDuHTKEK9stP98g.roa File: H73cHR4ff5BfoDuHTKEK9stP98g.roa (raw, json) Hash identifier: sdRzuzq31LeGj+B6OafwVVbnhvm65S77D0j6Nt/s8FE= Subject key identifier: 1F:BD:DC:1D:1E:1F:7F:90:5F:A0:3B:87:4C:A1:0A:F6:CB:4F:F7:C8 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21E1 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/H73cHR4ff5BfoDuHTKEK9stP98g.roa Signing time: Sat 13 Sep 2025 03:09:04 +0000 ROA not before: Sat 13 Sep 2025 03:09:04 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137718 IP address blocks: 115.190.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 08:36:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8673 (0x21e1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:04 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=1FBDDC1D1E1F7F905FA03B874CA10AF6CB4FF7C8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:c2:c1:c4:17:bc:dd:cd:7b:be:8e:ad:50:8c: 2c:69:fa:fb:de:5a:18:2f:6e:4b:cc:5e:2e:1f:4f: cb:a8:d6:80:5c:26:88:4b:21:ad:05:88:1b:47:2c: 2c:69:7b:84:e7:ba:74:7b:06:60:7d:f7:6a:ca:dd: 66:07:93:c2:92:f3:8a:43:78:cd:71:07:6c:a9:ad: b1:d8:d3:fb:6c:89:57:e3:58:38:13:e9:50:d7:d8: 0b:1a:b4:d8:26:dd:ac:cf:10:89:9e:2a:64:59:d7: 34:50:83:b2:09:b0:ed:28:68:3e:e3:bb:90:c0:1d: 12:ee:eb:ce:bc:56:df:ff:a3:40:90:31:8a:74:6d: 02:33:e1:6c:35:7f:1a:c6:f4:26:9d:13:43:50:dd: 85:21:8c:d5:7b:1d:3e:d1:d8:6a:f0:db:8b:4a:f4: 49:8f:4f:36:e6:ff:92:44:c1:e5:e5:72:d4:22:01: 07:49:a4:c8:9a:38:aa:d0:28:c8:9f:b6:e3:7a:be: 54:6b:82:5f:49:00:14:bd:1c:95:bd:6d:43:6b:c1: 9e:42:df:23:63:b3:85:ff:36:55:b0:3c:52:4b:4f: 1b:2d:89:7c:de:f8:fc:69:5c:d0:aa:7f:9d:a6:c4: 8a:94:e9:ec:01:3d:c3:46:17:c6:7a:bc:66:27:29: 4f:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:BD:DC:1D:1E:1F:7F:90:5F:A0:3B:87:4C:A1:0A:F6:CB:4F:F7:C8 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/H73cHR4ff5BfoDuHTKEK9stP98g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.190.0.0/15 Signature Algorithm: sha256WithRSAEncryption 3d:3b:8f:9f:a0:6e:ab:70:c6:2a:c8:c9:2b:e8:3f:03:ae:bf: d1:f5:81:a5:cb:2d:03:69:06:bf:df:f6:19:26:50:f0:34:4d: bd:a9:e6:e0:cb:41:b6:ef:72:37:b8:d4:71:47:51:70:6e:71: b8:e0:cc:fb:54:0e:38:10:4e:8d:21:b5:3e:54:26:e0:59:73: aa:e0:49:73:a9:c7:fe:02:45:24:9a:da:71:8e:8d:a5:b1:10: ad:0d:b2:81:a7:ca:d4:db:54:20:37:b2:55:86:67:3a:c8:20: 18:c2:f6:24:c8:c1:3a:21:8f:0e:0a:f4:da:d2:36:21:6e:64: 59:37:20:db:e7:fc:27:ce:78:0c:7a:06:17:3d:50:49:27:c5: d4:12:83:f1:09:a6:3f:16:b1:7b:eb:9a:aa:85:e9:ec:e1:cf: 03:b2:b7:b4:ec:c3:ec:c2:f6:48:93:85:3e:86:93:fc:34:58: 39:ce:28:2e:a8:a8:50:04:0c:ff:a3:7e:5c:ad:a9:49:cf:db: b9:8a:98:d7:57:b3:76:7a:52:65:21:94:7b:06:a8:1b:2f:4c: 44:e2:cc:14:ec:63:f2:47:c0:8d:50:bb:fe:4a:3a:6e:3a:78: 6e:04:6c:cb:97:bc:b6:fc:59:db:46:aa:4f:a8:a6:c7:e4:ca: 0d:f4:1d:93 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICIeEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDFGQkREQzFEMUUxRjdG OTA1RkEwM0I4NzRDQTEwQUY2Q0I0RkY3QzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNwsHEF7zdzXu+jq1QjCxp+vveWhgvbkvMXi4fT8uo1oBcJohL Ia0FiBtHLCxpe4TnunR7BmB992rK3WYHk8KS84pDeM1xB2yprbHY0/tsiVfjWDgT 6VDX2AsatNgm3azPEImeKmRZ1zRQg7IJsO0oaD7ju5DAHRLu6868Vt//o0CQMYp0 bQIz4Ww1fxrG9CadE0NQ3YUhjNV7HT7R2Grw24tK9EmPTzbm/5JEweXlctQiAQdJ pMiaOKrQKMiftuN6vlRrgl9JABS9HJW9bUNrwZ5C3yNjs4X/NlWwPFJLTxstiXze +PxpXNCqf52mxIqU6ewBPcNGF8Z6vGYnKU9rAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUH73cHR4ff5BfoDuHTKEK9stP98gwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvSDczY0hSNGZmNUJm b0R1SFRLRUs5c3RQOThnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw BQMDAXO+MA0GCSqGSIb3DQEBCwUAA4IBAQA9O4+foG6rcMYqyMkr6D8Drr/R9YGl yy0DaQa/3/YZJlDwNE29qebgy0G273I3uNRxR1FwbnG44Mz7VA44EE6NIbU+VCbg WXOq4Elzqcf+AkUkmtpxjo2lsRCtDbKBp8rU21QgN7JVhmc6yCAYwvYkyME6IY8O CvTa0jYhbmRZNyDb5/wnzngMegYXPVBJJ8XUEoPxCaY/FrF765qqhens4c8Dsre0 7MPswvZIk4U+hpP8NFg5ziguqKhQBAz/o35cralJz9u5ipjXV7N2elJlIZR7Bqgb L0xE4swU7GPyR8CNULv+SjpuOnhuBGzLl7y2/FnbRqpPqKbH5MoN9B2T -----END CERTIFICATE-----Generated at Tue Oct 21 06:16:09 2025 by rpki-client