$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/HVx6Ak2ORWLwurMuf8L8yw8FlTw.roa File: HVx6Ak2ORWLwurMuf8L8yw8FlTw.roa (raw, json) Hash identifier: ogRA8hiukAGwxntF9Pn5aum/qW8GiyuKPFXydsVpBG0= Subject key identifier: 1D:5C:7A:02:4D:8E:45:62:F0:BA:B3:2E:7F:C2:FC:CB:0F:05:95:3C Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21F1 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/HVx6Ak2ORWLwurMuf8L8yw8FlTw.roa Signing time: Sat 13 Sep 2025 03:09:08 +0000 ROA not before: Sat 13 Sep 2025 03:09:08 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 58542 IP address blocks: 180.184.24.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 03:36:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8689 (0x21f1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:08 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=1D5C7A024D8E4562F0BAB32E7FC2FCCB0F05953C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:f5:f0:5c:4f:e6:66:f9:b0:c7:39:4d:52:a7: 1d:7e:91:0e:44:6f:4a:ed:27:4a:5d:94:bd:7a:ee: 28:8f:31:f8:ef:a0:ba:c5:f3:ef:7d:3f:34:37:00: 0c:f4:0a:32:99:9e:bb:83:06:84:97:b4:d2:24:89: 5d:9c:a4:08:d4:de:e3:ab:8b:d8:38:d4:41:04:c1: 1b:92:c6:cb:3c:48:95:9b:21:5f:1e:21:d9:ac:93: bf:e0:4f:1b:3c:fd:75:da:67:d3:2c:52:e4:57:2c: 71:87:43:d1:23:46:1b:94:1a:54:a6:88:55:bb:a5: 81:62:a2:ba:b5:67:4e:e8:26:7b:37:ec:4f:49:c9: 08:c1:b6:96:cf:56:cb:e0:c2:90:35:dd:d1:e7:60: cb:2d:49:80:16:f1:d0:df:9d:8c:37:ee:d9:b7:c6: 01:0c:6b:c0:22:0c:ca:96:09:f9:0d:0e:e9:fb:ab: 9d:80:59:a9:46:aa:8b:4b:f2:72:27:93:ea:bc:02: 9d:ca:9e:8e:41:fb:1a:8d:09:21:9a:d3:05:09:80: b4:c4:d2:9d:4e:a4:85:3f:65:3b:db:ac:67:b3:08: de:11:19:49:9b:8d:f3:41:63:a8:b5:1c:b2:44:ba: 76:f6:c4:79:cd:4e:ee:cb:78:b8:7b:db:bc:eb:54: 72:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:5C:7A:02:4D:8E:45:62:F0:BA:B3:2E:7F:C2:FC:CB:0F:05:95:3C X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/HVx6Ak2ORWLwurMuf8L8yw8FlTw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.24.0/21 Signature Algorithm: sha256WithRSAEncryption 39:f5:8a:fc:04:9d:ee:cf:51:26:fd:2d:a9:2d:16:a0:72:19: f2:36:11:22:51:20:73:47:3a:38:c4:2e:2c:62:cd:45:5a:75: 7a:9a:f4:c5:01:ee:7e:18:41:d0:32:09:6c:4a:43:56:6a:29: 59:0b:6c:40:de:48:ab:4f:00:77:4e:c4:41:9f:a5:c2:9f:09: 99:ca:8d:62:eb:f2:11:4a:cd:2d:65:8d:c4:6b:da:c8:80:14: 5f:8b:7e:a5:03:e0:24:11:8a:96:c0:97:3f:63:37:72:39:23: 59:07:26:9a:96:45:4c:bd:8f:b9:3d:f4:3b:eb:7d:61:ec:cf: 0b:f9:cf:f3:89:b5:aa:39:c5:b0:67:f0:75:32:33:12:32:e5: 4f:8e:1b:92:8b:cd:aa:3a:c6:bb:e8:da:f1:8b:40:fb:42:66: 6e:61:f1:a0:65:06:28:b9:11:1e:57:9a:b5:cc:e6:51:fd:b5: b3:86:de:17:12:04:d5:13:ca:fb:85:bb:1f:c3:a9:1c:ff:08: b2:70:8b:64:a9:00:43:c6:ec:6b:5b:43:64:2e:25:76:e7:62: bd:17:1c:11:d2:e9:1b:e0:22:f7:62:d0:76:f2:29:6b:83:94: 5b:e8:e5:db:1d:3e:8d:76:73:41:e5:bc:bd:d1:7d:8d:87:c4: 19:7f:04:7d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIfEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDFENUM3QTAyNEQ4RTQ1 NjJGMEJBQjMyRTdGQzJGQ0NCMEYwNTk1M0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDH9fBcT+Zm+bDHOU1Spx1+kQ5Eb0rtJ0pdlL167iiPMfjvoLrF 8+99PzQ3AAz0CjKZnruDBoSXtNIkiV2cpAjU3uOri9g41EEEwRuSxss8SJWbIV8e Idmsk7/gTxs8/XXaZ9MsUuRXLHGHQ9EjRhuUGlSmiFW7pYFiorq1Z07oJns37E9J yQjBtpbPVsvgwpA13dHnYMstSYAW8dDfnYw37tm3xgEMa8AiDMqWCfkNDun7q52A WalGqotL8nInk+q8Ap3Kno5B+xqNCSGa0wUJgLTE0p1OpIU/ZTvbrGezCN4RGUmb jfNBY6i1HLJEunb2xHnNTu7LeLh727zrVHKvAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUHVx6Ak2ORWLwurMuf8L8yw8FlTwwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvSFZ4NkFrMk9SV0x3 dXJNdWY4TDh5dzhGbFR3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7S4GDANBgkqhkiG9w0BAQsFAAOCAQEAOfWK/ASd7s9RJv0tqS0WoHIZ8jYR IlEgc0c6OMQuLGLNRVp1epr0xQHufhhB0DIJbEpDVmopWQtsQN5Iq08Ad07EQZ+l wp8JmcqNYuvyEUrNLWWNxGvayIAUX4t+pQPgJBGKlsCXP2M3cjkjWQcmmpZFTL2P uT30O+t9YezPC/nP84m1qjnFsGfwdTIzEjLlT44bkovNqjrGu+ja8YtA+0JmbmHx oGUGKLkRHleatczmUf21s4beFxIE1RPK+4W7H8OpHP8IsnCLZKkAQ8bsa1tDZC4l dudivRccEdLpG+Ai92LQdvIpa4OUW+jl2x0+jXZzQeW8vdF9jYfEGX8EfQ== -----END CERTIFICATE-----Generated at Tue Oct 21 01:20:11 2025 by rpki-client