$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/ITJ-lclbGVbML0R7d-vK6Sq2_uI.roa File: ITJ-lclbGVbML0R7d-vK6Sq2_uI.roa (raw, json) Hash identifier: YESApjrIqSBLUbBkcmKarI8NcsIat2JW6xmNWcbNiEY= Subject key identifier: 21:32:7E:95:C9:5B:19:56:CC:2F:44:7B:77:EB:CA:E9:2A:B6:FE:E2 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21E4 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/ITJ-lclbGVbML0R7d-vK6Sq2_uI.roa Signing time: Sat 13 Sep 2025 03:09:05 +0000 ROA not before: Sat 13 Sep 2025 03:09:05 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137718 IP address blocks: 180.184.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 03:36:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8676 (0x21e4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:05 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=21327E95C95B1956CC2F447B77EBCAE92AB6FEE2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:b5:e1:0f:48:a7:8f:46:2e:7d:4d:c4:8a:05: 1e:41:cb:93:44:df:e8:8c:17:2a:0d:6d:ae:89:4e: 54:e7:a5:c1:8a:f2:39:43:28:94:d8:f6:d9:b8:5f: c2:10:e4:f7:76:d5:87:81:c8:22:38:33:46:75:a9: 3a:7a:00:a3:a6:e0:64:e8:67:c0:b8:6e:6b:93:66: cd:69:3c:bb:bd:bc:fa:b1:15:df:90:f0:b7:7a:b4: 1e:23:83:57:e7:a5:24:c7:27:01:a8:b4:5c:f6:2d: cc:61:40:ae:fa:9c:83:bd:58:9d:d9:ae:7d:00:6d: fb:ca:28:e2:9d:e8:90:7f:f6:23:68:a4:93:e6:c7: 2a:cb:03:98:d5:88:df:33:f1:f7:c8:dd:12:a8:12: 7b:87:db:83:c6:34:6c:6e:61:91:35:36:9d:7a:41: d7:f9:7f:1f:1a:83:1c:40:a0:21:e2:4d:cd:1d:43: 03:2e:29:5b:fa:5a:32:38:33:b4:14:5c:67:70:75: 2a:21:34:ae:41:cf:3d:8b:69:59:f0:df:f1:cb:e5: ea:27:d2:da:01:30:22:84:66:b2:fa:d1:ee:64:e8: 07:fd:e9:c1:af:82:e2:8b:55:d6:52:03:d3:30:f3: f3:61:32:24:02:dc:51:e2:b5:78:85:f5:98:1a:6f: 45:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:32:7E:95:C9:5B:19:56:CC:2F:44:7B:77:EB:CA:E9:2A:B6:FE:E2 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/ITJ-lclbGVbML0R7d-vK6Sq2_uI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.0.0/16 Signature Algorithm: sha256WithRSAEncryption 00:c6:a0:ff:a0:74:ab:6d:c2:19:a8:31:cb:69:00:b0:71:30: 14:2e:e1:ac:77:8b:07:94:7d:19:12:b1:a2:1f:e6:62:e5:cb: 44:8e:b6:09:8f:4a:6c:95:ba:0f:ce:88:c1:a3:f3:c9:00:23: 5b:f3:62:95:55:83:d9:69:cb:65:52:f1:b3:b5:1e:56:ee:95: aa:02:7c:9d:a9:0a:bc:7f:14:a4:7f:c0:4e:8e:07:70:70:bb: 49:f5:44:88:1b:a1:f1:81:62:40:0a:5b:1e:3a:d0:e4:38:be: 75:13:97:0d:5f:08:1a:54:c1:52:77:c3:c2:f9:39:03:b8:cb: 4b:4d:3e:79:6c:9d:4a:d7:92:3b:4f:0d:40:e6:a9:ff:05:21: 0c:c4:5e:3c:b0:a4:77:ca:1c:dc:5b:a4:5e:d3:b1:ce:62:0d: 67:29:75:37:3c:0f:2e:9b:53:d6:6c:19:f6:da:fd:15:6f:2b: f2:ee:4b:34:9a:9b:e4:2a:b0:c8:8b:89:37:b2:4f:ce:57:79: c6:2e:b9:36:6b:27:85:cc:43:a4:95:86:80:f6:3e:00:a0:78: 63:37:96:17:af:fe:45:0f:65:f4:14:d0:37:3d:58:06:76:e8: 69:a1:f3:a7:bc:a5:47:57:e2:2a:64:d9:93:34:ea:82:93:4d: 53:91:cb:45 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICIeQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDIxMzI3RTk1Qzk1QjE5 NTZDQzJGNDQ3Qjc3RUJDQUU5MkFCNkZFRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2teEPSKePRi59TcSKBR5By5NE3+iMFyoNba6JTlTnpcGK8jlD KJTY9tm4X8IQ5Pd21YeByCI4M0Z1qTp6AKOm4GToZ8C4bmuTZs1pPLu9vPqxFd+Q 8Ld6tB4jg1fnpSTHJwGotFz2LcxhQK76nIO9WJ3Zrn0AbfvKKOKd6JB/9iNopJPm xyrLA5jViN8z8ffI3RKoEnuH24PGNGxuYZE1Np16Qdf5fx8agxxAoCHiTc0dQwMu KVv6WjI4M7QUXGdwdSohNK5Bzz2LaVnw3/HL5eon0toBMCKEZrL60e5k6Af96cGv guKLVdZSA9Mw8/NhMiQC3FHitXiF9Zgab0VdAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUITJ+lclbGVbML0R7d+vK6Sq2/uIwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvSVRKLWxjbGJHVmJN TDBSN2Qtdks2U3EyX3VJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw BQMDALS4MA0GCSqGSIb3DQEBCwUAA4IBAQAAxqD/oHSrbcIZqDHLaQCwcTAULuGs d4sHlH0ZErGiH+Zi5ctEjrYJj0pslboPzojBo/PJACNb82KVVYPZactlUvGztR5W 7pWqAnydqQq8fxSkf8BOjgdwcLtJ9USIG6HxgWJAClseOtDkOL51E5cNXwgaVMFS d8PC+TkDuMtLTT55bJ1K15I7Tw1A5qn/BSEMxF48sKR3yhzcW6Re07HOYg1nKXU3 PA8um1PWbBn22v0Vbyvy7ks0mpvkKrDIi4k3sk/OV3nGLrk2ayeFzEOklYaA9j4A oHhjN5YXr/5FD2X0FNA3PVgGduhpofOnvKVHV+IqZNmTNOqCk01TkctF -----END CERTIFICATE-----Generated at Tue Oct 21 01:08:07 2025 by rpki-client