$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/JTLwElYIefHasWXqYuKR3EWN7bY.roa File: JTLwElYIefHasWXqYuKR3EWN7bY.roa (raw, json) Hash identifier: venSy3U5aHWSeY4DFKqNueACcmsfh1BCVAU799UyEeg= Subject key identifier: 25:32:F0:12:56:08:79:F1:DA:B1:65:EA:62:E2:91:DC:45:8D:ED:B6 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21F5 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/JTLwElYIefHasWXqYuKR3EWN7bY.roa Signing time: Sat 13 Sep 2025 03:09:09 +0000 ROA not before: Sat 13 Sep 2025 03:09:09 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 138421 IP address blocks: 180.184.144.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8693 (0x21f5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:09 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2532F012560879F1DAB165EA62E291DC458DEDB6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:c8:dd:7a:72:34:0b:d6:21:24:14:aa:9b:ca: ad:5c:34:8e:62:f9:86:53:d1:04:22:b6:01:3e:d4: 6d:b7:6e:77:a7:0b:8a:47:50:36:21:8f:8c:06:c8: 9c:68:96:8f:d5:0c:a7:b8:ff:c3:6d:41:02:39:0e: d8:48:33:ca:e5:d9:12:bb:8d:91:7e:cb:65:bb:0b: 06:17:be:f6:0a:84:7a:22:16:93:cd:9a:27:68:6c: f7:af:fc:10:e8:f3:72:3c:41:2a:63:ab:45:8a:f0: a3:e9:73:85:95:95:bf:17:9b:b4:1d:8c:29:b4:d9: 9b:04:01:82:6f:9c:d1:39:e3:0f:af:f1:cd:ca:02: 39:72:cf:ff:ce:42:8e:f4:8a:05:5f:c4:16:e3:60: 89:f3:aa:bf:6a:8d:b4:40:d0:ad:e9:63:84:87:d8: e4:c5:eb:6c:63:b9:82:03:11:69:6b:6c:fa:5e:c6: a8:6f:25:70:56:0c:3b:65:8f:ac:d3:b5:9c:b1:76: d3:ee:0b:96:96:f5:45:58:3a:80:2b:20:52:9b:da: 65:d7:df:fa:44:f0:9e:ab:d2:38:77:cc:c7:da:a1: 79:a0:73:b8:88:dd:c2:76:97:78:b4:ba:cc:85:4e: d8:6b:ba:0d:54:0c:0a:04:ec:c0:9e:4f:9d:37:14: a8:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:32:F0:12:56:08:79:F1:DA:B1:65:EA:62:E2:91:DC:45:8D:ED:B6 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/JTLwElYIefHasWXqYuKR3EWN7bY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.144.0/21 Signature Algorithm: sha256WithRSAEncryption 27:af:ad:e2:2c:2a:31:12:03:9d:6a:d2:34:d2:6b:f2:51:67: a6:60:98:4b:f8:27:61:22:cf:4d:3e:8f:ae:4e:64:33:f3:74: c8:2a:b9:5d:2e:1f:5e:58:7f:4e:bc:81:c9:fc:97:36:16:60: 98:17:23:47:f6:d2:88:91:a2:07:2c:6a:ad:75:63:59:ae:32: 60:04:1f:e2:43:24:76:9a:d9:5a:61:be:14:73:a2:56:74:35: 73:c7:86:cc:ad:ae:69:89:87:a5:3f:21:81:3f:d3:d3:e8:62: 22:b0:3f:7d:06:35:ca:33:61:82:8b:a7:f8:f7:d5:70:05:d2: d6:81:21:8e:9e:ac:83:34:64:f1:dc:3a:d7:5b:d3:93:b4:d4: 20:da:62:1d:4d:0a:f0:38:a7:14:68:18:31:ee:a0:0f:14:a0: 17:03:5e:c3:4e:5a:e9:ab:e0:9c:83:33:3b:2b:e8:b6:7c:37: 8f:9a:b9:ce:38:0a:4b:ff:90:18:a8:8e:dc:6c:df:6b:eb:11: 7b:39:03:3c:f5:aa:8b:d9:b9:21:d8:33:f9:11:bd:79:09:bd: f9:0b:d9:16:a0:89:06:52:ea:57:e3:85:20:15:8e:b0:d0:5c: 14:e6:2b:dc:c4:d1:c4:02:99:df:db:7e:05:5b:cb:77:59:69: 4d:d6:b1:2c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIfUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDI1MzJGMDEyNTYwODc5 RjFEQUIxNjVFQTYyRTI5MURDNDU4REVEQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDhyN16cjQL1iEkFKqbyq1cNI5i+YZT0QQitgE+1G23bnenC4pH UDYhj4wGyJxolo/VDKe4/8NtQQI5DthIM8rl2RK7jZF+y2W7CwYXvvYKhHoiFpPN midobPev/BDo83I8QSpjq0WK8KPpc4WVlb8Xm7QdjCm02ZsEAYJvnNE54w+v8c3K Ajlyz//OQo70igVfxBbjYInzqr9qjbRA0K3pY4SH2OTF62xjuYIDEWlrbPpexqhv JXBWDDtlj6zTtZyxdtPuC5aW9UVYOoArIFKb2mXX3/pE8J6r0jh3zMfaoXmgc7iI 3cJ2l3i0usyFTthrug1UDAoE7MCeT503FKjXAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUJTLwElYIefHasWXqYuKR3EWN7bYwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvSlRMd0VsWUllZkhh c1dYcVl1S1IzRVdON2JZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7S4kDANBgkqhkiG9w0BAQsFAAOCAQEAJ6+t4iwqMRIDnWrSNNJr8lFnpmCY S/gnYSLPTT6Prk5kM/N0yCq5XS4fXlh/TryByfyXNhZgmBcjR/bSiJGiByxqrXVj Wa4yYAQf4kMkdprZWmG+FHOiVnQ1c8eGzK2uaYmHpT8hgT/T0+hiIrA/fQY1yjNh goun+PfVcAXS1oEhjp6sgzRk8dw611vTk7TUINpiHU0K8DinFGgYMe6gDxSgFwNe w05a6avgnIMzOyvotnw3j5q5zjgKS/+QGKiO3Gzfa+sRezkDPPWqi9m5Idgz+RG9 eQm9+QvZFqCJBlLqV+OFIBWOsNBcFOYr3MTRxAKZ39t+BVvLd1lpTdaxLA== -----END CERTIFICATE-----Generated at Mon Oct 20 22:38:01 2025 by rpki-client