$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/PFpWuw1FyFC_eFCQM3ElExbhB4g.roa File: PFpWuw1FyFC_eFCQM3ElExbhB4g.roa (raw, json) Hash identifier: jmAU+kkp/hPuZnDLgL3JVMM3MVDo1sRvGZwWNwf+lv4= Subject key identifier: 3C:5A:56:BB:0D:45:C8:50:BF:78:50:90:33:71:25:13:16:E1:07:88 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21E2 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/PFpWuw1FyFC_eFCQM3ElExbhB4g.roa Signing time: Sat 13 Sep 2025 03:09:04 +0000 ROA not before: Sat 13 Sep 2025 03:09:04 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4811 IP address blocks: 101.126.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8674 (0x21e2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:04 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3C5A56BB0D45C850BF7850903371251316E10788 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:1b:c9:07:68:e7:3a:56:af:9b:29:fd:c5:e4: 89:ef:ab:0b:7c:bd:d4:29:e4:b3:b1:57:f8:89:c2: 3e:55:65:57:b9:1c:ba:bb:4b:c4:f9:c4:b0:ec:8b: 49:0c:d3:df:f3:a6:d6:7e:79:56:17:48:47:cf:92: 65:99:b7:f5:5a:5e:44:6c:fe:20:b5:5a:82:87:5a: be:97:64:05:40:f8:80:12:1d:d7:bb:9c:82:df:4a: 48:dc:57:d0:9c:15:b5:0c:ee:fd:51:59:3a:7b:7f: 77:df:c0:4d:73:d0:96:53:c2:55:d6:ca:3c:94:df: 63:cc:f9:8e:04:bd:1a:9d:65:da:f0:da:6e:83:9b: 56:86:15:9b:f8:07:33:48:b6:bc:7e:ce:74:76:35: 04:5c:82:7f:7d:fa:1f:0c:5a:2a:e9:11:e6:3a:7d: e0:a8:59:e0:49:f7:3f:4c:1f:52:4b:ab:96:63:8a: 86:56:b9:8c:4e:2a:f5:d4:d7:d2:b7:a6:9f:af:69: f1:2a:f1:43:1e:8e:6e:f9:ae:b4:0c:1d:ae:ed:ad: 5e:bb:fe:06:5e:36:5c:c2:3d:f1:8b:50:64:c7:6c: f2:57:56:0e:45:fe:57:69:d9:a2:ca:ed:3d:41:70: 6e:2e:37:d0:3b:ad:d0:bc:a0:b9:ab:39:63:40:89: d5:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:5A:56:BB:0D:45:C8:50:BF:78:50:90:33:71:25:13:16:E1:07:88 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/PFpWuw1FyFC_eFCQM3ElExbhB4g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.126.0.0/16 Signature Algorithm: sha256WithRSAEncryption 57:7a:fa:8e:3d:9a:10:99:5c:f8:ad:9f:59:13:7a:c8:84:71: f4:18:84:28:30:15:b5:36:09:5a:a1:b8:24:20:55:7a:fc:c7: e2:80:95:c1:3c:60:1e:55:a8:c9:9c:28:d5:de:66:44:de:ad: 07:2a:57:48:47:10:18:38:40:e4:d1:32:4c:32:5f:f1:aa:8a: 30:91:f1:a5:e2:c3:a1:4e:9b:f7:2c:37:d1:0d:0d:c5:fc:30: d0:e8:35:b4:c2:63:81:95:b9:01:82:e2:5e:90:23:ff:72:d0: 40:81:ca:e0:2c:cf:fd:76:23:63:c3:66:5b:fb:4a:fd:20:d1: 02:32:97:38:79:6e:d1:7e:80:44:76:17:e2:85:13:47:00:31: a9:45:0a:91:95:d2:ae:b2:45:dc:fc:9b:cc:bc:72:af:af:7f: 01:53:3e:51:49:ab:33:b5:17:ef:f1:28:00:dd:f0:a0:56:53: 82:11:4e:13:5b:9a:65:fb:b2:0f:72:84:6b:d9:62:3c:55:43: 25:fd:07:4f:65:36:a9:51:f5:d7:50:bf:89:43:dc:6f:cd:89: 31:88:e5:1a:f1:19:9c:00:8b:8f:87:bf:ea:ff:34:f3:58:20: 52:3b:04:c8:b5:7b:0c:46:b1:0f:03:4f:fc:34:af:f3:ee:91: 3d:e4:4e:d1 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICIeIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDNDNUE1NkJCMEQ0NUM4 NTBCRjc4NTA5MDMzNzEyNTEzMTZFMTA3ODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDkG8kHaOc6Vq+bKf3F5Invqwt8vdQp5LOxV/iJwj5VZVe5HLq7 S8T5xLDsi0kM09/zptZ+eVYXSEfPkmWZt/VaXkRs/iC1WoKHWr6XZAVA+IASHde7 nILfSkjcV9CcFbUM7v1RWTp7f3ffwE1z0JZTwlXWyjyU32PM+Y4EvRqdZdrw2m6D m1aGFZv4BzNItrx+znR2NQRcgn99+h8MWirpEeY6feCoWeBJ9z9MH1JLq5ZjioZW uYxOKvXU19K3pp+vafEq8UMejm75rrQMHa7trV67/gZeNlzCPfGLUGTHbPJXVg5F /ldp2aLK7T1BcG4uN9A7rdC8oLmrOWNAidW/AgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUPFpWuw1FyFC/eFCQM3ElExbhB4gwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvUEZwV3V3MUZ5RkNf ZUZDUU0zRWxFeGJoQjRnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw BQMDAGV+MA0GCSqGSIb3DQEBCwUAA4IBAQBXevqOPZoQmVz4rZ9ZE3rIhHH0GIQo MBW1NglaobgkIFV6/MfigJXBPGAeVajJnCjV3mZE3q0HKldIRxAYOEDk0TJMMl/x qoowkfGl4sOhTpv3LDfRDQ3F/DDQ6DW0wmOBlbkBguJekCP/ctBAgcrgLM/9diNj w2Zb+0r9INECMpc4eW7RfoBEdhfihRNHADGpRQqRldKuskXc/JvMvHKvr38BUz5R SasztRfv8SgA3fCgVlOCEU4TW5pl+7IPcoRr2WI8VUMl/QdPZTapUfXXUL+JQ9xv zYkxiOUa8RmcAIuPh7/q/zTzWCBSOwTItXsMRrEPA0/8NK/z7pE95E7R -----END CERTIFICATE-----Generated at Mon Oct 20 16:22:33 2025 by rpki-client