$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/RImqL2wQuPV6N1yaU8ofLwOs0eQ.roa File: RImqL2wQuPV6N1yaU8ofLwOs0eQ.roa (raw, json) Hash identifier: pvVz2+Tvav+K3Ua+sgadToliNvtPshZneijnHlHkN1M= Subject key identifier: 44:89:AA:2F:6C:10:B8:F5:7A:37:5C:9A:53:CA:1F:2F:03:AC:D1:E4 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21D3 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/RImqL2wQuPV6N1yaU8ofLwOs0eQ.roa Signing time: Sat 13 Sep 2025 03:09:02 +0000 ROA not before: Sat 13 Sep 2025 03:09:02 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137718 IP address blocks: 180.184.144.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 03:36:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8659 (0x21d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:02 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4489AA2F6C10B8F57A375C9A53CA1F2F03ACD1E4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:e0:43:39:89:9d:e5:38:fd:d2:5f:27:9b:e6: b4:fb:85:c2:ae:1c:29:9e:72:63:13:df:7a:3f:ca: cf:e9:69:1c:60:98:42:f4:04:2d:fa:64:f5:2a:ec: 29:cf:4b:b6:c3:0d:c6:55:e0:d6:26:80:69:b1:1b: dd:12:cc:cd:13:19:60:9a:c3:64:e9:4a:37:d9:5a: 7d:e3:70:76:c7:81:27:83:72:05:27:ad:4b:99:28: bc:86:ac:61:ee:6a:58:c5:21:95:3e:ec:64:d0:0a: 52:58:63:cc:45:63:44:ed:b2:41:14:e5:c3:ad:fc: 48:cb:a5:10:b7:51:e7:07:a6:92:42:34:c9:98:1d: 3e:f4:af:e8:da:f4:c4:5a:72:94:5e:6b:bf:1e:3a: 22:e5:62:eb:dc:b4:87:81:a0:fe:f5:45:33:a2:9d: 75:4a:c0:a7:bb:d7:ea:dc:e1:b4:87:ed:58:cb:90: fa:39:b2:3e:de:46:cf:a6:41:6d:fd:25:9e:2f:ca: e9:3b:89:17:7b:c8:b7:7a:46:96:93:e2:10:3d:e2: 7f:7e:80:dc:bb:e7:e7:9d:17:b0:94:36:92:e2:c6: 02:9b:1b:70:36:6a:7e:20:92:59:ca:3f:91:93:be: 40:1c:81:2a:3b:89:b2:34:20:00:66:72:de:a3:b1: be:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:89:AA:2F:6C:10:B8:F5:7A:37:5C:9A:53:CA:1F:2F:03:AC:D1:E4 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/RImqL2wQuPV6N1yaU8ofLwOs0eQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.144.0/21 Signature Algorithm: sha256WithRSAEncryption 17:f6:ad:f7:cf:82:59:8f:f4:3a:2b:4e:3f:96:59:1e:22:2f: a4:b3:a4:71:16:03:4f:ff:92:06:86:24:94:58:1f:26:36:d5: 3a:6c:06:a6:f3:54:d7:ee:7b:54:2e:a1:2f:4f:a6:99:ab:c5: 16:b9:f0:50:77:b9:a0:a0:e1:4f:92:6c:8b:09:2e:15:7c:ba: 7a:71:ad:aa:64:74:ec:11:e6:19:01:23:0b:2f:14:eb:a3:05: 8f:83:59:14:da:f2:98:f7:79:ad:a9:65:ce:4a:77:9b:89:e8: 99:23:1d:2f:96:a4:bd:96:6a:d2:2d:34:28:52:43:18:f6:fe: 4f:4a:e8:1c:cb:67:21:34:b5:ee:63:eb:b5:a0:04:98:4f:ed: 4b:3b:3e:3e:89:20:d9:3f:43:17:7f:49:64:e0:8a:72:0d:de: 74:f8:03:09:5d:d1:86:e4:51:81:e6:1b:8e:cb:6c:9a:0f:25: 72:b5:86:de:4f:fd:ce:2e:9a:01:69:70:eb:2d:de:df:a4:e9: a7:b2:7d:78:64:ba:1f:14:e1:c7:79:19:12:f4:8f:cc:c5:41: 45:e5:02:07:b6:0f:6f:c4:fc:16:54:3e:c5:66:9f:22:c3:02: 60:af:48:54:7e:54:88:7f:b3:cf:82:c4:21:72:d8:d5:f3:4c: 4f:fa:78:ca -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIdMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQ0ODlBQTJGNkMxMEI4 RjU3QTM3NUM5QTUzQ0ExRjJGMDNBQ0QxRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC14EM5iZ3lOP3SXyeb5rT7hcKuHCmecmMT33o/ys/paRxgmEL0 BC36ZPUq7CnPS7bDDcZV4NYmgGmxG90SzM0TGWCaw2TpSjfZWn3jcHbHgSeDcgUn rUuZKLyGrGHualjFIZU+7GTQClJYY8xFY0TtskEU5cOt/EjLpRC3UecHppJCNMmY HT70r+ja9MRacpRea78eOiLlYuvctIeBoP71RTOinXVKwKe71+rc4bSH7VjLkPo5 sj7eRs+mQW39JZ4vyuk7iRd7yLd6RpaT4hA94n9+gNy75+edF7CUNpLixgKbG3A2 an4gklnKP5GTvkAcgSo7ibI0IABmct6jsb7LAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQURImqL2wQuPV6N1yaU8ofLwOs0eQwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvUkltcUwyd1F1UFY2 TjF5YVU4b2ZMd09zMGVRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7S4kDANBgkqhkiG9w0BAQsFAAOCAQEAF/at98+CWY/0OitOP5ZZHiIvpLOk cRYDT/+SBoYklFgfJjbVOmwGpvNU1+57VC6hL0+mmavFFrnwUHe5oKDhT5Jsiwku FXy6enGtqmR07BHmGQEjCy8U66MFj4NZFNrymPd5rallzkp3m4nomSMdL5akvZZq 0i00KFJDGPb+T0roHMtnITS17mPrtaAEmE/tSzs+Pokg2T9DF39JZOCKcg3edPgD CV3RhuRRgeYbjstsmg8lcrWG3k/9zi6aAWlw6y3e36Tpp7J9eGS6HxThx3kZEvSP zMVBReUCB7YPb8T8FlQ+xWafIsMCYK9IVH5UiH+zz4LEIXLY1fNMT/p4yg== -----END CERTIFICATE-----Generated at Tue Oct 21 01:23:53 2025 by rpki-client