$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/T9pRdlsl6fg6K7jfughxYK7CyN4.roa File: T9pRdlsl6fg6K7jfughxYK7CyN4.roa (raw, json) Hash identifier: RebulTZNG/vtXLpKRJoQnTONdtdNWq8QUpc8qmEPx1c= Subject key identifier: 4F:DA:51:76:5B:25:E9:F8:3A:2B:B8:DF:BA:08:71:60:AE:C2:C8:DE Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21E3 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/T9pRdlsl6fg6K7jfughxYK7CyN4.roa Signing time: Sat 13 Sep 2025 03:09:04 +0000 ROA not before: Sat 13 Sep 2025 03:09:04 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23724 IP address blocks: 180.184.24.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8675 (0x21e3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:04 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4FDA51765B25E9F83A2BB8DFBA087160AEC2C8DE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:dd:31:b1:41:36:db:af:71:9d:bc:0e:66:3b: 77:1e:c2:af:4f:9f:86:87:89:69:e1:69:eb:79:94: 32:a3:b8:9d:0d:0c:88:31:7c:b5:e2:ae:4f:9b:e9: 11:b4:0c:c8:64:3c:6f:36:45:fb:40:5e:2b:34:cc: 38:3e:d9:d1:b1:5f:9a:26:91:93:ed:b2:4f:43:d8: 44:47:36:67:aa:af:b3:d5:5e:49:3a:b5:75:46:e3: 61:1a:8e:c4:48:41:a5:7c:66:fc:de:67:fc:ff:04: 5c:17:46:12:c1:83:b0:27:a9:07:3c:e9:78:a6:a5: 96:8c:d1:01:50:4b:03:59:77:b2:c5:88:e2:c0:f2: 88:d9:6c:b8:6d:a4:ab:1c:7c:75:a5:13:64:3a:93: 75:3c:29:28:d9:50:90:20:d1:09:51:d2:a4:5a:d1: 45:57:40:b4:1c:38:6f:57:5e:06:27:a1:f5:72:28: 29:9f:01:34:fb:dd:0b:88:c5:e7:2e:87:0b:37:34: fd:74:2a:a3:22:e8:95:ea:e8:5c:36:c4:b8:5b:63: 9d:9a:5a:d2:16:50:df:68:9b:cd:79:9e:b3:58:03: b6:33:fd:c7:0c:e9:bd:a4:5f:bb:34:cb:cc:f3:c4: 74:99:85:41:19:bf:86:b5:f1:80:5e:e9:1f:e1:5c: 3c:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:DA:51:76:5B:25:E9:F8:3A:2B:B8:DF:BA:08:71:60:AE:C2:C8:DE X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/T9pRdlsl6fg6K7jfughxYK7CyN4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.24.0/21 Signature Algorithm: sha256WithRSAEncryption 9d:60:90:73:f0:62:1e:1e:6d:59:a9:84:fb:80:ee:4a:72:90: 27:d4:d0:5e:b8:eb:38:d6:50:a2:23:55:2c:e1:e7:8d:b4:e0: b8:20:e3:dc:0d:7d:c0:f6:6d:2a:f7:d5:36:27:a6:50:e5:9e: 20:02:7b:7d:5f:87:55:64:14:a6:df:6c:89:85:4d:ef:81:a1: 38:25:29:36:3e:23:dc:ac:2e:0b:b2:1e:47:cf:a3:56:9b:23: 87:ac:09:82:48:e0:b3:a6:5e:22:00:73:43:e6:28:d6:19:cb: d4:7a:6c:d8:83:a1:a7:aa:db:3d:84:dc:01:05:36:e1:cd:46: 50:d5:cc:c6:e8:fa:de:21:b9:c1:51:a7:ac:4a:e6:5f:35:1b: e4:91:70:aa:a9:15:0b:44:41:59:cf:05:ef:0b:2f:ae:4c:89: 7c:a4:d2:4c:89:29:4c:f4:91:33:3e:da:b4:18:e2:33:36:06: a9:4a:78:c6:17:ef:d0:d1:1c:b0:72:53:7f:55:6c:32:21:64: d5:29:11:88:c9:dc:02:a0:05:b5:64:0c:61:14:64:20:1c:93: bf:42:82:da:dc:5d:d6:43:d0:5e:b5:90:b6:e4:76:a9:5d:ec: d1:ab:8b:01:f5:75:2e:71:a7:06:59:9b:92:40:80:5e:4f:3b: 74:92:bb:5f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIeMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDRGREE1MTc2NUIyNUU5 RjgzQTJCQjhERkJBMDg3MTYwQUVDMkM4REUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDI3TGxQTbbr3GdvA5mO3cewq9Pn4aHiWnhaet5lDKjuJ0NDIgx fLXirk+b6RG0DMhkPG82RftAXis0zDg+2dGxX5omkZPtsk9D2ERHNmeqr7PVXkk6 tXVG42EajsRIQaV8ZvzeZ/z/BFwXRhLBg7AnqQc86XimpZaM0QFQSwNZd7LFiOLA 8ojZbLhtpKscfHWlE2Q6k3U8KSjZUJAg0QlR0qRa0UVXQLQcOG9XXgYnofVyKCmf ATT73QuIxecuhws3NP10KqMi6JXq6Fw2xLhbY52aWtIWUN9om815nrNYA7Yz/ccM 6b2kX7s0y8zzxHSZhUEZv4a18YBe6R/hXDy1AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUT9pRdlsl6fg6K7jfughxYK7CyN4wHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvVDlwUmRsc2w2Zmc2 SzdqZnVnaHhZSzdDeU40LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7S4GDANBgkqhkiG9w0BAQsFAAOCAQEAnWCQc/BiHh5tWamE+4DuSnKQJ9TQ XrjrONZQoiNVLOHnjbTguCDj3A19wPZtKvfVNiemUOWeIAJ7fV+HVWQUpt9siYVN 74GhOCUpNj4j3KwuC7IeR8+jVpsjh6wJgkjgs6ZeIgBzQ+Yo1hnL1Hps2IOhp6rb PYTcAQU24c1GUNXMxuj63iG5wVGnrErmXzUb5JFwqqkVC0RBWc8F7wsvrkyJfKTS TIkpTPSRMz7atBjiMzYGqUp4xhfv0NEcsHJTf1VsMiFk1SkRiMncAqAFtWQMYRRk IByTv0KC2txd1kPQXrWQtuR2qV3s0auLAfV1LnGnBlmbkkCAXk87dJK7Xw== -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:38 2025 by rpki-client