$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/VYvc0WYrHh5wlIocYAAWe16PlT8.roa File: VYvc0WYrHh5wlIocYAAWe16PlT8.roa (raw, json) Hash identifier: V0VWl58HwmOflFg/8JbWqa8ybFSyuUqIzHGuThFEkH8= Subject key identifier: 55:8B:DC:D1:66:2B:1E:1E:70:94:8A:1C:60:00:16:7B:5E:8F:95:3F Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21D9 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/VYvc0WYrHh5wlIocYAAWe16PlT8.roa Signing time: Sat 13 Sep 2025 03:09:02 +0000 ROA not before: Sat 13 Sep 2025 03:09:02 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4811 IP address blocks: 118.145.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8665 (0x21d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:02 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=558BDCD1662B1E1E70948A1C6000167B5E8F953F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:de:94:33:4c:f0:eb:90:14:30:df:8d:eb:91: ef:78:73:9e:94:5a:c4:a2:3f:b6:c1:2f:68:ee:bf: 4c:25:68:fa:99:16:40:f5:26:1a:0e:a0:c4:4a:34: c3:f5:c4:5e:96:76:6c:a6:68:78:19:aa:85:ab:b1: 16:d4:65:5e:f6:0a:e5:e5:43:29:79:b8:b4:d8:19: ec:5d:7d:94:44:bc:9e:18:fc:f3:35:b6:80:bb:1c: 85:b5:6b:a3:a2:5b:0f:1d:f5:3e:07:4b:6b:a6:6e: 66:0f:22:b4:4a:58:ae:f2:a3:71:8e:a6:7a:a3:26: 94:42:4f:53:35:89:d2:f6:dd:09:bf:e5:66:90:9e: 1c:a5:28:a3:f1:88:99:f9:63:87:26:00:cc:93:16: 57:28:26:f3:84:a8:87:27:54:61:47:49:e8:5a:7a: df:e5:77:0c:0d:fc:5f:62:56:fa:65:8b:f8:10:6e: 09:bc:0c:83:e2:e3:0a:3c:cb:9e:ae:ff:5f:03:18: 70:cb:de:4a:d8:41:1f:77:1f:f5:c1:b5:9b:3f:b0: 4b:55:f0:79:36:06:5c:51:55:2a:34:b9:82:cf:b0: 18:44:ed:52:64:5e:e3:9c:4e:9e:98:8c:ae:53:6e: 55:cc:f0:55:a4:f0:71:60:88:47:c0:48:fc:3c:10: 7b:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:8B:DC:D1:66:2B:1E:1E:70:94:8A:1C:60:00:16:7B:5E:8F:95:3F X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/VYvc0WYrHh5wlIocYAAWe16PlT8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.145.128.0/17 Signature Algorithm: sha256WithRSAEncryption 66:8b:81:b4:9e:f5:b6:dd:90:2f:3a:81:1f:44:80:e0:c4:71: 9b:f7:a7:e1:9e:a2:23:ae:48:78:79:09:93:af:47:77:eb:10: 53:13:41:ca:91:ce:fe:4c:89:b7:10:56:5e:1c:3f:48:ab:04: 55:bd:86:a2:6d:83:db:f1:4e:49:dd:73:6c:35:88:75:79:b5: 58:12:9c:39:32:da:49:3e:90:5d:ba:f1:36:5e:2e:16:c5:40: ed:34:36:70:43:9f:d1:b7:4d:ed:7a:e1:65:48:5e:7b:fb:29: da:43:50:a7:15:c7:66:44:fb:31:01:89:64:f5:0f:34:f5:a6: 8b:e0:df:8a:1d:33:1e:04:12:40:8e:a8:6b:1b:69:51:39:46: 9a:8e:0a:8f:2c:49:d1:ab:4e:f8:8a:ca:fb:88:04:6e:f2:3b: b4:04:bb:f8:70:1b:f4:f1:fa:42:6e:3d:88:e8:41:72:49:07: 6b:a6:81:ca:c0:93:37:e4:2b:0b:8d:ed:bc:83:95:14:df:a5: 9a:b6:94:76:c2:d5:90:32:31:ae:4d:bb:1d:8e:bc:94:e8:bc: a8:6c:8f:a4:81:99:f2:55:6d:b6:a7:99:a8:ba:fe:41:ce:4c: 64:b7:f0:3e:c0:d7:43:28:30:c2:e5:09:cc:1b:99:1d:ae:f0: 62:69:4b:ea -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIdkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDU1OEJEQ0QxNjYyQjFF MUU3MDk0OEExQzYwMDAxNjdCNUU4Rjk1M0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDS3pQzTPDrkBQw343rke94c56UWsSiP7bBL2juv0wlaPqZFkD1 JhoOoMRKNMP1xF6WdmymaHgZqoWrsRbUZV72CuXlQyl5uLTYGexdfZREvJ4Y/PM1 toC7HIW1a6OiWw8d9T4HS2umbmYPIrRKWK7yo3GOpnqjJpRCT1M1idL23Qm/5WaQ nhylKKPxiJn5Y4cmAMyTFlcoJvOEqIcnVGFHSehaet/ldwwN/F9iVvpli/gQbgm8 DIPi4wo8y56u/18DGHDL3krYQR93H/XBtZs/sEtV8Hk2BlxRVSo0uYLPsBhE7VJk XuOcTp6YjK5TblXM8FWk8HFgiEfASPw8EHsNAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUVYvc0WYrHh5wlIocYAAWe16PlT8wHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvVll2YzBXWXJIaDV3 bElvY1lBQVdlMTZQbFQ4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEB3aRgDANBgkqhkiG9w0BAQsFAAOCAQEAZouBtJ71tt2QLzqBH0SA4MRxm/en 4Z6iI65IeHkJk69Hd+sQUxNBypHO/kyJtxBWXhw/SKsEVb2Gom2D2/FOSd1zbDWI dXm1WBKcOTLaST6QXbrxNl4uFsVA7TQ2cEOf0bdN7XrhZUhee/sp2kNQpxXHZkT7 MQGJZPUPNPWmi+Dfih0zHgQSQI6oaxtpUTlGmo4KjyxJ0atO+IrK+4gEbvI7tAS7 +HAb9PH6Qm49iOhBckkHa6aBysCTN+QrC43tvIOVFN+lmraUdsLVkDIxrk27HY68 lOi8qGyPpIGZ8lVttqeZqLr+Qc5MZLfwPsDXQygwwuUJzBuZHa7wYmlL6g== -----END CERTIFICATE-----Generated at Mon Oct 20 16:22:25 2025 by rpki-client