$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/iNjffKRfq1pdBBKFLzXkpbR3UCE.roa File: iNjffKRfq1pdBBKFLzXkpbR3UCE.roa (raw, json) Hash identifier: VELR72xPLo3UEZmR8pwjjwA1Q2GBJqPhEmsiQ2GdWhA= Subject key identifier: 88:D8:DF:7C:A4:5F:AB:5A:5D:04:12:85:2F:35:E4:A5:B4:77:50:21 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21F4 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/iNjffKRfq1pdBBKFLzXkpbR3UCE.roa Signing time: Sat 13 Sep 2025 03:09:09 +0000 ROA not before: Sat 13 Sep 2025 03:09:09 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 138421 IP address blocks: 180.184.184.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 03:36:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8692 (0x21f4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:09 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=88D8DF7CA45FAB5A5D0412852F35E4A5B4775021 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:2e:56:ef:2b:ab:9f:ed:2d:a7:8a:57:36:b6: 47:ae:8c:e3:ef:94:cc:c8:4a:64:d5:59:a2:d0:25: f1:9d:b7:31:22:bf:22:c8:ef:b9:b0:49:bc:95:a5: 41:12:62:d0:f1:e6:71:b9:65:de:55:f8:05:66:84: 1c:94:08:6b:c4:52:19:ba:ae:af:3e:19:5c:20:d6: 7f:a4:2b:0c:54:24:a7:83:94:89:2f:42:83:24:13: 44:a0:8d:79:80:20:62:ea:7e:45:d1:dd:4f:52:74: 6b:a0:39:09:82:0c:31:20:15:91:0c:53:22:b4:12: 14:8b:7b:e7:7d:d0:1d:38:d9:42:ee:9e:ab:b3:0b: 41:b0:e6:80:61:9e:77:7c:d2:be:a8:eb:a0:50:f4: 2b:5c:3e:1c:93:4d:85:d8:e9:9e:a4:b7:10:d2:e5: c7:16:89:80:fb:9e:cd:a6:89:e5:27:c4:7b:ec:a8: d8:5d:7f:df:88:c0:a6:7d:51:9d:7e:7d:e7:19:fc: d7:47:4d:61:59:0c:92:08:53:b3:21:96:c9:02:e8: bd:14:80:c1:81:b6:93:03:62:ad:9b:04:85:bf:3a: 75:3c:cd:ac:8c:57:13:49:21:7a:11:c8:f2:b7:56: 32:eb:db:22:36:ee:bd:d2:27:1b:76:6c:4a:9f:3b: 9b:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:D8:DF:7C:A4:5F:AB:5A:5D:04:12:85:2F:35:E4:A5:B4:77:50:21 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/iNjffKRfq1pdBBKFLzXkpbR3UCE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.184.0/22 Signature Algorithm: sha256WithRSAEncryption 88:85:d7:79:c7:81:b1:1d:73:7d:15:b2:26:f3:6f:9e:a9:84: b3:24:a8:42:85:38:16:fc:0f:00:b4:ac:c4:6d:07:29:68:ef: 05:4e:a3:c3:ab:bb:f6:70:a1:8b:a5:5c:48:5d:93:dd:40:b7: 84:ab:78:f4:78:6d:6f:6e:b7:e8:4e:1a:0e:6a:b5:71:50:6e: f7:77:9b:a4:98:40:d3:d9:e5:59:c3:d9:29:56:87:70:1b:1f: d3:06:53:34:d3:4a:2c:eb:db:5a:5a:3f:a8:16:2d:a6:72:09: 65:b2:eb:e7:ff:cf:20:7c:a7:90:90:b5:fb:7b:b9:c8:45:70: 8d:4d:e9:25:c0:6b:a8:40:a4:80:b4:34:f9:bc:c8:b8:04:41: 86:92:2a:da:b2:d3:71:70:e8:59:0e:50:16:c7:9d:27:f5:2f: e3:91:45:7a:40:34:1c:9f:9c:92:23:a4:b0:1e:9b:2b:82:37: 06:6b:cd:cb:21:83:d9:6a:5c:66:3e:9d:41:ed:e1:5a:9b:38: 00:9f:c6:83:80:ff:d2:91:ca:4c:c3:0f:92:bd:d2:80:cb:bc: 36:c8:32:44:26:a9:55:22:6f:79:83:1e:a2:07:dc:73:a1:e0: ca:f7:d1:99:fb:53:bb:e7:6f:8d:e7:d4:1e:ce:0d:9c:50:a7: ed:f0:d4:52 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIfQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDg4RDhERjdDQTQ1RkFC NUE1RDA0MTI4NTJGMzVFNEE1QjQ3NzUwMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqLlbvK6uf7S2nilc2tkeujOPvlMzISmTVWaLQJfGdtzEivyLI 77mwSbyVpUESYtDx5nG5Zd5V+AVmhByUCGvEUhm6rq8+GVwg1n+kKwxUJKeDlIkv QoMkE0SgjXmAIGLqfkXR3U9SdGugOQmCDDEgFZEMUyK0EhSLe+d90B042ULunquz C0Gw5oBhnnd80r6o66BQ9CtcPhyTTYXY6Z6ktxDS5ccWiYD7ns2mieUnxHvsqNhd f9+IwKZ9UZ1+fecZ/NdHTWFZDJIIU7MhlskC6L0UgMGBtpMDYq2bBIW/OnU8zayM VxNJIXoRyPK3VjLr2yI27r3SJxt2bEqfO5tNAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUiNjffKRfq1pdBBKFLzXkpbR3UCEwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvaU5qZmZLUmZxMXBk QkJLRkx6WGtwYlIzVUNFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArS4uDANBgkqhkiG9w0BAQsFAAOCAQEAiIXXeceBsR1zfRWyJvNvnqmEsySo QoU4FvwPALSsxG0HKWjvBU6jw6u79nChi6VcSF2T3UC3hKt49Hhtb2636E4aDmq1 cVBu93ebpJhA09nlWcPZKVaHcBsf0wZTNNNKLOvbWlo/qBYtpnIJZbLr5//PIHyn kJC1+3u5yEVwjU3pJcBrqECkgLQ0+bzIuARBhpIq2rLTcXDoWQ5QFsedJ/Uv45FF ekA0HJ+ckiOksB6bK4I3BmvNyyGD2WpcZj6dQe3hWps4AJ/Gg4D/0pHKTMMPkr3S gMu8NsgyRCapVSJveYMeogfcc6HgyvfRmftTu+dvjefUHs4NnFCn7fDUUg== -----END CERTIFICATE-----Generated at Tue Oct 21 01:18:37 2025 by rpki-client