$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/oyvSlJKAnDZ9Tara9Qopu97jpCw.roa File: oyvSlJKAnDZ9Tara9Qopu97jpCw.roa (raw, json) Hash identifier: Tiq+I9nL61MbqaXmMbd/B4LYxZZscoZzJLLb5kH/QyI= Subject key identifier: A3:2B:D2:94:92:80:9C:36:7D:4D:AA:DA:F5:0A:29:BB:DE:E3:A4:2C Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21D0 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/oyvSlJKAnDZ9Tara9Qopu97jpCw.roa Signing time: Sat 13 Sep 2025 03:09:01 +0000 ROA not before: Sat 13 Sep 2025 03:09:01 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137718 IP address blocks: 180.184.24.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8656 (0x21d0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:01 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=A32BD29492809C367D4DAADAF50A29BBDEE3A42C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:95:6a:26:e4:49:fb:9f:b4:20:1c:7f:66:9f: 7a:99:d8:7e:72:11:78:83:51:00:74:79:e7:5e:91: 47:a4:6e:b0:f7:41:fc:e8:6c:6d:a8:4b:74:fb:49: 49:04:7a:af:df:05:c1:40:b6:19:b0:87:5c:23:ee: 74:b0:f6:dd:91:16:f0:5e:e6:36:9a:87:ef:98:3a: 3e:fe:ff:03:82:1d:77:d3:39:47:0a:83:4d:c2:76: fd:dd:b5:67:3f:2f:d3:a7:eb:c4:39:83:88:88:ed: 1d:45:dc:de:a2:2f:81:89:ec:b1:61:00:7a:7e:b7: 2b:9c:28:80:26:94:73:c0:cb:2e:3d:a6:8e:50:e5: e5:cc:a8:e9:da:2e:f4:0e:a9:ca:63:84:f3:c1:10: f7:f6:70:d6:d7:18:b7:12:a6:d3:e6:7b:94:e6:19: 7f:60:0f:c6:c2:4f:24:a3:98:4c:86:ff:a9:f1:46: 38:62:da:3e:47:6b:d3:f0:de:a3:aa:7d:00:5d:90: 3d:d4:7d:c9:e1:8c:2a:94:31:54:49:62:28:45:3e: 83:d6:74:21:d2:aa:6f:b8:75:dd:b3:37:77:3b:5c: 93:69:c5:5e:9b:a1:c1:eb:c8:9e:58:46:48:ff:bd: 90:82:44:60:a0:da:fb:95:27:a2:de:44:7c:44:0a: 16:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:2B:D2:94:92:80:9C:36:7D:4D:AA:DA:F5:0A:29:BB:DE:E3:A4:2C X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/oyvSlJKAnDZ9Tara9Qopu97jpCw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.24.0/21 Signature Algorithm: sha256WithRSAEncryption 63:aa:1d:d9:0a:4d:8e:00:a2:7f:53:21:8b:e7:72:12:47:5c: cd:e6:30:ee:60:a5:07:cb:ad:92:ed:80:b7:e1:38:51:e9:32: b8:ed:e5:56:2f:b5:35:43:8d:0d:81:c9:da:6a:3a:54:90:2d: 15:cd:b9:3d:c1:2c:52:c8:3e:14:71:37:04:0e:4d:d7:51:54: f7:6b:b4:29:c0:13:22:b1:f8:0c:ef:b6:8b:1b:60:e1:41:b6: d3:40:6e:76:82:5a:fc:5b:98:75:37:54:f7:3a:05:d8:23:f2: 35:d9:ee:d0:22:64:cd:b0:04:9a:7e:0c:2d:d0:c7:d8:0f:03: 8c:5e:cf:25:43:12:79:6b:7b:b2:85:a6:94:e1:d0:a3:1e:b0: 3f:17:5a:14:90:d4:c7:e3:a1:75:2d:b1:0e:f1:60:2f:cc:4e: 61:20:dc:d8:d1:2b:fa:72:93:94:45:ab:ab:76:a4:b6:58:47: 9c:44:d4:f6:bd:39:0e:3d:e8:2f:6b:dc:00:63:cb:55:b3:44: 7c:79:66:7f:4c:16:f3:a8:9c:d3:0e:0f:d2:06:9e:3b:4d:76: 81:01:94:b8:ae:aa:38:09:71:c3:65:d8:31:b5:91:a1:8c:01: 98:6d:f3:5f:a7:9d:e2:d8:da:97:33:cc:0d:44:33:09:6e:e5: 5b:f9:c4:22 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIdAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEEzMkJEMjk0OTI4MDlD MzY3RDREQUFEQUY1MEEyOUJCREVFM0E0MkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCylWom5En7n7QgHH9mn3qZ2H5yEXiDUQB0eedekUekbrD3Qfzo bG2oS3T7SUkEeq/fBcFAthmwh1wj7nSw9t2RFvBe5jaah++YOj7+/wOCHXfTOUcK g03Cdv3dtWc/L9On68Q5g4iI7R1F3N6iL4GJ7LFhAHp+tyucKIAmlHPAyy49po5Q 5eXMqOnaLvQOqcpjhPPBEPf2cNbXGLcSptPme5TmGX9gD8bCTySjmEyG/6nxRjhi 2j5Ha9Pw3qOqfQBdkD3UfcnhjCqUMVRJYihFPoPWdCHSqm+4dd2zN3c7XJNpxV6b ocHryJ5YRkj/vZCCRGCg2vuVJ6LeRHxEChaLAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUoyvSlJKAnDZ9Tara9Qopu97jpCwwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvb3l2U2xKS0FuRFo5 VGFyYTlRb3B1OTdqcEN3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7S4GDANBgkqhkiG9w0BAQsFAAOCAQEAY6od2QpNjgCif1Mhi+dyEkdczeYw 7mClB8utku2At+E4UekyuO3lVi+1NUONDYHJ2mo6VJAtFc25PcEsUsg+FHE3BA5N 11FU92u0KcATIrH4DO+2ixtg4UG200BudoJa/FuYdTdU9zoF2CPyNdnu0CJkzbAE mn4MLdDH2A8DjF7PJUMSeWt7soWmlOHQox6wPxdaFJDUx+OhdS2xDvFgL8xOYSDc 2NEr+nKTlEWrq3aktlhHnETU9r05Dj3oL2vcAGPLVbNEfHlmf0wW86ic0w4P0gae O012gQGUuK6qOAlxw2XYMbWRoYwBmG3zX6ed4tjalzPMDUQzCW7lW/nEIg== -----END CERTIFICATE-----Generated at Mon Oct 20 22:37:36 2025 by rpki-client