$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/skOiHUAuStOibgWnXkZPTQHXwic.roa File: skOiHUAuStOibgWnXkZPTQHXwic.roa (raw, json) Hash identifier: vJsU9qOA+657IL4UeFtUAFdZjOKe/Zjb56ZpbdWiXoc= Subject key identifier: B2:43:A2:1D:40:2E:4A:D3:A2:6E:05:A7:5E:46:4F:4D:01:D7:C2:27 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21DC Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/skOiHUAuStOibgWnXkZPTQHXwic.roa Signing time: Sat 13 Sep 2025 03:09:03 +0000 ROA not before: Sat 13 Sep 2025 03:09:03 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4811 IP address blocks: 14.103.88.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8668 (0x21dc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:03 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=B243A21D402E4AD3A26E05A75E464F4D01D7C227 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:49:18:7c:2a:56:a5:80:fd:ca:aa:7f:f0:ca: f2:59:bd:4c:77:4a:bb:74:59:29:89:37:60:57:49: 9a:ca:1a:ef:f2:63:0d:44:4e:09:cf:9d:ea:ed:d2: 63:80:8f:ab:c9:0a:ed:35:fd:e4:50:0d:33:4d:87: f5:bd:67:d5:22:cc:9a:31:63:f0:05:e0:c8:a8:6f: 5b:af:17:47:a8:24:17:e7:e6:31:e0:c4:aa:06:6e: b4:34:ee:6d:f3:96:65:b8:40:f8:5d:39:76:21:16: b9:21:b5:48:fd:36:4b:f9:82:5d:e7:6b:c6:6d:1b: 16:70:39:12:b1:0d:e3:b2:ba:16:3c:30:59:16:9a: c3:cc:42:78:74:50:c5:26:ae:2a:41:45:60:ec:85: 0a:e5:67:91:0a:fb:37:df:55:ef:0c:98:15:c7:6f: 6c:c5:48:b7:73:86:52:67:33:15:95:39:fe:e1:5f: 93:ad:77:83:b7:c8:69:e7:d8:2d:4c:f0:31:45:ee: 3c:08:9b:12:d0:01:25:30:5f:2a:3b:44:8e:33:13: 19:2c:1c:28:72:29:19:b0:57:62:66:b5:1a:42:d3: ba:eb:cc:57:38:43:48:bc:cd:94:37:59:1e:e3:9a: 95:04:63:19:55:65:0d:1f:3a:68:0c:5b:26:1b:08: a5:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:43:A2:1D:40:2E:4A:D3:A2:6E:05:A7:5E:46:4F:4D:01:D7:C2:27 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/skOiHUAuStOibgWnXkZPTQHXwic.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 14.103.88.0/21 Signature Algorithm: sha256WithRSAEncryption 58:b6:1d:96:b7:c9:75:1b:2f:14:3e:dc:bf:8e:4e:ac:f6:f0: 44:e9:0c:95:02:22:6a:9b:e5:09:35:c9:45:02:74:71:d6:b8: 4d:82:44:2c:61:e5:5b:1d:ea:eb:1e:56:68:5c:b7:7a:11:83: 2d:57:f5:f3:a4:f6:e3:6f:60:5f:8a:0a:43:b6:40:88:03:f3: 1c:b4:bf:2a:6a:28:29:f8:fc:c7:b5:6d:9e:a5:c5:4d:37:da: 6b:62:4c:32:62:28:9e:7f:60:2c:01:07:b9:a6:1a:f0:19:0c: 46:72:5e:2a:07:88:0a:7c:60:e0:4e:9d:27:7a:b1:fb:9c:64: 60:6f:f6:46:be:8c:52:c8:ba:18:91:22:fc:d1:63:c6:3f:ce: 77:75:31:08:df:ed:75:f9:5b:bd:eb:53:24:92:a2:f1:a8:84: e6:bd:ad:d5:73:9c:ed:a9:f7:55:39:a9:97:57:c1:f6:12:32: 36:5f:2a:8d:ed:1d:59:27:73:fc:d5:79:df:ae:2c:fb:54:5f: 16:54:1f:bf:0c:44:c0:f2:19:0c:d8:52:a0:3e:32:27:1e:eb: 49:a9:82:7c:26:b9:0e:01:ab:b8:cd:f1:6e:1f:b2:ac:5d:29: e9:b2:58:b8:56:18:43:ae:fc:05:53:00:e8:ef:e8:12:f9:89: d5:e2:90:e7 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIdwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEIyNDNBMjFENDAyRTRB RDNBMjZFMDVBNzVFNDY0RjREMDFEN0MyMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHSRh8KlalgP3Kqn/wyvJZvUx3Srt0WSmJN2BXSZrKGu/yYw1E TgnPnert0mOAj6vJCu01/eRQDTNNh/W9Z9UizJoxY/AF4Miob1uvF0eoJBfn5jHg xKoGbrQ07m3zlmW4QPhdOXYhFrkhtUj9Nkv5gl3na8ZtGxZwORKxDeOyuhY8MFkW msPMQnh0UMUmripBRWDshQrlZ5EK+zffVe8MmBXHb2zFSLdzhlJnMxWVOf7hX5Ot d4O3yGnn2C1M8DFF7jwImxLQASUwXyo7RI4zExksHChyKRmwV2JmtRpC07rrzFc4 Q0i8zZQ3WR7jmpUEYxlVZQ0fOmgMWyYbCKXDAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUskOiHUAuStOibgWnXkZPTQHXwicwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvc2tPaUhVQXVTdE9p YmdXblhrWlBUUUhYd2ljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAw5nWDANBgkqhkiG9w0BAQsFAAOCAQEAWLYdlrfJdRsvFD7cv45OrPbwROkM lQIiapvlCTXJRQJ0cda4TYJELGHlWx3q6x5WaFy3ehGDLVf186T2429gX4oKQ7ZA iAPzHLS/KmooKfj8x7VtnqXFTTfaa2JMMmIonn9gLAEHuaYa8BkMRnJeKgeICnxg 4E6dJ3qx+5xkYG/2Rr6MUsi6GJEi/NFjxj/Od3UxCN/tdflbvetTJJKi8aiE5r2t 1XOc7an3VTmpl1fB9hIyNl8qje0dWSdz/NV5364s+1RfFlQfvwxEwPIZDNhSoD4y Jx7rSamCfCa5DgGruM3xbh+yrF0p6bJYuFYYQ678BVMA6O/oEvmJ1eKQ5w== -----END CERTIFICATE-----Generated at Mon Oct 20 16:22:20 2025 by rpki-client