$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/ykbKfmt8nVGdkDpLB2La71WqU3Q.roa File: ykbKfmt8nVGdkDpLB2La71WqU3Q.roa (raw, json) Hash identifier: 5FSSQ06+WtC82oVX9kkMyF+EiQU92a3xnzvUYGpyJeY= Subject key identifier: CA:46:CA:7E:6B:7C:9D:51:9D:90:3A:4B:07:62:DA:EF:55:AA:53:74 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21D4 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/ykbKfmt8nVGdkDpLB2La71WqU3Q.roa Signing time: Sat 13 Sep 2025 03:09:02 +0000 ROA not before: Sat 13 Sep 2025 03:09:02 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137718 IP address blocks: 101.126.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 03:36:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8660 (0x21d4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:02 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CA46CA7E6B7C9D519D903A4B0762DAEF55AA5374 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:67:60:87:b1:bd:d3:ab:52:36:bc:8c:2b:73: 77:e1:a5:72:1d:a8:22:2c:30:90:6a:e1:7b:19:cd: 3b:b3:b5:1b:5d:87:68:24:9b:01:a3:46:f7:f4:ad: 24:70:d0:4f:82:e2:2c:cd:58:42:96:31:3f:13:f9: 80:8e:76:ef:d3:f5:22:d7:bb:88:8a:95:0a:9e:94: 79:70:53:31:b8:b6:36:55:81:5d:90:70:56:4e:af: 45:20:61:91:a1:30:28:8f:9d:e2:7b:4b:c8:61:af: 0a:3a:65:04:c4:8b:3c:68:89:5f:ad:97:9e:5d:b0: c6:f7:72:8c:fd:05:62:33:a2:c4:62:a3:5e:48:7f: b4:4d:90:42:c7:b7:d2:b1:f0:3a:21:c9:28:d2:50: 9f:f6:bf:82:31:6b:d2:14:01:47:e4:db:c4:3a:a2: 5a:1a:ed:71:ff:28:f9:ad:d5:f9:47:92:3b:0d:82: 52:23:77:d1:41:89:bd:71:bf:cf:09:ea:1c:2e:49: 50:1d:de:31:fe:99:03:67:78:9d:25:4c:44:0d:7d: be:dc:85:ab:d5:8e:c8:48:ce:02:31:9f:15:16:bd: 6e:da:01:01:e1:f9:a3:9b:fb:3e:0b:08:82:d4:ee: c7:47:1e:45:2c:f7:69:68:fe:dd:73:a8:55:d4:06: d1:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:46:CA:7E:6B:7C:9D:51:9D:90:3A:4B:07:62:DA:EF:55:AA:53:74 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/ykbKfmt8nVGdkDpLB2La71WqU3Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.126.0.0/16 Signature Algorithm: sha256WithRSAEncryption 91:bd:0f:05:33:9f:c4:36:67:9e:f3:d7:9d:e5:50:e7:f4:1e: b3:22:92:b6:ab:8c:85:66:5a:0f:d7:ca:a9:97:bd:49:78:06: 7b:39:e7:56:bb:1e:dc:2b:a1:b5:cd:4b:06:40:48:19:93:13: 9c:89:bf:12:5f:83:84:90:56:b9:80:f4:20:9f:b6:35:27:f4: c4:a1:41:a2:f3:d0:17:2b:43:83:2e:1a:d7:5e:c0:e5:d7:f1: 6c:0b:9f:bd:c6:47:fc:14:f8:52:ef:3d:bd:7c:fa:47:81:94: 0d:3b:44:44:c3:3d:66:6c:3c:74:de:42:32:03:81:17:0e:95: 2a:5c:aa:55:8b:87:d2:5e:21:8f:71:92:dd:88:8f:99:fd:23: 77:37:76:6d:68:b0:94:8a:e5:7e:aa:2f:d0:76:68:8f:99:c7: db:cb:fc:ab:a8:f8:40:04:16:9f:ad:09:88:9c:21:b3:f6:cc: 50:f5:70:ef:f8:c1:e7:d3:3c:0e:a1:84:d4:9c:35:c5:81:0e: 30:03:b1:00:45:c0:3a:df:fd:9c:5f:d8:02:92:cc:cd:0e:6e: 0d:28:92:20:5d:e2:e3:fd:2e:6c:50:25:43:b8:31:a2:fc:f8: 13:56:4e:a3:67:0b:71:88:52:e9:f4:df:ef:46:20:92:33:51: 65:30:73:dd -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICIdQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENBNDZDQTdFNkI3QzlE NTE5RDkwM0E0QjA3NjJEQUVGNTVBQTUzNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAZ2CHsb3Tq1I2vIwrc3fhpXIdqCIsMJBq4XsZzTuztRtdh2gk mwGjRvf0rSRw0E+C4izNWEKWMT8T+YCOdu/T9SLXu4iKlQqelHlwUzG4tjZVgV2Q cFZOr0UgYZGhMCiPneJ7S8hhrwo6ZQTEizxoiV+tl55dsMb3coz9BWIzosRio15I f7RNkELHt9Kx8DohySjSUJ/2v4Ixa9IUAUfk28Q6oloa7XH/KPmt1flHkjsNglIj d9FBib1xv88J6hwuSVAd3jH+mQNneJ0lTEQNfb7chavVjshIzgIxnxUWvW7aAQHh +aOb+z4LCILU7sdHHkUs92lo/t1zqFXUBtGnAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUykbKfmt8nVGdkDpLB2La71WqU3QwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQveWtiS2ZtdDhuVkdk a0RwTEIyTGE3MVdxVTNRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw BQMDAGV+MA0GCSqGSIb3DQEBCwUAA4IBAQCRvQ8FM5/ENmee89ed5VDn9B6zIpK2 q4yFZloP18qpl71JeAZ7OedWux7cK6G1zUsGQEgZkxOcib8SX4OEkFa5gPQgn7Y1 J/TEoUGi89AXK0ODLhrXXsDl1/FsC5+9xkf8FPhS7z29fPpHgZQNO0REwz1mbDx0 3kIyA4EXDpUqXKpVi4fSXiGPcZLdiI+Z/SN3N3ZtaLCUiuV+qi/QdmiPmcfby/yr qPhABBafrQmInCGz9sxQ9XDv+MHn0zwOoYTUnDXFgQ4wA7EARcA63/2cX9gCkszN Dm4NKJIgXeLj/S5sUCVDuDGi/PgTVk6jZwtxiFLp9N/vRiCSM1FlMHPd -----END CERTIFICATE-----Generated at Tue Oct 21 01:16:50 2025 by rpki-client