$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/zm4R_kCop2BzQPynXpR13fGwUgQ.roa File: zm4R_kCop2BzQPynXpR13fGwUgQ.roa (raw, json) Hash identifier: 6WCYS9qHCi1md0uGLJk9jrZsxrJFMoiAvB+5DVzMIvU= Subject key identifier: CE:6E:11:FE:40:A8:A7:60:73:40:FC:A7:5E:94:75:DD:F1:B0:52:04 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21F6 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/zm4R_kCop2BzQPynXpR13fGwUgQ.roa Signing time: Sat 13 Sep 2025 03:09:09 +0000 ROA not before: Sat 13 Sep 2025 03:09:09 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4811 IP address blocks: 180.184.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8694 (0x21f6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:09 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CE6E11FE40A8A7607340FCA75E9475DDF1B05204 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:49:df:8c:9c:53:3d:3d:04:87:b9:35:22:08: ba:9f:b6:62:f3:ff:02:00:13:de:a7:e4:73:8a:5a: 76:17:bc:a7:4b:71:c6:04:55:5c:f1:09:14:6d:5b: a0:5a:70:6c:18:bb:93:0a:d9:84:1e:20:62:33:78: 1a:7b:a1:b9:30:8a:80:ae:d6:d6:e2:6f:6c:f9:09: 03:eb:ac:e6:36:a5:36:4b:ac:a4:e1:11:08:3d:96: 03:41:f2:be:15:d0:f4:f1:f9:de:f4:70:ca:83:cb: 80:58:57:71:6b:07:11:fa:f7:d4:fa:54:8c:f0:04: 56:80:45:c8:36:48:3c:b3:91:9d:6e:41:27:70:e2: e4:38:92:e0:3c:5c:d7:04:fb:41:ab:5e:c4:97:03: 83:e9:6d:01:8e:cc:b0:ce:6a:95:15:7f:74:ec:ca: 96:1f:c7:2f:1c:03:be:1d:bd:3a:d3:db:10:c8:d6: 43:0b:a2:26:33:2e:17:60:63:b2:1d:a9:4f:48:7b: 84:cd:b5:1c:19:00:3f:f5:0f:88:57:cf:e3:ee:2f: b8:59:bc:33:bc:87:3f:82:fb:00:0f:2d:88:90:5c: 3d:0a:7b:0b:b5:50:5b:dc:d9:7f:69:fc:e4:55:64: 34:6f:e1:d1:8b:2c:92:a7:47:81:25:cc:46:3f:a1: 14:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:6E:11:FE:40:A8:A7:60:73:40:FC:A7:5E:94:75:DD:F1:B0:52:04 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/zm4R_kCop2BzQPynXpR13fGwUgQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.0.0/16 Signature Algorithm: sha256WithRSAEncryption b5:80:4f:dc:96:c5:7e:22:6b:7a:fd:dc:73:c2:38:d2:4c:8e: 34:95:77:d9:0f:5e:b6:33:fa:58:57:54:56:11:84:b9:d5:50: bd:6a:cc:86:f1:b2:65:49:f0:67:61:6f:04:e0:fb:44:08:ba: ff:76:6b:68:e4:02:1b:54:14:e2:f2:f9:9e:77:fc:a6:3b:2c: a8:a3:b2:9f:ba:b9:0c:f9:4e:a4:b5:45:fd:a2:ba:60:23:ff: 34:d0:58:bb:16:51:59:38:84:00:46:b4:45:f5:62:17:47:76: 67:51:a3:08:4b:a9:0e:1f:28:d3:aa:fd:e2:03:45:90:d8:71: 58:6e:80:ff:3b:e8:38:4b:e8:b9:7c:49:49:ad:f6:be:b1:a0: 3a:26:e7:a5:01:bf:45:7e:b3:41:56:72:5f:20:a9:8b:e1:e4: 59:d4:a3:e1:12:67:76:ba:3f:f1:1d:28:02:f5:28:f4:21:b0: de:ed:60:d1:db:5e:bd:24:73:0c:27:4c:be:31:21:7f:d6:0b: e5:00:36:59:d6:90:a4:35:c3:55:29:32:4b:7b:f2:88:5d:c2: 3b:03:4e:15:54:27:a0:7c:be:2e:71:d5:49:6b:65:ad:ed:8b: 58:28:c8:09:87:5a:8a:50:be:f3:93:2b:7a:4f:94:07:19:e6: 5c:34:e4:eb -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICIfYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENFNkUxMUZFNDBBOEE3 NjA3MzQwRkNBNzVFOTQ3NURERjFCMDUyMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1Sd+MnFM9PQSHuTUiCLqftmLz/wIAE96n5HOKWnYXvKdLccYE VVzxCRRtW6BacGwYu5MK2YQeIGIzeBp7obkwioCu1tbib2z5CQPrrOY2pTZLrKTh EQg9lgNB8r4V0PTx+d70cMqDy4BYV3FrBxH699T6VIzwBFaARcg2SDyzkZ1uQSdw 4uQ4kuA8XNcE+0GrXsSXA4PpbQGOzLDOapUVf3TsypYfxy8cA74dvTrT2xDI1kML oiYzLhdgY7IdqU9Ie4TNtRwZAD/1D4hXz+PuL7hZvDO8hz+C+wAPLYiQXD0Kewu1 UFvc2X9p/ORVZDRv4dGLLJKnR4ElzEY/oRRRAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUzm4R/kCop2BzQPynXpR13fGwUgQwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvem00Ul9rQ29wMkJ6 UVB5blhwUjEzZkd3VWdRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw BQMDALS4MA0GCSqGSIb3DQEBCwUAA4IBAQC1gE/clsV+Imt6/dxzwjjSTI40lXfZ D162M/pYV1RWEYS51VC9asyG8bJlSfBnYW8E4PtECLr/dmto5AIbVBTi8vmed/ym Oyyoo7KfurkM+U6ktUX9orpgI/800Fi7FlFZOIQARrRF9WIXR3ZnUaMIS6kOHyjT qv3iA0WQ2HFYboD/O+g4S+i5fElJrfa+saA6JuelAb9FfrNBVnJfIKmL4eRZ1KPh Emd2uj/xHSgC9Sj0IbDe7WDR2169JHMMJ0y+MSF/1gvlADZZ1pCkNcNVKTJLe/KI XcI7A04VVCegfL4ucdVJa2Wt7YtYKMgJh1qKUL7zkyt6T5QHGeZcNOTr -----END CERTIFICATE-----Generated at Mon Oct 20 16:22:42 2025 by rpki-client