$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/-o2ojTOqYYJIDpWfOiyLjZ31yxQ.roa File: -o2ojTOqYYJIDpWfOiyLjZ31yxQ.roa (raw, json) Hash identifier: MNolSCJVzDPmPWSVrY58xBA1Z6PwYrpG1yrKqcxt0ho= Subject key identifier: FA:8D:A8:8D:33:AA:61:82:48:0E:95:9F:3A:2C:8B:8D:9D:F5:CB:14 Certificate issuer: /CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Certificate serial: 1959 Authority key identifier: B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/-o2ojTOqYYJIDpWfOiyLjZ31yxQ.roa Signing time: Sat 13 Sep 2025 03:10:18 +0000 ROA not before: Sat 13 Sep 2025 03:10:18 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 37963 IP address blocks: 112.124.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6489 (0x1959) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA Validity Not Before: Sep 13 03:10:18 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=FA8DA88D33AA6182480E959F3A2C8B8D9DF5CB14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:d4:d1:ca:5b:cd:c1:f7:07:d3:97:8c:b8:f7: f2:f0:9d:37:a8:77:53:74:46:6c:45:21:76:c9:9b: 00:c0:8b:66:35:c9:23:eb:4a:69:b1:60:a4:19:a6: 84:6b:ce:85:07:90:f6:22:22:bd:55:85:e4:71:fe: 3a:79:75:68:26:3f:29:99:38:b9:42:54:f7:e8:75: 7c:a2:de:ce:7d:85:cc:11:a3:a2:25:46:b3:f8:11: 7f:2f:be:a3:66:51:9c:d0:8c:d6:e6:90:e4:6f:a7: 1c:c3:f7:18:e7:ef:59:8c:19:82:07:fd:62:29:a0: d3:96:f3:4c:94:1c:67:2d:c0:36:c7:a9:17:65:7d: fd:91:a8:b1:12:e3:f2:ba:0b:7f:10:c4:46:77:da: 13:1c:54:f1:bf:c0:b7:12:02:87:d2:34:c3:d1:0f: 12:63:11:92:18:e2:8c:39:bf:be:19:98:63:2f:93: 5a:8a:c5:18:a0:fc:cd:ce:05:bb:5e:e7:45:fa:d5: 3e:8f:b6:6c:f5:02:31:d4:36:45:2f:62:fa:82:c6: ee:e0:89:ff:64:0f:8a:18:ba:47:04:77:ef:0f:47: 54:2d:ad:6d:e4:7f:94:88:7f:a6:b1:26:5b:5d:58: 76:d0:0e:94:18:2b:ea:a6:cf:9f:fc:10:95:56:1d: 70:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:8D:A8:8D:33:AA:61:82:48:0E:95:9F:3A:2C:8B:8D:9D:F5:CB:14 X509v3 Authority Key Identifier: keyid:B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/-o2ojTOqYYJIDpWfOiyLjZ31yxQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 112.124.0.0/16 Signature Algorithm: sha256WithRSAEncryption 51:87:2d:71:18:3b:41:a3:65:01:80:a1:32:f4:e8:0d:33:7a: ab:34:81:2e:7c:59:b5:f1:77:f0:14:8b:b0:94:ed:51:e1:f5: 9e:99:1c:44:a9:88:03:2a:87:6e:e6:8b:63:dc:3d:89:28:43: 01:ea:ce:c6:c5:b2:31:e7:44:f6:8c:ea:9e:2b:87:b2:0f:2e: 2c:c6:d0:10:90:9a:6e:e3:63:df:38:b4:e8:11:ef:d3:2c:d9: 79:79:36:14:2e:d9:8a:d6:ba:df:2c:53:e2:6f:a0:58:52:57: 14:a3:3b:49:cc:0a:ac:77:b2:dc:32:1b:d6:d4:81:4d:8e:e2: 72:3e:cb:63:14:8b:de:14:03:13:6a:5a:c0:06:dc:37:3f:e3: d0:fd:cf:90:ee:59:5e:90:b3:72:a5:e7:78:c5:d8:c7:cf:53: 64:54:93:db:87:b4:c1:cb:ba:db:48:51:bf:df:fc:8a:c5:51: 2c:15:e4:37:76:37:05:d4:05:63:24:0a:89:9d:39:62:41:48: 53:1f:a6:ae:90:98:32:be:6a:fd:5b:4c:81:b4:e1:fb:d3:e6: cc:6d:0b:5c:b1:13:b8:a2:2b:81:b5:72:3b:f9:76:13:ce:e7: 74:13:df:d4:b7:27:09:5f:e7:30:4e:bb:d4:08:d0:fd:a6:1f: 64:50:03:fc -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICGVkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjNC QTZBRUYzQjhGQTJFNUQ5QjVFNDM0MzhFMDAyMEQ0MjZBMUVDQTAeFw0yNTA5MTMw MzEwMThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEZBOERBODhEMzNBQTYx ODI0ODBFOTU5RjNBMkM4QjhEOURGNUNCMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDq1NHKW83B9wfTl4y49/LwnTeod1N0RmxFIXbJmwDAi2Y1ySPr SmmxYKQZpoRrzoUHkPYiIr1VheRx/jp5dWgmPymZOLlCVPfodXyi3s59hcwRo6Il RrP4EX8vvqNmUZzQjNbmkORvpxzD9xjn71mMGYIH/WIpoNOW80yUHGctwDbHqRdl ff2RqLES4/K6C38QxEZ32hMcVPG/wLcSAofSNMPRDxJjEZIY4ow5v74ZmGMvk1qK xRig/M3OBbte50X61T6Ptmz1AjHUNkUvYvqCxu7gif9kD4oYukcEd+8PR1QtrW3k f5SIf6axJltdWHbQDpQYK+qmz5/8EJVWHXBnAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQU+o2ojTOqYYJIDpWfOiyLjZ31yxQwHwYDVR0jBBgwFoAUs7pq7zuPouXZteQ0 OOACDUJqHsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3 L3M3cHE3enVQb3VYWnRlUTBPT0FDRFVKcUhzby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvczdwcTd6dVBvdVhadGVRME9PQUNEVUpxSHNvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3Ly1vMm9qVE9xWVlKSURw V2ZPaXlMalozMXl4US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwBwfDANBgkqhkiG9w0BAQsFAAOCAQEAUYctcRg7QaNlAYChMvToDTN6qzSBLnxZ tfF38BSLsJTtUeH1npkcRKmIAyqHbuaLY9w9iShDAerOxsWyMedE9ozqniuHsg8u LMbQEJCabuNj3zi06BHv0yzZeXk2FC7Zita63yxT4m+gWFJXFKM7ScwKrHey3DIb 1tSBTY7icj7LYxSL3hQDE2pawAbcNz/j0P3PkO5ZXpCzcqXneMXYx89TZFST24e0 wcu620hRv9/8isVRLBXkN3Y3BdQFYyQKiZ05YkFIUx+mrpCYMr5q/VtMgbTh+9Pm zG0LXLETuKIrgbVyO/l2E87ndBPf1LcnCV/nME671AjQ/aYfZFAD/A== -----END CERTIFICATE-----Generated at Mon Oct 20 15:27:04 2025 by rpki-client