$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/DASH3dMHkGhMGbn_Au2t2TbTwDg.roa File: DASH3dMHkGhMGbn_Au2t2TbTwDg.roa (raw, json) Hash identifier: MEoOuo9YX7RP0KUCfEPoG7IU8ZVnWiYmGYgTb+cM0XA= Subject key identifier: 0C:04:87:DD:D3:07:90:68:4C:19:B9:FF:02:ED:AD:D9:36:D3:C0:38 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EC6 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/DASH3dMHkGhMGbn_Au2t2TbTwDg.roa Signing time: Sat 13 Sep 2025 03:05:28 +0000 ROA not before: Sat 13 Sep 2025 03:05:28 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59083 IP address blocks: 202.89.110.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7878 (0x1ec6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:28 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=0C0487DDD30790684C19B9FF02EDADD936D3C038 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:e3:95:57:3e:53:3c:a7:34:39:2f:6b:4e:6c: d6:69:d6:4f:88:96:71:aa:b8:1f:f2:14:cf:0a:47: 06:62:79:fb:42:1d:81:da:8e:b5:65:e3:e6:42:c5: 02:d2:c4:03:15:c3:bc:60:ec:c8:fd:a0:bb:74:0a: ef:bc:fb:03:25:26:61:28:7c:99:9b:2a:8a:2c:10: ae:a8:27:78:59:f8:c7:6f:ee:96:c0:36:1e:6b:7b: 1a:4e:11:d7:f7:99:58:8b:f5:05:81:60:a9:d1:6f: 0c:d2:77:cf:69:0f:eb:a0:fb:07:9e:00:12:41:2d: ea:28:a1:f1:88:85:22:1f:88:d4:29:f5:6a:c6:99: 87:0b:d2:28:af:67:b0:94:39:7d:30:d1:56:1f:eb: 03:a6:12:51:5b:38:70:9b:a4:3d:47:6e:eb:75:4e: 7b:5c:11:c0:8c:5b:2d:41:28:66:12:43:62:23:33: fe:25:46:7c:fd:b1:6f:e5:cb:90:af:03:d2:b4:33: 66:d1:d3:b2:9e:f7:ac:de:d2:dd:0f:8f:53:58:ec: a9:a5:9c:82:0e:84:a0:f6:f1:00:ea:7f:46:3e:4a: e1:0a:ec:5d:3c:78:94:6e:44:c6:bb:e2:0e:b3:e3: d2:5a:b7:fa:0c:6f:86:2b:08:07:e1:11:4a:fe:8b: 78:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:04:87:DD:D3:07:90:68:4C:19:B9:FF:02:ED:AD:D9:36:D3:C0:38 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/DASH3dMHkGhMGbn_Au2t2TbTwDg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.89.110.0/23 Signature Algorithm: sha256WithRSAEncryption 31:ef:53:e4:d0:bb:b1:ef:5e:a7:ea:53:29:13:a5:53:4b:dc: 7c:55:b7:23:1c:4f:8d:d5:c6:32:fb:58:3c:11:2e:f6:90:d9: ab:00:e7:24:44:cf:93:51:dd:54:89:9d:4d:1c:2a:e0:cc:50: 7d:d4:3d:ae:c8:47:0c:14:6a:ac:8a:c0:a6:7c:e4:c9:c7:8b: f0:0f:73:45:d6:61:42:80:69:a9:1d:9f:f1:d1:92:57:cf:3e: 69:a1:7d:53:9b:11:5a:e5:65:37:94:9f:04:de:13:41:c7:b3: 78:08:2c:ee:e7:b6:6c:23:b4:cf:8a:be:a8:c3:76:89:72:41: f8:a9:51:4d:f1:9c:02:32:45:64:d8:2d:1a:d6:8b:94:4f:a8: 3f:02:44:04:a9:d0:0a:b5:71:76:22:ad:96:c9:89:ad:d0:e9: f8:7f:e8:4f:9f:4e:4a:f5:38:45:79:26:74:70:8c:83:9a:bc: ca:a7:ba:45:b6:a4:e7:0c:c3:bf:1a:a5:92:01:ce:37:b4:1f: c2:78:a8:a9:ea:40:df:3b:b4:e6:ad:4c:e6:08:39:6f:0e:f5: 02:19:c6:62:6f:05:30:ab:1b:bf:f6:c7:09:de:6a:c2:b8:db: 80:97:67:4c:e8:6d:e2:9b:a5:76:a9:6d:87:23:35:cb:1b:49: ff:6f:6d:bc -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHsYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDBDMDQ4N0RERDMwNzkw Njg0QzE5QjlGRjAyRURBREQ5MzZEM0MwMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC945VXPlM8pzQ5L2tObNZp1k+IlnGquB/yFM8KRwZieftCHYHa jrVl4+ZCxQLSxAMVw7xg7Mj9oLt0Cu+8+wMlJmEofJmbKoosEK6oJ3hZ+Mdv7pbA Nh5rexpOEdf3mViL9QWBYKnRbwzSd89pD+ug+weeABJBLeooofGIhSIfiNQp9WrG mYcL0iivZ7CUOX0w0VYf6wOmElFbOHCbpD1Hbut1TntcEcCMWy1BKGYSQ2IjM/4l Rnz9sW/ly5CvA9K0M2bR07Ke96ze0t0Pj1NY7KmlnIIOhKD28QDqf0Y+SuEK7F08 eJRuRMa74g6z49Jat/oMb4YrCAfhEUr+i3gxAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUDASH3dMHkGhMGbn/Au2t2TbTwDgwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0RBU0gzZE1Ia0doTUdi bl9BdTJ0MlRiVHdEZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAHKWW4wDQYJKoZIhvcNAQELBQADggEBADHvU+TQu7HvXqfqUykTpVNL3HxVtyMc T43VxjL7WDwRLvaQ2asA5yREz5NR3VSJnU0cKuDMUH3UPa7IRwwUaqyKwKZ85MnH i/APc0XWYUKAaakdn/HRklfPPmmhfVObEVrlZTeUnwTeE0HHs3gILO7ntmwjtM+K vqjDdolyQfipUU3xnAIyRWTYLRrWi5RPqD8CRASp0Aq1cXYirZbJia3Q6fh/6E+f Tkr1OEV5JnRwjIOavMqnukW2pOcMw78apZIBzje0H8J4qKnqQN87tOatTOYIOW8O 9QIZxmJvBTCrG7/2xwneasK424CXZ0zobeKbpXapbYcjNcsbSf9vbbw= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:59 2025 by rpki-client