$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/119/uG9LWLpK67qpxjgXRPMAAm6hR9Y.roa File: uG9LWLpK67qpxjgXRPMAAm6hR9Y.roa (raw, json) Hash identifier: URTxuyS38BOkzq2ChrFnplSe6g+QKSVcXtGhOX6pla8= Subject key identifier: B8:6F:4B:58:BA:4A:EB:BA:A9:C6:38:17:44:F3:00:02:6E:A1:47:D6 Certificate issuer: /CN=F556C3AAA1001F89DC0FCED5436A21BB4FF35D7A Certificate serial: 13B7 Authority key identifier: F5:56:C3:AA:A1:00:1F:89:DC:0F:CE:D5:43:6A:21:BB:4F:F3:5D:7A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/uG9LWLpK67qpxjgXRPMAAm6hR9Y.roa Signing time: Sat 06 Sep 2025 08:03:19 +0000 ROA not before: Sat 06 Sep 2025 08:03:19 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 45074 IP address blocks: 219.235.152.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 11:04:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5047 (0x13b7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F556C3AAA1001F89DC0FCED5436A21BB4FF35D7A Validity Not Before: Sep 6 08:03:19 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=B86F4B58BA4AEBBAA9C6381744F300026EA147D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:dd:f6:59:3a:77:71:dd:79:ef:65:8a:8c:e5: 91:c6:ec:c3:6f:77:1f:14:71:68:e7:80:a0:5d:14: ce:37:8e:12:d0:15:2b:5c:78:85:fe:77:5a:f9:25: 66:29:7a:54:cf:8a:e9:ad:f4:da:c4:e9:03:a8:8a: 57:c5:1a:e7:c3:a7:aa:8f:5c:4b:cd:7f:fd:6e:12: b7:d3:2b:68:07:dc:51:0d:f3:0d:84:41:a7:4e:78: 31:63:3b:9c:32:ff:aa:a0:30:b2:c7:5b:ce:31:c3: a1:74:37:a2:6c:3f:b8:48:a4:69:f3:05:e5:d1:b4: 9b:3d:50:3e:c0:9c:45:5b:45:74:b8:87:5e:07:e5: d0:06:bd:38:4a:9d:84:09:6c:d4:5b:53:18:22:18: 39:bd:db:bc:89:2b:9b:2a:4e:68:45:95:7d:e2:f5: 96:fa:e4:f7:1d:1a:a9:b4:52:b6:17:86:bf:2b:f7: c9:5b:44:d1:7c:07:4f:55:8f:e6:95:da:68:20:bb: 01:d4:2a:52:0f:23:7a:04:3b:b0:91:a2:99:3d:15: 51:d8:e7:31:38:ad:90:e7:51:b8:76:48:64:91:e8: 1d:d5:c9:b2:9d:6c:78:a1:99:83:48:fe:5a:7d:85: 32:a5:cf:d8:c8:8b:18:2a:6e:b5:6f:bc:3a:11:0c: 13:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:6F:4B:58:BA:4A:EB:BA:A9:C6:38:17:44:F3:00:02:6E:A1:47:D6 X509v3 Authority Key Identifier: keyid:F5:56:C3:AA:A1:00:1F:89:DC:0F:CE:D5:43:6A:21:BB:4F:F3:5D:7A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/uG9LWLpK67qpxjgXRPMAAm6hR9Y.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 219.235.152.0/21 Signature Algorithm: sha256WithRSAEncryption 01:b6:ba:41:54:34:4f:e8:82:97:72:02:27:7a:88:b3:88:64: 2e:6e:ca:08:dd:4e:52:93:d0:d3:e1:38:9b:5e:21:bf:a0:c8: 5b:9d:2d:9c:08:bc:fb:01:c6:a4:b8:b6:ab:9f:62:0b:ae:49: 99:d1:75:13:9f:f4:76:6a:e8:0c:b4:73:e7:05:44:cf:63:38: 7e:0c:2d:d2:41:fe:5c:ac:dd:99:8b:ea:a3:48:c1:70:41:f7: 89:0a:02:74:4f:fe:8b:cd:5f:a3:75:54:7e:fc:f1:09:47:ed: e3:07:b3:fe:37:6b:50:bc:5d:5c:19:49:9f:85:e9:4c:be:78: 49:2a:bd:5a:37:f3:5a:20:20:5f:4a:14:5a:6a:ba:2b:4f:c3: 00:b3:c0:f8:40:e0:79:c7:77:76:78:ad:29:da:76:20:bb:56: ef:b2:7c:09:fd:13:fc:51:b0:a3:93:f6:75:b8:96:cb:65:51: 02:b6:8b:3c:c1:75:6d:63:05:7b:97:50:a6:f6:4a:16:f3:b3: d6:3d:f8:6d:82:c9:d0:7a:d7:a1:80:9e:4b:6b:b0:31:65:dc: c8:85:8e:ab:fa:72:0f:62:84:d1:59:e1:91:61:92:c8:c9:2f: 35:b4:e0:71:1a:f3:6e:22:c4:6b:1c:f5:fe:b5:0d:29:4f:5a: 51:a9:9b:ed -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICE7cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjU1 NkMzQUFBMTAwMUY4OURDMEZDRUQ1NDM2QTIxQkI0RkYzNUQ3QTAeFw0yNTA5MDYw ODAzMTlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEI4NkY0QjU4QkE0QUVC QkFBOUM2MzgxNzQ0RjMwMDAyNkVBMTQ3RDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCx3fZZOndx3XnvZYqM5ZHG7MNvdx8UcWjngKBdFM43jhLQFStc eIX+d1r5JWYpelTPiumt9NrE6QOoilfFGufDp6qPXEvNf/1uErfTK2gH3FEN8w2E QadOeDFjO5wy/6qgMLLHW84xw6F0N6JsP7hIpGnzBeXRtJs9UD7AnEVbRXS4h14H 5dAGvThKnYQJbNRbUxgiGDm927yJK5sqTmhFlX3i9Zb65PcdGqm0UrYXhr8r98lb RNF8B09Vj+aV2mgguwHUKlIPI3oEO7CRopk9FVHY5zE4rZDnUbh2SGSR6B3VybKd bHihmYNI/lp9hTKlz9jIixgqbrVvvDoRDBP7AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUuG9LWLpK67qpxjgXRPMAAm6hR9YwHwYDVR0jBBgwFoAU9VbDqqEAH4ncD87V Q2ohu0/zXXowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTE5 LzlWYkRxcUVBSDRuY0Q4N1ZRMm9odTBfelhYby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOVZiRHFxRUFING5jRDg3VlEyb2h1MF96WFhvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTE5L3VHOUxXTHBLNjdxcHhq Z1hSUE1BQW02aFI5WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAPb65gwDQYJKoZIhvcNAQELBQADggEBAAG2ukFUNE/ogpdyAid6iLOIZC5uygjd TlKT0NPhOJteIb+gyFudLZwIvPsBxqS4tqufYguuSZnRdROf9HZq6Ay0c+cFRM9j OH4MLdJB/lys3ZmL6qNIwXBB94kKAnRP/ovNX6N1VH788QlH7eMHs/43a1C8XVwZ SZ+F6Uy+eEkqvVo381ogIF9KFFpquitPwwCzwPhA4HnHd3Z4rSnadiC7Vu+yfAn9 E/xRsKOT9nW4lstlUQK2izzBdW1jBXuXUKb2Shbzs9Y9+G2CydB616GAnktrsDFl 3MiFjqv6cg9ihNFZ4ZFhksjJLzW04HEa824ixGsc9f61DSlPWlGpm+0= -----END CERTIFICATE-----Generated at Mon Sep 8 09:10:22 2025 by rpki-client