$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/OzXdjTvRQOJR1aZiK50SJ3rTszI.roa File: OzXdjTvRQOJR1aZiK50SJ3rTszI.roa (raw, json) Hash identifier: HKvTA/m3xDpOoG6pyWl8sq8BXfIOtK/25u3mlgzCD9I= Subject key identifier: 3B:35:DD:8D:3B:D1:40:E2:51:D5:A6:62:2B:9D:12:27:7A:D3:B3:32 Certificate issuer: /CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2 Certificate serial: 1501 Authority key identifier: C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/OzXdjTvRQOJR1aZiK50SJ3rTszI.roa Signing time: Sat 13 Sep 2025 03:06:40 +0000 ROA not before: Sat 13 Sep 2025 03:06:40 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 136907 IP address blocks: 139.9.99.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Sep 2025 03:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5377 (0x1501) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2 Validity Not Before: Sep 13 03:06:40 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3B35DD8D3BD140E251D5A6622B9D12277AD3B332 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:47:8f:08:e0:1c:e6:48:13:ba:43:e9:cb:80: 37:1e:b4:d2:c1:01:95:87:92:4c:4a:e7:6f:57:dc: cb:83:d2:b4:13:e1:51:5a:64:40:95:38:df:2e:8f: 3e:3e:77:a0:bb:55:e0:40:89:ed:04:e1:41:43:50: 7f:0a:c9:f4:c1:4a:59:2b:dc:7a:a4:56:3a:63:d3: 0b:39:bf:f4:e1:db:b9:aa:49:ab:ec:e8:e8:9d:a5: 0a:66:0c:50:ee:13:20:bf:91:83:85:86:6c:a4:ef: 53:10:ee:2a:eb:55:c8:13:dc:51:c0:9b:62:b3:41: ee:86:f6:f4:1b:3a:a4:6c:2b:6d:85:00:38:e2:11: 5d:e3:d3:9b:72:a1:c9:91:62:fe:1c:06:41:c2:7a: f4:1d:ae:38:dd:7d:78:7d:f8:2f:47:43:f5:6d:05: 30:74:da:a2:f0:92:ae:49:66:22:d6:02:4e:40:60: 60:07:45:3e:dc:31:21:a9:23:7c:18:60:7f:69:65: 18:07:fb:ba:c2:ad:d7:83:0d:c6:de:6b:22:dd:11: 35:9d:d3:77:e1:fa:3d:a5:90:5f:ff:a4:f3:ed:a5: a2:83:74:9d:41:f8:18:6d:17:ad:ed:12:9f:f2:e9: d0:61:c8:a5:48:4c:bd:cb:66:0c:8a:6c:8f:87:cb: 51:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:35:DD:8D:3B:D1:40:E2:51:D5:A6:62:2B:9D:12:27:7A:D3:B3:32 X509v3 Authority Key Identifier: keyid:C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/OzXdjTvRQOJR1aZiK50SJ3rTszI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.9.99.0/24 Signature Algorithm: sha256WithRSAEncryption d3:f3:e3:2f:dc:ff:08:aa:31:84:2a:19:d1:d1:cb:8e:99:b6: 04:76:7f:08:d2:e5:cf:9c:1b:2b:44:15:55:e6:63:02:b9:af: e9:3b:cb:7f:d7:81:8d:fe:5d:90:4f:08:6b:78:af:3f:f5:45: e8:39:8d:00:4b:f1:b6:6a:ac:14:1c:2a:8c:4f:42:47:63:dc: 82:aa:38:57:9d:46:ee:27:3f:6e:6b:02:9a:d4:5d:c5:66:4d: c8:fd:63:6e:07:ad:69:b5:ec:f9:05:b6:57:5a:c7:8a:7a:a9: bd:6e:d0:bd:41:e7:40:c5:4f:67:7e:31:4a:11:5d:a5:5a:5d: 8e:4a:46:d7:a0:ee:c4:57:12:71:c4:8a:13:7e:ea:ff:34:69: 6f:93:2d:b2:68:d0:fc:4f:30:73:e7:d2:31:99:82:47:76:b4: 9b:d3:88:28:b8:55:4c:0a:a3:33:23:c0:cb:46:0c:c6:6f:1f: 45:c0:28:b7:e2:a9:c0:3b:69:f6:eb:3e:69:6e:9e:37:c1:86: 5f:13:c7:20:5a:9a:72:50:9a:23:3e:9a:5b:04:13:58:29:a9: 00:5f:8b:a6:33:51:05:5a:af:5d:5b:9b:ec:33:f8:8f:2b:41: 6a:92:ca:a9:e4:98:6f:b7:8c:39:c8:3f:23:29:3c:13:c0:9c: 66:2a:0d:96 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFQEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzFE MzEyOTE2MzhGNEE0MDQwQ0QzRDUyREVDM0ZGMkI5NzA5QzVGMjAeFw0yNTA5MTMw MzA2NDBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDNCMzVERDhEM0JEMTQw RTI1MUQ1QTY2MjJCOUQxMjI3N0FEM0IzMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2R48I4BzmSBO6Q+nLgDcetNLBAZWHkkxK529X3MuD0rQT4VFa ZECVON8ujz4+d6C7VeBAie0E4UFDUH8KyfTBSlkr3HqkVjpj0ws5v/Th27mqSavs 6OidpQpmDFDuEyC/kYOFhmyk71MQ7irrVcgT3FHAm2KzQe6G9vQbOqRsK22FADji EV3j05tyocmRYv4cBkHCevQdrjjdfXh9+C9HQ/VtBTB02qLwkq5JZiLWAk5AYGAH RT7cMSGpI3wYYH9pZRgH+7rCrdeDDcbeayLdETWd03fh+j2lkF//pPPtpaKDdJ1B +BhtF63tEp/y6dBhyKVITL3LZgyKbI+Hy1F3AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUOzXdjTvRQOJR1aZiK50SJ3rTszIwHwYDVR0jBBgwFoAUwdMSkWOPSkBAzT1S 3sP/K5cJxfIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC93ZE1Ta1dPUFNrQkF6VDFTM3NQX0s1Y0p4ZkkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3dkTVNrV09QU2tCQXpUMVMzc1BfSzVjSnhmSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvT3pYZGpUdlJRT0pS MWFaaUs1MFNKM3JUc3pJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAIsJYzANBgkqhkiG9w0BAQsFAAOCAQEA0/PjL9z/CKoxhCoZ0dHLjpm2BHZ/ CNLlz5wbK0QVVeZjArmv6TvLf9eBjf5dkE8Ia3ivP/VF6DmNAEvxtmqsFBwqjE9C R2Pcgqo4V51G7ic/bmsCmtRdxWZNyP1jbgetabXs+QW2V1rHinqpvW7QvUHnQMVP Z34xShFdpVpdjkpG16DuxFcSccSKE37q/zRpb5MtsmjQ/E8wc+fSMZmCR3a0m9OI KLhVTAqjMyPAy0YMxm8fRcAot+KpwDtp9us+aW6eN8GGXxPHIFqaclCaIz6aWwQT WCmpAF+LpjNRBVqvXVub7DP4jytBapLKqeSYb7eMOcg/Iyk8E8CcZioNlg== -----END CERTIFICATE-----Generated at Thu Sep 18 01:51:07 2025 by rpki-client