$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/I_yUfdeufBrasGDj6tlyOFMWmMg.roa File: I_yUfdeufBrasGDj6tlyOFMWmMg.roa (raw, json) Hash identifier: TySkQ9SimG8Jp4VlBwqL4O5fpRTpUS1Ck/5Dy1Bdp7w= Subject key identifier: 23:FC:94:7D:D7:AE:7C:1A:DA:B0:60:E3:EA:D9:72:38:53:16:98:C8 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21A2 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/I_yUfdeufBrasGDj6tlyOFMWmMg.roa Signing time: Sat 06 Sep 2025 08:04:29 +0000 ROA not before: Sat 06 Sep 2025 08:04:29 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 58466 IP address blocks: 118.145.32.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 06:04:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8610 (0x21a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 6 08:04:29 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=23FC947DD7AE7C1ADAB060E3EAD97238531698C8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:29:5e:b1:6d:16:56:ef:65:bf:48:cc:8f:33: c6:17:a0:ce:df:f5:9d:92:a8:04:35:c3:64:59:5e: 49:0f:b4:cd:1d:8f:1a:cf:bb:34:46:e9:f5:84:04: 68:f9:7e:6c:1e:a5:ad:4a:c6:06:8c:c3:3b:ed:54: 47:b5:3c:32:f3:40:5c:af:1c:20:55:2b:0c:8d:7a: 98:19:fb:09:ad:1c:90:9c:80:33:8a:bd:dd:2b:b2: 62:7f:d3:06:87:66:1d:79:47:1c:08:99:c2:88:aa: 89:0b:c6:fc:62:3b:4c:d6:dd:19:91:b9:d3:8b:06: a2:76:87:bd:b9:1a:fa:08:84:a7:50:2f:9c:83:d8: c2:07:12:2e:6d:c8:39:59:38:39:49:15:d7:20:72: 79:96:99:76:0b:da:bf:e7:e7:b1:0b:aa:c1:ed:fe: fa:e8:73:7f:bc:35:bf:6c:7c:48:57:08:47:7f:d8: cd:7c:41:c7:a6:27:64:5a:85:aa:12:09:7c:8e:cb: 7f:2b:62:54:93:65:76:cc:96:fd:98:0e:2f:bc:90: 34:cc:08:b3:16:f3:ea:5c:85:70:bc:ac:e6:bc:fa: 5f:17:6e:ac:6b:98:06:6a:41:83:15:37:38:a4:4b: 43:7b:08:0c:b4:29:8d:ed:66:76:63:de:d7:a0:d7: 5c:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:FC:94:7D:D7:AE:7C:1A:DA:B0:60:E3:EA:D9:72:38:53:16:98:C8 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/I_yUfdeufBrasGDj6tlyOFMWmMg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.145.32.0/19 Signature Algorithm: sha256WithRSAEncryption 8e:c3:42:3b:df:de:ee:b2:e2:37:1c:d6:73:6a:7c:58:c1:5e: 46:09:08:23:4f:ae:83:c7:32:8e:02:57:62:f0:13:03:6f:4c: ba:bb:b0:8d:35:90:27:41:fc:33:35:63:58:92:c1:c1:4f:af: 4c:79:c9:53:fc:c9:f8:c7:f6:66:e5:c5:09:bb:ec:13:95:cb: 47:f0:1a:d0:d6:01:eb:7e:0b:7d:08:e3:76:f5:3d:57:7b:74: 69:28:79:fd:b5:ce:07:20:2a:ad:de:bc:6d:64:82:61:62:b2: 1c:3e:49:a7:d6:9c:b3:e9:6f:95:a1:5e:ec:e6:71:0f:2a:37: a2:ea:2d:61:53:14:7d:73:b5:11:cf:7b:7c:0e:21:54:f5:b5: ef:ce:67:c8:cc:d9:f6:dc:ae:38:6a:cd:df:ee:3c:e4:99:33: f3:d1:27:cb:89:7d:ab:f0:41:a8:dd:ab:a6:99:ef:05:94:f4: 39:1d:fb:15:98:cd:6e:fb:30:50:f7:99:fb:1a:9d:99:6e:68: ee:66:25:67:8f:14:34:0e:69:fc:6e:d2:e4:5a:ba:04:8c:ae: 4a:9e:8d:e5:a5:f0:4e:e6:01:21:ca:7c:35:f9:e9:3f:a5:56: db:88:05:1c:f8:c6:aa:85:dc:61:93:80:08:07:69:fc:fe:6e: 3f:2b:79:dd -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIaIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MDYw ODA0MjlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDIzRkM5NDdERDdBRTdD MUFEQUIwNjBFM0VBRDk3MjM4NTMxNjk4QzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDfKV6xbRZW72W/SMyPM8YXoM7f9Z2SqAQ1w2RZXkkPtM0djxrP uzRG6fWEBGj5fmwepa1KxgaMwzvtVEe1PDLzQFyvHCBVKwyNepgZ+wmtHJCcgDOK vd0rsmJ/0waHZh15RxwImcKIqokLxvxiO0zW3RmRudOLBqJ2h725GvoIhKdQL5yD 2MIHEi5tyDlZODlJFdcgcnmWmXYL2r/n57ELqsHt/vroc3+8Nb9sfEhXCEd/2M18 QcemJ2RahaoSCXyOy38rYlSTZXbMlv2YDi+8kDTMCLMW8+pchXC8rOa8+l8Xbqxr mAZqQYMVNzikS0N7CAy0KY3tZnZj3teg11wfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUI/yUfdeufBrasGDj6tlyOFMWmMgwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvSV95VWZkZXVmQnJh c0dEajZ0bHlPRk1XbU1nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXaRIDANBgkqhkiG9w0BAQsFAAOCAQEAjsNCO9/e7rLiNxzWc2p8WMFeRgkI I0+ug8cyjgJXYvATA29MuruwjTWQJ0H8MzVjWJLBwU+vTHnJU/zJ+Mf2ZuXFCbvs E5XLR/Aa0NYB634LfQjjdvU9V3t0aSh5/bXOByAqrd68bWSCYWKyHD5Jp9acs+lv laFe7OZxDyo3ouotYVMUfXO1Ec97fA4hVPW1785nyMzZ9tyuOGrN3+485Jkz89En y4l9q/BBqN2rppnvBZT0OR37FZjNbvswUPeZ+xqdmW5o7mYlZ48UNA5p/G7S5Fq6 BIyuSp6N5aXwTuYBIcp8NfnpP6VW24gFHPjGqoXcYZOACAdp/P5uPyt53Q== -----END CERTIFICATE-----Generated at Mon Sep 8 02:35:27 2025 by rpki-client