$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/Wl72acSPfMZ_-Bo1FFwyZAL2vHQ.roa File: Wl72acSPfMZ_-Bo1FFwyZAL2vHQ.roa (raw, json) Hash identifier: hySWu3LAhanaGw5D3zmIYy7doZuepnu9/JPsWdNeGlw= Subject key identifier: 5A:5E:F6:69:C4:8F:7C:C6:7F:F8:1A:35:14:5C:32:64:02:F6:BC:74 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21A3 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/Wl72acSPfMZ_-Bo1FFwyZAL2vHQ.roa Signing time: Sat 06 Sep 2025 08:04:30 +0000 ROA not before: Sat 06 Sep 2025 08:04:30 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 58539 IP address blocks: 180.184.8.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 06:04:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8611 (0x21a3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 6 08:04:30 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=5A5EF669C48F7CC67FF81A35145C326402F6BC74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:06:5e:2d:c6:10:d4:32:f1:2d:37:43:b4:c6: 31:8e:3b:46:5e:c2:8c:0f:29:e7:69:d9:b7:9b:e2: 81:b9:bd:3e:be:b8:43:14:e7:e3:eb:ac:79:9b:bf: db:84:8f:6e:5d:7d:57:46:78:51:00:47:4e:3d:16: 65:19:c4:3f:7a:78:c9:1c:6e:c1:db:c4:89:ea:2d: b4:5f:0c:8a:19:70:6c:c8:a5:da:f2:b3:85:f4:07: 4d:cf:48:ad:f6:db:f0:68:16:a0:a8:f1:cd:1b:ec: b5:b3:58:12:f0:dd:95:ff:dd:0c:5f:f1:0b:76:29: ec:38:fc:a8:42:a1:88:60:3b:68:0a:a4:25:65:6a: f3:9c:50:c3:7b:6e:a0:28:0c:15:c0:33:e2:14:b2: 61:e8:4a:69:cb:b5:b4:04:03:95:d8:21:a8:87:25: fc:6e:71:bb:2e:4f:23:29:d6:b2:d3:a2:b9:95:00: 5c:6c:60:48:68:49:66:b9:95:b8:c2:f4:2a:5d:7d: a5:42:fb:c7:84:7f:d7:6c:6a:5c:4a:b1:6b:cf:27: 44:e5:64:e0:e5:9d:8f:5a:9d:1a:ae:fd:bf:d4:1a: f6:62:3b:06:d5:3d:24:fd:08:97:2d:6f:a4:63:c7: b8:bd:50:ee:c5:ac:2d:50:7d:10:67:28:c9:5b:01: 44:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:5E:F6:69:C4:8F:7C:C6:7F:F8:1A:35:14:5C:32:64:02:F6:BC:74 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/Wl72acSPfMZ_-Bo1FFwyZAL2vHQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.8.0/23 Signature Algorithm: sha256WithRSAEncryption 74:dc:92:cf:b8:e4:6c:4f:ea:e8:bc:ef:8e:27:e2:5f:fe:fe: 20:5e:69:a5:a7:9d:7f:82:ca:85:4d:e7:b0:0e:6e:8c:16:ce: 88:97:77:74:1b:d2:7b:4a:cd:bf:16:03:a3:bd:e5:6f:7e:3e: 7b:f5:41:3f:33:69:e7:20:2e:d0:f1:c5:e5:ab:61:c6:1b:8b: 06:d0:62:77:e6:40:40:8c:a0:c9:a2:8d:97:61:1d:e3:19:5b: b6:c8:dd:9a:fe:10:8b:c6:1c:87:00:bf:77:fd:b9:c7:67:9c: 2e:12:21:f6:31:44:02:57:6b:9f:d3:30:b5:9d:ca:3c:f5:b2: 9a:ed:2a:f1:9e:8d:48:1a:3a:c9:8a:b8:24:25:f2:73:62:01: 24:6d:8b:db:72:41:60:f8:d5:17:da:f8:54:a0:e9:50:8f:80: ee:23:81:c2:92:36:18:5f:3c:6f:f7:11:5c:39:92:ce:ed:9c: 56:b3:9f:4d:0f:1b:f7:4d:59:f7:f2:81:2d:ce:34:24:97:b6: 0c:1d:83:d0:3f:da:fb:74:63:aa:73:99:33:4b:c9:c2:98:7d: 95:c2:16:22:e9:8a:38:f7:42:ca:28:b7:55:b4:c3:4c:78:78: 41:e0:eb:ad:04:97:66:86:d5:e3:d5:34:22:4a:44:d8:2e:7d: 56:2d:ce:46 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIaMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MDYw ODA0MzBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDVBNUVGNjY5QzQ4RjdD QzY3RkY4MUEzNTE0NUMzMjY0MDJGNkJDNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDABl4txhDUMvEtN0O0xjGOO0ZewowPKedp2beb4oG5vT6+uEMU 5+PrrHmbv9uEj25dfVdGeFEAR049FmUZxD96eMkcbsHbxInqLbRfDIoZcGzIpdry s4X0B03PSK322/BoFqCo8c0b7LWzWBLw3ZX/3Qxf8Qt2Kew4/KhCoYhgO2gKpCVl avOcUMN7bqAoDBXAM+IUsmHoSmnLtbQEA5XYIaiHJfxucbsuTyMp1rLTormVAFxs YEhoSWa5lbjC9CpdfaVC+8eEf9dsalxKsWvPJ0TlZODlnY9anRqu/b/UGvZiOwbV PST9CJctb6Rjx7i9UO7FrC1QfRBnKMlbAUQhAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUWl72acSPfMZ/+Bo1FFwyZAL2vHQwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvV2w3MmFjU1BmTVpf LUJvMUZGd3laQUwydkhRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAbS4CDANBgkqhkiG9w0BAQsFAAOCAQEAdNySz7jkbE/q6LzvjifiX/7+IF5p paedf4LKhU3nsA5ujBbOiJd3dBvSe0rNvxYDo73lb34+e/VBPzNp5yAu0PHF5ath xhuLBtBid+ZAQIygyaKNl2Ed4xlbtsjdmv4Qi8YchwC/d/25x2ecLhIh9jFEAldr n9MwtZ3KPPWymu0q8Z6NSBo6yYq4JCXyc2IBJG2L23JBYPjVF9r4VKDpUI+A7iOB wpI2GF88b/cRXDmSzu2cVrOfTQ8b901Z9/KBLc40JJe2DB2D0D/a+3RjqnOZM0vJ wph9lcIWIumKOPdCyii3VbTDTHh4QeDrrQSXZobV49U0IkpE2C59Vi3ORg== -----END CERTIFICATE-----Generated at Mon Sep 8 02:36:40 2025 by rpki-client