$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/344/hPehaI9ioj5n5BSZZ9gIXEVWvxw.roa File: hPehaI9ioj5n5BSZZ9gIXEVWvxw.roa (raw, json) Hash identifier: JMqirG+qi0YHmDsq55XQSzUCtB+BE2gTtVx+nHzV4Sg= Subject key identifier: 84:F7:A1:68:8F:62:A2:3E:67:E4:14:99:67:D8:08:5C:45:56:BF:1C Certificate issuer: /CN=240ED9E7AD0A83829D8F1A990C9FF94D6A106ED7 Certificate serial: 05 Authority key identifier: 24:0E:D9:E7:AD:0A:83:82:9D:8F:1A:99:0C:9F:F9:4D:6A:10:6E:D7 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JA7Z560Kg4KdjxqZDJ_5TWoQbtc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/344/hPehaI9ioj5n5BSZZ9gIXEVWvxw.roa Signing time: Tue 26 Aug 2025 01:21:39 +0000 ROA not before: Tue 26 Aug 2025 01:21:39 +0000 ROA not after: Wed 26 Aug 2026 01:18:16 +0000 asID: 9808 IP address blocks: 113.18.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/344/JA7Z560Kg4KdjxqZDJ_5TWoQbtc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/344/JA7Z560Kg4KdjxqZDJ_5TWoQbtc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JA7Z560Kg4KdjxqZDJ_5TWoQbtc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 10:05:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5 (0x5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240ED9E7AD0A83829D8F1A990C9FF94D6A106ED7 Validity Not Before: Aug 26 01:21:39 2025 GMT Not After : Aug 26 01:18:16 2026 GMT Subject: CN=84F7A1688F62A23E67E4149967D8085C4556BF1C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:8e:f3:bb:c4:ab:2a:de:6d:25:65:47:8a:f8: 8b:b4:d6:c4:64:ae:d3:a9:1c:22:c0:c9:ac:70:9e: 76:6d:5e:70:7f:e7:9b:6a:b1:0e:e5:be:be:12:ad: 01:d3:8b:0e:a4:56:05:22:b9:52:b0:f0:e1:13:8c: 56:72:6f:8c:78:e1:c4:98:e6:83:3b:26:f6:47:5e: 46:1e:5f:46:9a:d0:29:2f:31:73:52:6f:f8:43:97: 0c:ff:8b:a0:57:14:c0:ad:b0:6b:ee:61:75:80:5d: 5c:e8:de:0d:59:e3:06:d0:e7:71:df:9e:1f:13:8f: 0f:08:fb:be:8f:17:c6:5b:b2:d2:05:ec:42:15:e0: ee:8b:53:e1:fb:ff:ea:51:19:54:7d:22:f5:3f:f1: c0:33:04:85:90:f7:7b:d6:23:1b:a1:47:f8:4a:72: 40:be:17:e2:bd:eb:36:51:79:7e:3b:cc:39:28:80: 02:c9:1e:b9:c0:59:8e:d7:4c:5f:7f:0b:2e:a0:45: 2e:b3:6a:fe:b9:d4:d2:f2:da:e3:10:fd:01:38:18: 1a:82:9e:ed:36:ac:44:4f:ad:ef:8e:d9:86:ff:98: 5f:dc:b8:a8:ff:38:81:23:bc:26:f0:68:43:8f:bb: e7:63:f6:75:31:43:0d:a0:fd:c9:c5:4b:fe:30:f0: 47:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:F7:A1:68:8F:62:A2:3E:67:E4:14:99:67:D8:08:5C:45:56:BF:1C X509v3 Authority Key Identifier: keyid:24:0E:D9:E7:AD:0A:83:82:9D:8F:1A:99:0C:9F:F9:4D:6A:10:6E:D7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/344/JA7Z560Kg4KdjxqZDJ_5TWoQbtc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JA7Z560Kg4KdjxqZDJ_5TWoQbtc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/344/hPehaI9ioj5n5BSZZ9gIXEVWvxw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.18.0.0/16 Signature Algorithm: sha256WithRSAEncryption 13:be:7c:5e:20:34:59:0a:ad:1b:aa:40:97:9b:fd:41:a5:73: 10:54:91:88:92:fd:6f:ae:e2:a1:d5:5f:e5:1c:62:12:e5:f8: 13:14:12:2d:d9:21:2f:c4:ef:71:7e:28:ab:fa:d7:7f:17:a1: d1:1d:6c:08:34:87:76:36:3b:fe:89:a2:83:9f:5b:ac:1b:aa: 4f:84:b1:b3:6a:54:b0:b7:6d:72:84:65:dc:3f:1f:9e:bb:6b: 70:85:3d:82:1c:f6:7e:7c:2c:9e:59:53:86:1b:aa:f5:cf:98: b3:41:77:2a:f4:2a:6a:88:2a:fc:fb:a7:28:20:fe:11:52:cf: cc:36:02:1a:fe:f6:c3:dd:24:45:12:da:cb:aa:09:bf:c4:72: 89:a2:f8:08:35:3e:29:7f:5f:8c:ff:60:25:79:c2:a6:ce:2b: 60:9c:be:b2:1d:02:cc:42:9d:2b:bd:4b:31:5e:7b:76:d6:00: 1c:bd:da:ab:4c:b0:e5:2c:dd:d5:9c:eb:cc:75:a6:a1:8b:39: 17:6e:8e:a1:5b:44:b9:c5:c1:7d:a4:c2:99:a7:96:e0:b9:96: 2c:5f:c9:ca:d2:5d:34:41:b2:06:a8:22:61:d5:7a:dd:cb:ad: 6f:eb:bc:f2:a4:43:1b:86:d8:d7:5c:3a:7b:12:1f:cf:02:4b: ee:df:ae:b8 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgIBBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyNDBF RDlFN0FEMEE4MzgyOUQ4RjFBOTkwQzlGRjk0RDZBMTA2RUQ3MB4XDTI1MDgyNjAx MjEzOVoXDTI2MDgyNjAxMTgxNlowMzExMC8GA1UEAxMoODRGN0ExNjg4RjYyQTIz RTY3RTQxNDk5NjdEODA4NUM0NTU2QkYxQzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALCO87vEqyrebSVlR4r4i7TWxGSu06kcIsDJrHCedm1ecH/nm2qx DuW+vhKtAdOLDqRWBSK5UrDw4ROMVnJvjHjhxJjmgzsm9kdeRh5fRprQKS8xc1Jv +EOXDP+LoFcUwK2wa+5hdYBdXOjeDVnjBtDncd+eHxOPDwj7vo8Xxluy0gXsQhXg 7otT4fv/6lEZVH0i9T/xwDMEhZD3e9YjG6FH+EpyQL4X4r3rNlF5fjvMOSiAAske ucBZjtdMX38LLqBFLrNq/rnU0vLa4xD9ATgYGoKe7TasRE+t747Zhv+YX9y4qP84 gSO8JvBoQ4+752P2dTFDDaD9ycVL/jDwR8sCAwEAAaOCAfAwggHsMB0GA1UdDgQW BBSE96Foj2KiPmfkFJln2AhcRVa/HDAfBgNVHSMEGDAWgBQkDtnnrQqDgp2PGpkM n/lNahBu1zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zNDQv SkE3WjU2MEtnNEtkanhxWkRKXzVUV29RYnRjLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9KQTdaNTYwS2c0S2RqeHFaREpfNVRXb1FidGMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zNDQvaFBlaGFJOWlvajVuNUJT Wlo5Z0lYRVZXdnh3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj LmNuL3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMD AHESMA0GCSqGSIb3DQEBCwUAA4IBAQATvnxeIDRZCq0bqkCXm/1BpXMQVJGIkv1v ruKh1V/lHGIS5fgTFBIt2SEvxO9xfiir+td/F6HRHWwINId2Njv+iaKDn1usG6pP hLGzalSwt21yhGXcPx+eu2twhT2CHPZ+fCyeWVOGG6r1z5izQXcq9CpqiCr8+6co IP4RUs/MNgIa/vbD3SRFEtrLqgm/xHKJovgINT4pf1+M/2AlecKmzitgnL6yHQLM Qp0rvUsxXnt21gAcvdqrTLDlLN3VnOvMdaahizkXbo6hW0S5xcF9pMKZp5bguZYs X8nK0l00QbIGqCJh1Xrdy61v67zypEMbhtjXXDp7Eh/PAkvu3664 -----END CERTIFICATE-----Generated at Mon Sep 8 09:12:38 2025 by rpki-client