$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/OnH0Vt1I5R6wNBWFRfg8Ff4asPw.roa File: OnH0Vt1I5R6wNBWFRfg8Ff4asPw.roa (raw, json) Hash identifier: ekVl+n+QePiWDI+SK7an1g336m5x7voRP2HHU9LgtN0= Subject key identifier: 3A:71:F4:56:DD:48:E5:1E:B0:34:15:85:45:F8:3C:15:FE:1A:B0:FC Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EC8 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/OnH0Vt1I5R6wNBWFRfg8Ff4asPw.roa Signing time: Sat 13 Sep 2025 03:05:28 +0000 ROA not before: Sat 13 Sep 2025 03:05:28 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59083 IP address blocks: 202.89.108.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 12:36:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7880 (0x1ec8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:28 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3A71F456DD48E51EB034158545F83C15FE1AB0FC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:05:5e:ce:2c:46:c8:3f:ec:5a:36:ef:c7:86: cd:b7:41:9a:31:5c:b7:38:03:eb:da:07:f3:67:7a: 12:1d:c2:f3:75:e1:56:a2:ca:51:dd:c8:15:bf:84: 22:06:3c:ca:3f:ef:1f:3c:62:c3:fc:b6:a7:08:69: 97:cb:87:6d:a1:2f:96:5f:47:e3:87:47:8e:fb:67: b9:11:1b:07:a4:f0:4a:e1:25:65:2a:2a:18:7b:da: f0:ba:d3:40:43:41:f2:67:f8:92:db:7d:43:8f:1c: 65:16:5f:78:e1:17:e7:8c:df:f4:16:1a:11:bc:1d: a6:52:fc:c3:01:f5:d7:08:81:49:60:7e:c3:99:76: c2:d8:0d:ba:2d:a2:85:40:49:76:b4:18:2a:57:a3: b1:04:0a:e4:fa:88:75:d2:df:6f:2f:be:bf:c4:97: 75:89:24:71:3c:c7:2d:65:61:98:6c:dc:93:6d:ca: 33:69:c4:58:05:ad:4c:3d:a8:d6:7a:bb:a0:e0:e3: fe:cb:90:10:c9:0d:0e:0c:91:89:3a:4f:c6:2a:1f: ab:a8:7a:4b:44:0a:b2:38:d1:c4:8e:79:29:b5:48: ba:52:8f:09:9d:21:7b:56:40:3b:97:67:8f:9e:d9: 22:eb:60:e0:39:f9:a6:c8:86:1d:fe:3d:f5:f0:8b: 43:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:71:F4:56:DD:48:E5:1E:B0:34:15:85:45:F8:3C:15:FE:1A:B0:FC X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/OnH0Vt1I5R6wNBWFRfg8Ff4asPw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.89.108.0/23 Signature Algorithm: sha256WithRSAEncryption c3:6b:66:e8:97:a7:0c:81:08:90:4c:08:9c:d5:93:51:35:e5: f8:fb:bb:d0:e1:7d:c3:58:7c:49:6a:3b:f3:62:f9:59:ea:ee: 25:a5:c8:32:46:f3:67:96:35:89:49:5f:5a:10:36:25:3d:cd: 90:6d:6c:b9:d9:c9:22:14:74:d3:6c:01:e5:06:3e:04:3d:80: fb:60:42:0a:34:12:78:e0:5b:5d:d4:89:e4:7f:c2:2b:14:33: 5f:fd:8c:49:38:ce:67:9d:44:2d:a1:fd:26:69:ed:1c:7e:c4: 6f:ba:8c:e9:87:4e:e4:ab:8d:93:db:cb:f4:9a:ea:66:64:24: 4a:8e:cb:17:68:27:e3:4b:6f:d8:7e:3f:5a:10:46:5a:a5:0a: 72:a5:8c:b5:75:52:08:f7:ca:17:7a:30:22:f4:65:18:34:64: de:a4:23:96:14:a0:e7:36:e0:b7:5f:ac:2f:d2:a3:68:c0:2c: a0:83:f9:ee:70:b4:c3:d7:53:a7:1b:48:4d:79:d4:1c:e4:15: 9b:8f:69:35:90:fd:3f:4e:60:97:4e:b4:cd:5e:79:59:04:22: c4:c0:0b:93:2d:5b:b5:fc:d0:77:49:91:06:d8:d3:11:30:f9: 45:04:4f:ff:6a:2c:0c:6a:b1:27:52:69:67:13:a2:8d:dd:90: 03:c2:0b:5c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHsgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDNBNzFGNDU2REQ0OEU1 MUVCMDM0MTU4NTQ1RjgzQzE1RkUxQUIwRkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDaBV7OLEbIP+xaNu/Hhs23QZoxXLc4A+vaB/NnehIdwvN14Vai ylHdyBW/hCIGPMo/7x88YsP8tqcIaZfLh22hL5ZfR+OHR477Z7kRGwek8ErhJWUq Khh72vC600BDQfJn+JLbfUOPHGUWX3jhF+eM3/QWGhG8HaZS/MMB9dcIgUlgfsOZ dsLYDbotooVASXa0GCpXo7EECuT6iHXS328vvr/El3WJJHE8xy1lYZhs3JNtyjNp xFgFrUw9qNZ6u6Dg4/7LkBDJDQ4MkYk6T8YqH6uoektECrI40cSOeSm1SLpSjwmd IXtWQDuXZ4+e2SLrYOA5+abIhh3+PfXwi0PNAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUOnH0Vt1I5R6wNBWFRfg8Ff4asPwwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L09uSDBWdDFJNVI2d05C V0ZSZmc4RmY0YXNQdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAHKWWwwDQYJKoZIhvcNAQELBQADggEBAMNrZuiXpwyBCJBMCJzVk1E15fj7u9Dh fcNYfElqO/Ni+Vnq7iWlyDJG82eWNYlJX1oQNiU9zZBtbLnZySIUdNNsAeUGPgQ9 gPtgQgo0EnjgW13UieR/wisUM1/9jEk4zmedRC2h/SZp7Rx+xG+6jOmHTuSrjZPb y/Sa6mZkJEqOyxdoJ+NLb9h+P1oQRlqlCnKljLV1Ugj3yhd6MCL0ZRg0ZN6kI5YU oOc24LdfrC/So2jALKCD+e5wtMPXU6cbSE151BzkFZuPaTWQ/T9OYJdOtM1eeVkE IsTAC5MtW7X80HdJkQbY0xEw+UUET/9qLAxqsSdSaWcToo3dkAPCC1w= -----END CERTIFICATE-----Generated at Sun Oct 26 11:44:22 2025 by rpki-client