$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/621/YNqcA70QNDIL-1f-HxZVMTRIsBs.roa File: YNqcA70QNDIL-1f-HxZVMTRIsBs.roa (raw, json) Hash identifier: QFl0FbaZRakp+GDoHuDV/S/9eyi8/F7xjhbaAHfVv+o= Subject key identifier: 60:DA:9C:03:BD:10:34:32:0B:FB:57:FE:1F:16:55:31:34:48:B0:1B Certificate issuer: /CN=E56DA4C275F3CCC92D086202A1EDA7783F0C3D0D Certificate serial: 23D6 Authority key identifier: E5:6D:A4:C2:75:F3:CC:C9:2D:08:62:02:A1:ED:A7:78:3F:0C:3D:0D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5W2kwnXzzMktCGICoe2neD8MPQ0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/YNqcA70QNDIL-1f-HxZVMTRIsBs.roa Signing time: Sat 13 Sep 2025 03:09:20 +0000 ROA not before: Sat 13 Sep 2025 03:09:20 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 138915 IP address blocks: 27.0.133.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5W2kwnXzzMktCGICoe2neD8MPQ0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Oct 2025 18:37:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9174 (0x23d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E56DA4C275F3CCC92D086202A1EDA7783F0C3D0D Validity Not Before: Sep 13 03:09:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=60DA9C03BD1034320BFB57FE1F1655313448B01B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:2c:22:d6:05:d3:5e:a8:62:7c:5a:e7:d4:8c: b4:b8:c7:77:40:f3:08:5f:3b:bc:56:60:1a:fe:c4: d4:7b:81:59:98:83:bb:b5:ec:97:20:a5:ca:ef:e0: 36:98:b1:44:cd:a5:37:e6:a7:53:4f:5a:82:20:c1: ab:07:6d:6f:33:69:00:31:e0:4a:ab:ce:e6:c7:33: a7:15:2f:79:a9:b6:49:6d:41:1c:09:74:d1:ca:d5: 07:ae:25:e6:f3:02:cf:af:2f:06:53:d0:3f:ff:24: 21:72:aa:de:a1:77:e3:77:31:bf:96:71:3e:1c:40: 50:d2:ff:43:c7:f1:dc:b6:d6:fa:4c:8f:e9:30:2f: 74:b7:da:d7:99:eb:01:df:00:44:02:d6:13:2c:25: e7:aa:96:ba:0e:34:0d:c9:6c:52:0f:5b:96:5c:fa: 67:3e:69:d0:f3:69:70:12:99:cb:4b:27:e9:2b:82: 66:aa:b9:12:fb:bf:53:58:a5:2c:29:56:81:6a:0e: c9:70:d3:7e:87:c8:f0:fa:f2:6c:3f:6b:21:0a:d6: 26:a5:0e:f5:1b:98:14:e6:56:5f:40:e9:da:bd:4e: bf:52:d5:a3:fc:fc:21:f3:fb:88:0b:83:b1:82:a3: f6:93:9a:26:3e:94:06:a8:de:c4:b5:be:f4:7a:72: fe:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:DA:9C:03:BD:10:34:32:0B:FB:57:FE:1F:16:55:31:34:48:B0:1B X509v3 Authority Key Identifier: keyid:E5:6D:A4:C2:75:F3:CC:C9:2D:08:62:02:A1:ED:A7:78:3F:0C:3D:0D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5W2kwnXzzMktCGICoe2neD8MPQ0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/YNqcA70QNDIL-1f-HxZVMTRIsBs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 27.0.133.0/24 Signature Algorithm: sha256WithRSAEncryption 93:1d:d2:02:77:85:dc:6f:5b:1e:e8:8e:9a:26:17:5f:3a:88: a9:c9:2d:f0:c3:cb:c1:fa:bf:17:08:6e:90:b2:f1:ed:7c:79: eb:f9:9a:9e:50:69:7a:67:89:92:11:9a:e1:71:a5:28:9c:6a: 7e:02:a0:68:09:94:e0:62:c2:ab:10:71:c3:65:91:90:a5:8b: 66:93:23:b9:ff:32:91:1a:e8:45:90:7c:17:4f:92:8f:80:08: 58:81:f3:e8:11:03:4f:77:48:e9:61:f6:5e:a2:2d:8c:87:2c: bd:6f:19:8a:aa:de:07:2f:59:88:90:6b:a8:99:26:16:0c:de: c9:fb:fc:3d:b4:6a:ef:aa:eb:1e:71:77:33:f8:34:52:6c:cb: 8f:1d:a7:bc:28:b2:a4:54:57:4d:7a:84:5c:d2:64:2b:f6:68: da:40:1d:32:c7:08:17:b9:7c:da:ab:cf:28:f2:9a:e4:e4:eb: b1:00:c3:42:75:71:b3:28:31:65:c2:9e:fc:87:5d:e5:f6:06: 05:be:83:17:96:9d:ce:68:7d:0c:b1:88:11:02:b9:22:3b:ae: f7:02:8e:5c:38:73:d7:04:6d:66:02:60:08:7a:b0:ae:d4:26: d1:31:c8:94:60:bb:27:75:58:3b:9b:d0:28:fe:49:7f:6d:51: ac:bc:43:d2 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICI9YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTU2 REE0QzI3NUYzQ0NDOTJEMDg2MjAyQTFFREE3NzgzRjBDM0QwRDAeFw0yNTA5MTMw MzA5MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDYwREE5QzAzQkQxMDM0 MzIwQkZCNTdGRTFGMTY1NTMxMzQ0OEIwMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+LCLWBdNeqGJ8WufUjLS4x3dA8whfO7xWYBr+xNR7gVmYg7u1 7Jcgpcrv4DaYsUTNpTfmp1NPWoIgwasHbW8zaQAx4EqrzubHM6cVL3mptkltQRwJ dNHK1QeuJebzAs+vLwZT0D//JCFyqt6hd+N3Mb+WcT4cQFDS/0PH8dy21vpMj+kw L3S32teZ6wHfAEQC1hMsJeeqlroONA3JbFIPW5Zc+mc+adDzaXASmctLJ+krgmaq uRL7v1NYpSwpVoFqDslw036HyPD68mw/ayEK1ialDvUbmBTmVl9A6dq9Tr9S1aP8 /CHz+4gLg7GCo/aTmiY+lAao3sS1vvR6cv43AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUYNqcA70QNDIL+1f+HxZVMTRIsBswHwYDVR0jBBgwFoAU5W2kwnXzzMktCGIC oe2neD8MPQ0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIx LzVXMmt3blh6ek1rdENHSUNvZTJuZUQ4TVBRMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvNVcya3duWHp6TWt0Q0dJQ29lMm5lRDhNUFEwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIxL1lOcWNBNzBRTkRJTC0x Zi1IeFpWTVRSSXNCcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAbAIUwDQYJKoZIhvcNAQELBQADggEBAJMd0gJ3hdxvWx7ojpomF186iKnJLfDD y8H6vxcIbpCy8e18eev5mp5QaXpniZIRmuFxpSican4CoGgJlOBiwqsQccNlkZCl i2aTI7n/MpEa6EWQfBdPko+ACFiB8+gRA093SOlh9l6iLYyHLL1vGYqq3gcvWYiQ a6iZJhYM3sn7/D20au+q6x5xdzP4NFJsy48dp7wosqRUV016hFzSZCv2aNpAHTLH CBe5fNqrzyjymuTk67EAw0J1cbMoMWXCnvyHXeX2BgW+gxeWnc5ofQyxiBECuSI7 rvcCjlw4c9cEbWYCYAh6sK7UJtExyJRguyd1WDub0Cj+SX9tUay8Q9I= -----END CERTIFICATE-----Generated at Sun Oct 19 16:11:45 2025 by rpki-client