$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/49U1GwrosmkGS4CFUGkUq20C45M.roa File: 49U1GwrosmkGS4CFUGkUq20C45M.roa (raw, json) Hash identifier: /DCFiXTdVC4+5ADyKI4Gh/fGInLtnzCkKeECj0MvSzI= Subject key identifier: E3:D5:35:1B:0A:E8:B2:69:06:4B:80:85:50:69:14:AB:6D:02:E3:93 Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Certificate serial: 0E40 Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/49U1GwrosmkGS4CFUGkUq20C45M.roa Signing time: Thu 28 Aug 2025 01:05:14 +0000 ROA not before: Thu 28 Aug 2025 01:05:14 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63567 IP address blocks: 43.248.184.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 01:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3648 (0xe40) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Validity Not Before: Aug 28 01:05:14 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=E3D5351B0AE8B269064B8085506914AB6D02E393 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:b8:87:23:14:c8:b7:58:e8:48:47:24:f5:e7: 11:a9:c1:96:fa:d9:d2:3c:7a:e1:17:dc:9f:37:68: 32:6f:df:9e:b0:c3:e1:64:0a:6c:89:ac:67:84:1c: 76:ff:3e:0b:37:29:80:28:04:5c:50:e2:ac:c9:6b: e4:e6:de:ac:f1:4b:7c:5e:f7:a7:74:e4:61:b0:21: 24:52:63:b6:62:2d:49:fe:ea:c4:28:9d:cc:f1:25: 51:a3:87:d4:27:d8:be:75:44:43:0e:bc:c5:6b:8a: 2e:9d:05:c8:47:ac:82:5e:8e:42:ac:dd:b4:d8:0a: ce:97:11:d2:70:b1:b0:f1:96:00:75:19:5a:a8:2b: 8c:99:f1:22:a8:4b:60:78:60:81:ab:af:17:38:c5: cb:2b:44:93:fe:bd:a3:eb:33:5f:38:bb:dc:c2:85: c0:0e:af:02:29:b5:29:32:ee:93:a7:c0:0e:c7:3c: fa:f0:53:b7:3e:7d:b8:19:cd:18:6b:f8:de:96:d9: f0:ea:ac:09:6e:70:cd:a1:e6:dd:d4:b9:7a:64:f1: 81:a3:c1:21:65:b6:29:8e:31:01:c0:e4:e8:71:5c: 4c:33:41:5d:68:f8:e0:49:0a:09:63:7d:a5:18:2e: 18:e5:0b:d0:e2:c2:12:33:bb:76:2d:cd:a4:2d:85: f4:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:D5:35:1B:0A:E8:B2:69:06:4B:80:85:50:69:14:AB:6D:02:E3:93 X509v3 Authority Key Identifier: keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/49U1GwrosmkGS4CFUGkUq20C45M.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.248.184.0/21 Signature Algorithm: sha256WithRSAEncryption b3:2c:d5:d7:81:7b:0e:cd:db:7b:ef:15:b6:0b:f8:ff:d9:3f: 8b:79:2b:c2:29:9c:23:2c:3b:f6:2c:ef:28:39:7d:ef:2f:7b: e0:76:da:d6:a6:d9:93:d2:bd:69:75:ea:18:7f:da:b7:45:5b: 22:82:ae:3f:01:5c:1c:6a:7c:a8:8f:41:33:0d:a2:47:dd:17: 90:c4:c8:a8:82:9f:d5:c7:29:32:8c:28:1b:d3:0e:ce:b2:f3: 0a:0f:a2:a5:0d:23:74:ed:30:21:09:92:bf:b9:e7:16:f0:a7: 0a:e0:4d:a8:17:89:8a:77:5a:5b:2f:49:5d:99:4a:f4:4e:0e: 10:3c:d1:ee:25:67:15:a4:2b:b5:91:27:b1:ba:70:42:18:5f: 77:62:00:a2:8a:ef:a8:29:84:69:f4:eb:7d:f0:7f:ae:f7:40: cd:1c:89:eb:2f:1d:21:26:81:e4:12:39:93:3f:dc:5f:09:1a: 89:06:09:86:9c:cb:0b:98:18:39:e8:b3:20:78:78:5c:89:41: ee:06:aa:09:25:a5:2f:07:13:83:ed:36:84:fb:31:bb:55:46: da:6c:a7:99:bc:37:9c:f1:5a:b1:00:b5:20:a2:39:2f:13:81: 93:17:57:5c:7b:fb:d4:6c:9d:8a:e4:fb:92:21:27:c4:62:ee: 0c:fb:18:eb -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDkAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA4Mjgw MTA1MTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEUzRDUzNTFCMEFFOEIy NjkwNjRCODA4NTUwNjkxNEFCNkQwMkUzOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCguIcjFMi3WOhIRyT15xGpwZb62dI8euEX3J83aDJv356ww+Fk CmyJrGeEHHb/Pgs3KYAoBFxQ4qzJa+Tm3qzxS3xe96d05GGwISRSY7ZiLUn+6sQo nczxJVGjh9Qn2L51REMOvMVrii6dBchHrIJejkKs3bTYCs6XEdJwsbDxlgB1GVqo K4yZ8SKoS2B4YIGrrxc4xcsrRJP+vaPrM184u9zChcAOrwIptSky7pOnwA7HPPrw U7c+fbgZzRhr+N6W2fDqrAlucM2h5t3UuXpk8YGjwSFltimOMQHA5OhxXEwzQV1o +OBJCgljfaUYLhjlC9DiwhIzu3YtzaQthfR1AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU49U1GwrosmkGS4CFUGkUq20C45MwHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/ AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwLzQ5VTFHd3Jvc21rR1M0 Q0ZVR2tVcTIwQzQ1TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAMr+LgwDQYJKoZIhvcNAQELBQADggEBALMs1deBew7N23vvFbYL+P/ZP4t5K8Ip nCMsO/Ys7yg5fe8ve+B22tam2ZPSvWl16hh/2rdFWyKCrj8BXBxqfKiPQTMNokfd F5DEyKiCn9XHKTKMKBvTDs6y8woPoqUNI3TtMCEJkr+55xbwpwrgTagXiYp3Wlsv SV2ZSvRODhA80e4lZxWkK7WRJ7G6cEIYX3diAKKK76gphGn0633wf673QM0ciesv HSEmgeQSOZM/3F8JGokGCYacywuYGDnosyB4eFyJQe4GqgklpS8HE4PtNoT7MbtV Rtpsp5m8N5zxWrEAtSCiOS8TgZMXV1x7+9RsnYrk+5IhJ8Ri7gz7GOs= -----END CERTIFICATE-----Generated at Sat Sep 6 20:33:58 2025 by rpki-client