$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/wSH0JiEv4z9DFaY_FtaYlLfMp2A.roa File: wSH0JiEv4z9DFaY_FtaYlLfMp2A.roa (raw, json) Hash identifier: nt5gYtPk89ygdhDuuY+l28uFvkg8/Ym8gUjmMErufIk= Subject key identifier: C1:21:F4:26:21:2F:E3:3F:43:15:A6:3F:16:D6:98:94:B7:CC:A7:60 Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Certificate serial: 0E55 Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/wSH0JiEv4z9DFaY_FtaYlLfMp2A.roa Signing time: Mon 01 Sep 2025 01:47:20 +0000 ROA not before: Mon 01 Sep 2025 01:47:20 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4837 IP address blocks: 43.248.184.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 15:04:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3669 (0xe55) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Validity Not Before: Sep 1 01:47:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C121F426212FE33F4315A63F16D69894B7CCA760 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:cc:3b:b3:98:d3:2b:13:07:81:d0:79:f7:6a: b2:46:3e:49:00:2c:bb:12:0f:20:a9:29:6e:e9:73: af:95:01:45:a4:da:0a:a7:a6:f9:97:ec:c1:7e:09: 2d:5e:98:06:0b:96:07:db:ef:32:a0:ad:91:d3:ce: 04:35:0b:48:b1:14:54:d5:12:35:a0:e1:62:75:47: e5:87:01:5a:2f:5f:48:ec:37:92:ad:37:20:ff:a7: 83:3c:9e:99:f1:d2:0d:9f:cf:f0:8e:1d:ca:69:5d: 76:e3:5b:28:c2:db:00:27:16:53:7f:2f:ad:fb:f6: dc:68:1b:0d:91:c0:0d:22:0f:f8:e6:f9:4a:12:86: e2:64:58:e0:21:ba:84:ee:50:88:a7:dc:e3:e4:9d: 10:dc:98:06:58:3a:c5:43:58:bd:dd:f7:59:f1:c2: d8:bc:77:76:0b:d8:78:a4:00:08:00:53:f1:af:41: 70:75:2c:a0:19:e2:95:26:3e:d9:d9:39:d4:09:cb: 50:30:d5:1c:1a:dc:77:93:c2:d7:0e:6f:80:df:67: 13:f9:f2:df:2d:13:e7:d1:20:28:91:c4:ae:ae:fe: bc:df:f3:66:cc:f2:b2:43:f3:7f:d1:48:f4:44:92: 02:c8:88:9b:a5:6c:07:48:08:5b:b9:e7:f0:49:15: 6f:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:21:F4:26:21:2F:E3:3F:43:15:A6:3F:16:D6:98:94:B7:CC:A7:60 X509v3 Authority Key Identifier: keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/wSH0JiEv4z9DFaY_FtaYlLfMp2A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.248.184.0/21 Signature Algorithm: sha256WithRSAEncryption bf:af:29:15:98:80:c5:32:9f:01:96:7e:12:f4:0f:67:d2:0c: ee:e6:33:75:c2:51:04:87:b0:4c:5a:fb:2c:d9:c4:09:d0:c8: 7d:81:04:be:40:79:b7:cc:cb:12:f6:8b:fc:7d:0d:61:df:f8: f4:c4:e0:c0:ae:b2:74:5a:bb:94:40:b6:ba:75:70:e1:48:7f: 1f:0a:d5:61:c7:82:5b:75:c1:83:12:06:d6:96:4e:c7:85:91: fa:42:90:5f:f2:a3:73:c5:63:fb:b2:d5:32:39:c3:dc:a3:d7: 82:7b:78:95:c1:e2:9b:40:01:75:ff:af:3e:a0:e1:54:5e:e8: 7e:e3:30:10:2c:60:a4:ab:ab:5b:6c:ea:6a:de:41:74:79:ab: de:ef:4e:03:15:d7:e6:e3:df:d4:18:30:79:36:75:6a:5f:c8: ad:03:3e:3e:04:f7:89:d9:3f:0a:01:b2:25:2a:2f:93:9d:d6: 6d:d2:7f:53:88:66:86:19:ec:39:ae:37:56:db:ac:b2:fe:79: 2a:1d:38:ad:2e:80:d2:bb:5a:ca:6f:a7:bb:d6:c2:82:34:10: ca:ae:a7:b2:fa:99:a5:97:b7:01:30:57:6e:9a:7e:a8:6c:24: 02:39:68:17:3b:39:83:e5:dd:2b:23:f5:22:36:88:1c:fb:86: 78:bb:9a:e8 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDlUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA5MDEw MTQ3MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEMxMjFGNDI2MjEyRkUz M0Y0MzE1QTYzRjE2RDY5ODk0QjdDQ0E3NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC0zDuzmNMrEweB0Hn3arJGPkkALLsSDyCpKW7pc6+VAUWk2gqn pvmX7MF+CS1emAYLlgfb7zKgrZHTzgQ1C0ixFFTVEjWg4WJ1R+WHAVovX0jsN5Kt NyD/p4M8npnx0g2fz/COHcppXXbjWyjC2wAnFlN/L6379txoGw2RwA0iD/jm+UoS huJkWOAhuoTuUIin3OPknRDcmAZYOsVDWL3d91nxwti8d3YL2HikAAgAU/GvQXB1 LKAZ4pUmPtnZOdQJy1Aw1Rwa3HeTwtcOb4DfZxP58t8tE+fRICiRxK6u/rzf82bM 8rJD83/RSPREkgLIiJulbAdICFu55/BJFW9vAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUwSH0JiEv4z9DFaY/FtaYlLfMp2AwHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/ AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL3dTSDBKaUV2NHo5REZh WV9GdGFZbExmTXAyQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAMr+LgwDQYJKoZIhvcNAQELBQADggEBAL+vKRWYgMUynwGWfhL0D2fSDO7mM3XC UQSHsExa+yzZxAnQyH2BBL5AebfMyxL2i/x9DWHf+PTE4MCusnRau5RAtrp1cOFI fx8K1WHHglt1wYMSBtaWTseFkfpCkF/yo3PFY/uy1TI5w9yj14J7eJXB4ptAAXX/ rz6g4VRe6H7jMBAsYKSrq1ts6mreQXR5q97vTgMV1+bj39QYMHk2dWpfyK0DPj4E 94nZPwoBsiUqL5Od1m3Sf1OIZoYZ7DmuN1bbrLL+eSodOK0ugNK7Wspvp7vWwoI0 EMqup7L6maWXtwEwV26afqhsJAI5aBc7OYPl3Ssj9SI2iBz7hni7mug= -----END CERTIFICATE-----Generated at Sat Sep 6 13:15:39 2025 by rpki-client