$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2411/hYK-XjRKskiAn6bAAG5T4Oe--f8.roa File: hYK-XjRKskiAn6bAAG5T4Oe--f8.roa (raw, json) Hash identifier: ki0ISRRah8HdJpf+F48KF/abn4Ku+jTiEO0CCXWKn+w= Subject key identifier: 85:82:BE:5E:34:4A:B2:48:80:9F:A6:C0:00:6E:53:E0:E7:BE:F9:FF Certificate issuer: /CN=1F552F6E8AC2F97E1447BFAC810059695E2B32A9 Certificate serial: 29 Authority key identifier: 1F:55:2F:6E:8A:C2:F9:7E:14:47:BF:AC:81:00:59:69:5E:2B:32:A9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H1UvborC-X4UR7-sgQBZaV4rMqk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/hYK-XjRKskiAn6bAAG5T4Oe--f8.roa Signing time: Mon 18 Aug 2025 01:57:55 +0000 ROA not before: Mon 18 Aug 2025 01:57:55 +0000 ROA not after: Sun 16 Aug 2026 01:52:01 +0000 asID: 137690 IP address blocks: 202.189.44.0/22 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/H1UvborC-X4UR7-sgQBZaV4rMqk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/H1UvborC-X4UR7-sgQBZaV4rMqk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H1UvborC-X4UR7-sgQBZaV4rMqk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 16:11:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41 (0x29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1F552F6E8AC2F97E1447BFAC810059695E2B32A9 Validity Not Before: Aug 18 01:57:55 2025 GMT Not After : Aug 16 01:52:01 2026 GMT Subject: CN=8582BE5E344AB248809FA6C0006E53E0E7BEF9FF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:3c:a0:52:bb:a4:fa:80:90:4e:b4:40:67:ec: 02:35:64:ab:25:d3:c6:e3:78:48:38:b5:e3:8d:80: bb:3e:48:eb:4f:94:d4:23:09:d9:a3:2d:2e:cd:34: ef:fc:a2:01:74:7c:5b:8c:db:1f:ea:72:c3:62:2a: 63:9b:9f:62:a5:ff:62:25:5a:7d:e9:80:af:d4:6c: 12:c5:d7:76:ba:6f:d5:d3:a8:b6:6f:88:34:61:13: 8d:09:fa:2c:13:6c:c4:ec:00:32:4e:59:53:78:be: 15:58:71:22:f6:fb:27:34:f8:63:27:b0:3a:26:00: 29:93:d7:bf:b7:b2:ec:15:7e:ea:07:3d:68:33:cc: 45:d6:7a:34:f7:b8:d3:80:c7:0f:56:a1:8e:5f:c6: 61:c6:c4:f8:8b:9e:60:73:1c:be:8d:d7:6a:1e:a0: a2:00:16:19:b3:27:66:ad:98:ff:c0:fb:b4:11:0d: 25:de:84:34:e8:40:ea:23:5f:85:a9:10:ca:4a:80: 72:81:24:8a:10:86:b6:24:fa:b4:98:c2:a1:85:9f: b5:13:6a:0f:d7:51:48:f6:b8:d7:ac:00:1a:bb:0e: 49:67:ed:5e:d2:27:31:10:5d:6a:a8:f7:26:46:02: f5:44:3b:4d:f0:14:f9:72:5d:8a:86:16:f5:87:ba: 89:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:82:BE:5E:34:4A:B2:48:80:9F:A6:C0:00:6E:53:E0:E7:BE:F9:FF X509v3 Authority Key Identifier: keyid:1F:55:2F:6E:8A:C2:F9:7E:14:47:BF:AC:81:00:59:69:5E:2B:32:A9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/H1UvborC-X4UR7-sgQBZaV4rMqk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H1UvborC-X4UR7-sgQBZaV4rMqk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/hYK-XjRKskiAn6bAAG5T4Oe--f8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.189.44.0/22 Signature Algorithm: sha256WithRSAEncryption 0b:c0:7b:cc:02:64:44:cd:a3:3f:ab:c2:8c:f2:14:2b:a0:30: b4:d2:d3:64:25:2d:5c:ab:ea:fe:23:48:45:8a:57:b9:7c:72: 0d:8a:de:78:54:ee:f4:bf:bb:1c:6d:73:b6:f4:2b:65:89:c5: f5:f6:4a:27:9c:ab:97:f2:03:a4:37:bd:4c:87:af:48:49:66: 51:1c:8f:a3:94:e5:f0:b6:ef:b4:a5:94:ef:d7:5d:53:71:e8: b1:01:6a:81:bd:2e:80:d6:54:8c:09:81:78:49:e6:56:b9:7a: eb:f2:03:de:4a:31:8c:98:35:77:47:9b:3a:0e:6f:92:e2:f7: 4f:8e:6f:3b:e3:6a:12:5d:4d:b0:0e:d9:9a:61:53:c7:09:6b: 7b:a2:68:b6:da:24:be:0c:aa:9a:31:86:b8:b8:e7:eb:ec:a5: 98:fa:0f:99:82:c8:ad:2b:44:2a:16:91:66:a3:a2:f0:d4:76: 8c:2c:d7:c9:ed:1b:f1:31:aa:13:7c:85:1f:cd:b0:50:7c:4b: 11:83:a8:be:73:28:76:d0:fb:62:57:d2:01:1b:e6:10:5e:54: 15:c3:6c:4c:c2:c3:2b:a5:00:e2:ad:de:8f:ef:f3:f2:49:5c: 3c:0e:41:6a:ed:8c:c0:84:8c:f5:3e:3e:fa:56:a7:e8:cc:4c: 67:e1:f9:d6 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxRjU1 MkY2RThBQzJGOTdFMTQ0N0JGQUM4MTAwNTk2OTVFMkIzMkE5MB4XDTI1MDgxODAx NTc1NVoXDTI2MDgxNjAxNTIwMVowMzExMC8GA1UEAxMoODU4MkJFNUUzNDRBQjI0 ODgwOUZBNkMwMDA2RTUzRTBFN0JFRjlGRjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALs8oFK7pPqAkE60QGfsAjVkqyXTxuN4SDi1442Auz5I60+U1CMJ 2aMtLs007/yiAXR8W4zbH+pyw2IqY5ufYqX/YiVafemAr9RsEsXXdrpv1dOotm+I NGETjQn6LBNsxOwAMk5ZU3i+FVhxIvb7JzT4YyewOiYAKZPXv7ey7BV+6gc9aDPM RdZ6NPe404DHD1ahjl/GYcbE+IueYHMcvo3Xah6gogAWGbMnZq2Y/8D7tBENJd6E NOhA6iNfhakQykqAcoEkihCGtiT6tJjCoYWftRNqD9dRSPa416wAGrsOSWftXtIn MRBdaqj3JkYC9UQ7TfAU+XJdioYW9Ye6iZkCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBSFgr5eNEqySICfpsAAblPg5775/zAfBgNVHSMEGDAWgBQfVS9uisL5fhRHv6yB AFlpXisyqTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNDEx L0gxVXZib3JDLVg0VVI3LXNnUUJaYVY0ck1xay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvSDFVdmJvckMtWDRVUjctc2dRQlphVjRyTXFrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQxMS9oWUstWGpSS3NraUFu NmJBQUc1VDRPZS0tZjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCyr0sMA0GCSqGSIb3DQEBCwUAA4IBAQALwHvMAmREzaM/q8KM8hQroDC00tNk JS1cq+r+I0hFile5fHINit54VO70v7scbXO29CtlicX19konnKuX8gOkN71Mh69I SWZRHI+jlOXwtu+0pZTv111TceixAWqBvS6A1lSMCYF4SeZWuXrr8gPeSjGMmDV3 R5s6Dm+S4vdPjm8742oSXU2wDtmaYVPHCWt7omi22iS+DKqaMYa4uOfr7KWY+g+Z gsitK0QqFpFmo6Lw1HaMLNfJ7RvxMaoTfIUfzbBQfEsRg6i+cyh20PtiV9IBG+YQ XlQVw2xMwsMrpQDird6P7/PySVw8DkFq7YzAhIz1Pj76VqfozExn4fnW -----END CERTIFICATE-----Generated at Wed Nov 5 14:36:59 2025 by rpki-client