$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/0hz4vNpH3cYN4VjuM-aZulOR3xo.roa File: 0hz4vNpH3cYN4VjuM-aZulOR3xo.roa (raw, json) Hash identifier: UzrqhvqM/vUaLsqN+HYGAXOMhCi3XMeKr1jILgQBeko= Subject key identifier: D2:1C:F8:BC:DA:47:DD:C6:0D:E1:58:EE:33:E6:99:BA:53:91:DF:1A Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Certificate serial: 206A Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/0hz4vNpH3cYN4VjuM-aZulOR3xo.roa Signing time: Sat 13 Sep 2025 03:09:25 +0000 ROA not before: Sat 13 Sep 2025 03:09:25 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137443 IP address blocks: 219.234.8.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 06:15:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8298 (0x206a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Validity Not Before: Sep 13 03:09:25 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D21CF8BCDA47DDC60DE158EE33E699BA5391DF1A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:b2:e0:51:7a:cc:da:95:1a:0a:e6:b2:01:7a: de:91:ef:99:3c:78:dc:aa:ae:73:9c:97:ab:22:5a: 97:60:f5:da:1b:b0:8a:c7:ac:0a:ae:d0:24:77:07: ec:0e:89:2b:32:bb:d8:b3:c3:9f:21:69:d5:cf:67: cc:22:23:22:a1:c9:80:27:55:6c:1f:a3:9e:bd:6e: fd:48:fa:ab:ea:14:62:24:f1:0f:b6:44:0e:b7:04: 5e:4d:61:7a:e2:b6:f8:b7:26:05:47:6e:45:14:51: 35:63:d6:9c:88:d3:b0:c6:dd:e5:89:c6:ed:e9:3a: 36:9d:89:5f:cf:f5:89:48:62:04:78:9f:38:4f:df: 3f:b0:d2:db:6d:b0:11:02:75:87:b5:45:ff:ef:25: 72:ec:3d:b6:b7:e8:93:fb:fb:1a:34:cb:1a:de:52: 9b:c3:2e:2e:4f:ce:dc:0f:a3:da:f7:a0:a6:d7:9b: 20:15:c5:33:a7:d6:4b:6c:e1:de:1e:93:4e:e5:0b: 34:9d:a1:c1:7a:f7:42:56:75:be:b3:d8:d4:15:54: c0:90:29:be:db:74:2a:2f:d8:34:5b:5b:ab:6b:8c: 09:5d:72:ee:a9:b4:64:ce:6a:72:14:d9:7a:6b:aa: 47:57:6d:53:f2:14:90:7b:ce:83:71:63:6c:cc:1a: 14:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:1C:F8:BC:DA:47:DD:C6:0D:E1:58:EE:33:E6:99:BA:53:91:DF:1A X509v3 Authority Key Identifier: keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/0hz4vNpH3cYN4VjuM-aZulOR3xo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 219.234.8.0/21 Signature Algorithm: sha256WithRSAEncryption b3:90:0d:21:fc:0d:a4:72:cd:e6:ca:cc:31:34:60:94:97:a3: ba:5b:f3:ae:28:5e:88:7d:eb:50:2c:e9:86:7b:00:9f:fa:fb: 53:74:09:06:5c:8e:d9:e0:fa:33:26:3c:6a:27:a7:6c:5f:3a: 72:6e:44:f1:49:3f:3d:75:51:b0:76:1f:33:24:97:fd:64:72: bf:73:1f:24:39:62:a8:ac:58:7d:3b:eb:5f:23:7b:65:a8:dd: 23:d5:2b:a0:08:34:94:69:6a:3d:85:82:21:87:2a:25:7f:2a: 42:70:fa:b0:64:fe:90:d1:c0:25:96:f1:d0:fc:93:98:42:a2: c3:91:29:4d:c2:29:5b:df:73:ee:81:4f:5d:be:90:e0:cc:c1: 49:c5:3f:a8:cd:48:ce:fa:76:e2:12:5f:e0:72:4a:79:3a:0d: 0c:80:ad:bb:fd:f9:f9:b8:79:df:22:63:b5:92:fe:14:09:9e: f2:b9:c6:e1:94:88:47:d4:c3:b0:3a:7c:8a:89:de:9d:0c:e8: a7:c3:00:e5:84:51:3b:42:6e:ed:be:7a:fe:71:59:9b:91:da: 0f:da:28:08:44:5c:e8:10:0d:17:f4:a4:6f:d2:83:20:6b:e5: 36:e6:57:d6:f6:1b:99:82:5b:8d:25:c5:29:11:6a:2f:6c:69: 7c:af:68:d9 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIGowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNTA5MTMw MzA5MjVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQyMUNGOEJDREE0N0RE QzYwREUxNThFRTMzRTY5OUJBNTM5MURGMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6suBReszalRoK5rIBet6R75k8eNyqrnOcl6siWpdg9dobsIrH rAqu0CR3B+wOiSsyu9izw58hadXPZ8wiIyKhyYAnVWwfo569bv1I+qvqFGIk8Q+2 RA63BF5NYXritvi3JgVHbkUUUTVj1pyI07DG3eWJxu3pOjadiV/P9YlIYgR4nzhP 3z+w0tttsBECdYe1Rf/vJXLsPba36JP7+xo0yxreUpvDLi5PztwPo9r3oKbXmyAV xTOn1kts4d4ek07lCzSdocF690JWdb6z2NQVVMCQKb7bdCov2DRbW6trjAldcu6p tGTOanIU2XprqkdXbVPyFJB7zoNxY2zMGhTXAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU0hz4vNpH3cYN4VjuM+aZulOR3xowHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4 OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvMGh6NHZOcEgzY1lO NFZqdU0tYVp1bE9SM3hvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA9vqCDANBgkqhkiG9w0BAQsFAAOCAQEAs5ANIfwNpHLN5srMMTRglJejulvz riheiH3rUCzphnsAn/r7U3QJBlyO2eD6MyY8aienbF86cm5E8Uk/PXVRsHYfMySX /WRyv3MfJDliqKxYfTvrXyN7ZajdI9UroAg0lGlqPYWCIYcqJX8qQnD6sGT+kNHA JZbx0PyTmEKiw5EpTcIpW99z7oFPXb6Q4MzBScU/qM1Izvp24hJf4HJKeToNDICt u/35+bh53yJjtZL+FAme8rnG4ZSIR9TDsDp8ionenQzop8MA5YRRO0Ju7b56/nFZ m5HaD9ooCERc6BANF/Skb9KDIGvlNuZX1vYbmYJbjSXFKRFqL2xpfK9o2Q== -----END CERTIFICATE-----Generated at Wed Nov 5 04:42:47 2025 by rpki-client