$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/DNdrqkPkUBCvG0OBVHQ5nsSkV08.roa File: DNdrqkPkUBCvG0OBVHQ5nsSkV08.roa (raw, json) Hash identifier: 3koK8eWBSKquEfgNQ8sfKqT4Y3nIRsxkD2qm3afCQ+U= Subject key identifier: 0C:D7:6B:AA:43:E4:50:10:AF:1B:43:81:54:74:39:9E:C4:A4:57:4F Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21E6 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/DNdrqkPkUBCvG0OBVHQ5nsSkV08.roa Signing time: Sat 13 Sep 2025 03:09:06 +0000 ROA not before: Sat 13 Sep 2025 03:09:06 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4811 IP address blocks: 14.103.56.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 16:15:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8678 (0x21e6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:06 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=0CD76BAA43E45010AF1B43815474399EC4A4574F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:35:97:de:a9:2b:c6:57:99:3f:b4:59:87:b1: c5:6d:0e:77:3e:f3:28:f1:bd:cc:a5:f8:cf:54:27: c0:f9:cd:05:a1:90:4f:64:fa:15:59:9f:13:f8:fd: c1:f1:50:83:e7:e4:66:58:8c:02:52:30:7e:29:e9: 3e:64:08:da:b8:14:c9:15:01:35:fc:10:36:96:42: bf:9a:11:93:16:7a:0d:b2:92:1b:9a:69:5f:c5:5e: b8:60:4d:56:ba:8c:7b:7c:6f:d5:cb:a1:89:60:17: bd:7c:74:67:5f:09:b3:69:e4:74:e1:b4:32:fc:24: 6a:a0:38:58:7d:d2:40:4a:1b:a3:49:38:52:3c:d9: 35:ba:90:c1:15:f6:9b:57:16:31:10:25:f1:79:f2: e3:43:65:96:e4:df:2f:6c:43:57:6c:af:b8:a0:05: b2:95:92:d7:d6:43:a4:ed:86:33:ac:89:97:9d:d9: 69:bd:23:78:2d:13:c4:85:ad:3a:a7:f6:61:0c:04: dc:d5:c9:d9:ab:0b:3b:15:bc:cd:a1:2b:fb:5a:6b: d2:7f:f2:47:a8:9f:85:8f:8f:54:5f:30:dd:ee:de: 47:a4:6f:bc:6d:62:63:e4:27:87:3f:7c:5a:25:d5: c7:bc:5d:4c:e8:bb:15:62:25:e2:35:01:f9:39:71: f9:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:D7:6B:AA:43:E4:50:10:AF:1B:43:81:54:74:39:9E:C4:A4:57:4F X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/DNdrqkPkUBCvG0OBVHQ5nsSkV08.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 14.103.56.0/21 Signature Algorithm: sha256WithRSAEncryption b6:c2:fc:e7:30:f6:ed:79:68:e8:9d:22:73:74:8b:74:ef:27: 2b:3e:ae:9f:b4:f6:0c:b4:a6:79:41:2b:ba:75:a4:de:45:b9: 96:be:e1:f1:24:a4:43:aa:44:71:95:d5:f8:3b:23:a0:c4:37: f5:d0:f0:d0:f2:e8:af:2e:f0:2c:19:57:76:4b:b4:cc:28:f7: 20:13:63:64:98:77:b7:32:c4:c1:d4:34:46:fd:02:0c:44:24: 60:e8:27:99:8c:6d:ec:74:87:ca:61:12:a9:ab:64:3e:35:8b: 47:95:c5:be:16:51:50:8a:1a:f7:da:cd:01:7a:a5:d9:ef:35: 3e:4e:79:b8:4d:ca:8a:19:fa:1f:3e:50:06:19:98:f6:68:8b: 4f:0b:b7:64:c3:e3:c6:08:d8:69:23:c3:21:16:e2:14:c1:21: 03:d0:c6:bf:bc:c5:ee:dc:ad:9c:43:7d:f0:ca:69:cb:59:d4: 9c:b3:a5:3a:87:1d:f8:c2:da:69:ac:ee:b7:70:52:66:e6:92: b1:db:02:36:b4:81:bd:86:97:a6:32:aa:91:aa:49:62:ae:b9: 9c:93:51:02:20:44:0e:f3:6a:9b:55:1c:93:28:f8:ad:ce:90: ff:80:51:8e:5e:f6:3a:1b:4c:e4:02:07:77:e7:a4:cc:2b:42: be:61:8d:b7 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIeYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDBDRDc2QkFBNDNFNDUw MTBBRjFCNDM4MTU0NzQzOTlFQzRBNDU3NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5NZfeqSvGV5k/tFmHscVtDnc+8yjxvcyl+M9UJ8D5zQWhkE9k +hVZnxP4/cHxUIPn5GZYjAJSMH4p6T5kCNq4FMkVATX8EDaWQr+aEZMWeg2ykhua aV/FXrhgTVa6jHt8b9XLoYlgF718dGdfCbNp5HThtDL8JGqgOFh90kBKG6NJOFI8 2TW6kMEV9ptXFjEQJfF58uNDZZbk3y9sQ1dsr7igBbKVktfWQ6TthjOsiZed2Wm9 I3gtE8SFrTqn9mEMBNzVydmrCzsVvM2hK/taa9J/8keon4WPj1RfMN3u3kekb7xt YmPkJ4c/fFol1ce8XUzouxViJeI1Afk5cfkHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUDNdrqkPkUBCvG0OBVHQ5nsSkV08wHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvRE5kcnFrUGtVQkN2 RzBPQlZIUTVuc1NrVjA4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAw5nODANBgkqhkiG9w0BAQsFAAOCAQEAtsL85zD27Xlo6J0ic3SLdO8nKz6u n7T2DLSmeUErunWk3kW5lr7h8SSkQ6pEcZXV+DsjoMQ39dDw0PLory7wLBlXdku0 zCj3IBNjZJh3tzLEwdQ0Rv0CDEQkYOgnmYxt7HSHymESqatkPjWLR5XFvhZRUIoa 99rNAXql2e81Pk55uE3Kihn6Hz5QBhmY9miLTwu3ZMPjxgjYaSPDIRbiFMEhA9DG v7zF7tytnEN98Mppy1nUnLOlOocd+MLaaazut3BSZuaSsdsCNrSBvYaXpjKqkapJ Yq65nJNRAiBEDvNqm1Uckyj4rc6Q/4BRjl72OhtM5AIHd+ekzCtCvmGNtw== -----END CERTIFICATE-----Generated at Wed Nov 5 16:14:06 2025 by rpki-client