$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/DS5zOe9vkYbyKEdzDLoRtBmrxNE.roa File: DS5zOe9vkYbyKEdzDLoRtBmrxNE.roa (raw, json) Hash identifier: m3v8rhDnLyt+sTUGzwp9U5MLz0BbRqzWaIqHX40ay6U= Subject key identifier: 0D:2E:73:39:EF:6F:91:86:F2:28:47:73:0C:BA:11:B4:19:AB:C4:D1 Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Certificate serial: 0B16 Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/DS5zOe9vkYbyKEdzDLoRtBmrxNE.roa Signing time: Mon 27 Oct 2025 02:39:26 +0000 ROA not before: Mon 27 Oct 2025 02:39:26 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 58834 IP address blocks: 202.168.184.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 23:43:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2838 (0xb16) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Validity Not Before: Oct 27 02:39:26 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=0D2E7339EF6F9186F22847730CBA11B419ABC4D1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:52:e4:4d:71:ef:ef:45:9a:7d:54:64:c1:18: ac:63:05:d0:00:74:e6:d4:ac:de:cd:39:94:2a:43: a6:69:7a:f5:14:ee:36:04:f3:3e:d5:17:5c:2d:7b: 3e:c0:f6:16:20:7c:dc:36:e9:91:d6:6e:09:c5:8a: ae:b2:5e:b5:40:60:3b:15:ee:8a:b2:a7:b2:55:9b: 31:3a:90:47:27:e4:90:8e:0b:09:04:09:3a:e9:cc: 4b:27:7e:99:b9:2c:e8:8d:40:c1:df:95:09:ea:b5: 2a:50:60:29:e2:c1:05:35:e3:3d:62:68:99:6a:2b: ec:aa:d2:51:fc:f1:e7:a5:58:5b:5a:ac:94:95:ec: f0:96:e4:a9:3f:32:79:51:3e:83:2e:6f:c9:52:0a: 99:59:ba:f3:c8:15:36:90:eb:71:52:29:67:6c:44: e5:24:d7:75:18:5a:07:d0:73:f3:a3:e0:bd:a5:0d: c5:b3:6d:2b:c2:c6:ca:65:93:05:35:30:2d:8d:4b: 29:c7:eb:70:92:58:b4:e9:c4:92:4d:1e:40:67:80: 63:00:29:60:f1:18:44:c6:92:ff:7c:76:c5:83:97: 63:52:35:a3:56:cd:67:15:29:f1:15:aa:ba:a2:c3: 9c:f7:4c:9c:14:e7:db:db:07:74:b3:a3:de:6a:d6: 05:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:2E:73:39:EF:6F:91:86:F2:28:47:73:0C:BA:11:B4:19:AB:C4:D1 X509v3 Authority Key Identifier: keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/DS5zOe9vkYbyKEdzDLoRtBmrxNE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.168.184.0/22 Signature Algorithm: sha256WithRSAEncryption 5e:0f:9c:12:6a:98:25:df:f2:0c:30:5f:a7:bd:cc:d2:ef:5b: ea:33:2a:a2:9d:54:93:8b:7f:1d:d3:c0:bc:29:0a:45:35:58: 19:12:c4:41:b1:f5:84:81:e7:a7:b4:bb:a5:39:1c:f3:cd:27: 17:dc:89:81:f9:59:37:02:c9:c4:26:07:3f:fe:f1:40:af:8e: 54:41:8e:5a:73:01:f8:50:a8:eb:16:ad:af:b0:96:f2:7a:2a: f2:f9:93:6f:55:53:90:88:f5:21:83:62:90:65:92:4c:6a:72: c9:15:9e:e6:ec:4e:13:0c:db:28:7a:1a:5d:85:e6:8c:25:97: e7:fc:4e:34:69:b9:bd:8b:c7:79:46:e9:54:2b:73:6c:ac:25: 49:0d:06:c6:54:a1:03:98:bc:f6:b6:c8:c1:03:f8:ba:46:d8: 27:69:d5:1e:e6:cb:43:f5:af:41:63:58:f3:d6:c2:77:4d:df: 8d:ad:ff:4b:26:cf:de:6c:4a:70:fa:41:d6:8f:c3:7c:56:7d: 9f:b6:ec:df:27:45:c0:30:ea:89:d1:16:ef:14:de:ec:51:75: 80:9e:1e:11:14:1d:9d:d8:93:87:50:89:24:c7:04:90:22:1c: 81:6d:36:16:ac:cc:4a:8a:72:9c:b2:17:0c:b4:8d:35:31:15: 7f:da:40:4a -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICCxYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC RkM5MDBFREMzNEY4MURBNDgyN0YxRjlGNjNEMDRFMEUyRjc1NjAeFw0yNTEwMjcw MjM5MjZaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDBEMkU3MzM5RUY2Rjkx ODZGMjI4NDc3MzBDQkExMUI0MTlBQkM0RDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDaUuRNce/vRZp9VGTBGKxjBdAAdObUrN7NOZQqQ6ZpevUU7jYE 8z7VF1wtez7A9hYgfNw26ZHWbgnFiq6yXrVAYDsV7oqyp7JVmzE6kEcn5JCOCwkE CTrpzEsnfpm5LOiNQMHflQnqtSpQYCniwQU14z1iaJlqK+yq0lH88eelWFtarJSV 7PCW5Kk/MnlRPoMub8lSCplZuvPIFTaQ63FSKWdsROUk13UYWgfQc/Oj4L2lDcWz bSvCxsplkwU1MC2NSynH63CSWLTpxJJNHkBngGMAKWDxGETGkv98dsWDl2NSNaNW zWcVKfEVqrqiw5z3TJwU59vbB3Szo95q1gWFAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUDS5zOe9vkYbyKEdzDLoRtBmrxNEwHwYDVR0jBBgwFoAU3r/JAO3DT4HaSCfx +fY9BODi91YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIz LzNyX0pBTzNEVDRIYVNDZngtZlk5Qk9EaTkxWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvM3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIzL0RTNXpPZTl2a1lieUtF ZHpETG9SdEJtcnhORS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BALKqLgwDQYJKoZIhvcNAQELBQADggEBAF4PnBJqmCXf8gwwX6e9zNLvW+ozKqKd VJOLfx3TwLwpCkU1WBkSxEGx9YSB56e0u6U5HPPNJxfciYH5WTcCycQmBz/+8UCv jlRBjlpzAfhQqOsWra+wlvJ6KvL5k29VU5CI9SGDYpBlkkxqcskVnubsThMM2yh6 Gl2F5owll+f8TjRpub2Lx3lG6VQrc2ysJUkNBsZUoQOYvPa2yMED+LpG2Cdp1R7m y0P1r0FjWPPWwndN342t/0smz95sSnD6QdaPw3xWfZ+27N8nRcAw6onRFu8U3uxR dYCeHhEUHZ3Yk4dQiSTHBJAiHIFtNhaszEqKcpyyFwy0jTUxFX/aQEo= -----END CERTIFICATE-----Generated at Wed Nov 5 22:30:16 2025 by rpki-client