$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/Ykc7U-PHLdjU6bvRMhALxEgTlh8.roa File: Ykc7U-PHLdjU6bvRMhALxEgTlh8.roa (raw, json) Hash identifier: UwHjJByNMmr3PCmmG3uRuzbDFeXbJj2IeFk+tx3TUVo= Subject key identifier: 62:47:3B:53:E3:C7:2D:D8:D4:E9:BB:D1:32:10:0B:C4:48:13:96:1F Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Certificate serial: 0B03 Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/Ykc7U-PHLdjU6bvRMhALxEgTlh8.roa Signing time: Mon 27 Oct 2025 02:31:40 +0000 ROA not before: Mon 27 Oct 2025 02:31:40 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 58834 IP address blocks: 119.2.160.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 23:43:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2819 (0xb03) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Validity Not Before: Oct 27 02:31:40 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=62473B53E3C72DD8D4E9BBD132100BC44813961F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:94:17:06:21:a2:be:41:d7:74:ea:c4:72:53: d8:cf:ce:b7:36:c3:5d:ba:74:8a:ac:a7:09:49:98: 2f:60:a5:ce:c6:6e:ce:27:bd:5b:1f:d4:f8:bc:55: f7:f3:e2:0d:c8:31:77:e0:a2:11:51:3e:18:46:ec: 63:c5:91:c8:de:68:7a:56:d7:22:8d:3c:4e:f9:80: 2f:4c:44:a0:df:44:77:04:aa:80:dd:2a:de:44:76: 67:60:57:00:63:7e:34:c2:4b:32:f7:57:eb:be:eb: ff:de:4d:b6:52:1c:1e:3d:c7:6e:dc:3f:6e:aa:4e: cb:7b:fd:ff:74:ff:e5:8d:be:13:0a:1e:4e:f9:cf: 55:53:99:4b:a9:81:f8:76:ef:1c:73:57:0b:5b:03: 24:87:55:95:c0:3a:6a:72:c3:c2:df:db:a1:e9:75: bf:b6:1e:98:89:da:37:6d:ed:86:49:84:01:6c:0f: 46:ce:ec:f5:8f:8b:6f:20:4f:25:b5:f5:bc:1e:ff: f9:27:79:87:ae:0e:df:92:ce:87:8d:20:0b:8a:98: bd:60:1f:da:0d:d9:48:72:cd:74:91:1f:76:a6:51: c6:65:fa:67:1c:65:81:a2:4c:df:14:1f:09:65:c4: 83:21:96:17:c2:70:c3:f3:17:d2:7b:e3:12:fb:bc: 5e:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:47:3B:53:E3:C7:2D:D8:D4:E9:BB:D1:32:10:0B:C4:48:13:96:1F X509v3 Authority Key Identifier: keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/Ykc7U-PHLdjU6bvRMhALxEgTlh8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.2.160.0/19 Signature Algorithm: sha256WithRSAEncryption 04:6f:5c:d6:3f:0c:a6:27:f4:98:5d:43:73:45:9c:92:82:6a: b7:f0:ce:03:09:f8:ef:76:f6:39:e1:07:a9:3e:b8:45:53:91: 96:c8:08:1b:fa:7f:a4:ce:7e:36:5f:9c:03:0c:79:cc:95:2a: 18:66:42:22:e5:85:5d:70:a2:cb:be:2b:5d:0c:f5:8b:58:3b: ce:54:6f:ad:af:c5:af:0d:4d:6b:94:48:b4:c3:93:78:83:d7: 38:75:5b:bd:44:40:93:de:da:c4:e6:e2:b1:26:e5:f7:2e:d4: 6d:ce:9b:5d:ab:95:0c:2d:44:15:75:12:ff:a6:6d:e2:b6:bb: b9:97:b7:8a:4d:2e:4a:8a:88:22:d1:a6:67:20:cc:e0:e5:82: ef:29:4b:b1:6e:25:72:ca:bc:5c:86:07:0c:30:22:7f:0c:f2: 1a:a3:08:4f:82:16:eb:3b:77:3a:30:9d:a3:ae:d5:88:e4:f4: 69:24:80:a0:89:05:cf:4f:24:ee:8f:fd:b3:9b:7a:ad:51:bf: 3e:f5:a8:49:8c:1d:9b:43:eb:ba:a8:61:c9:00:56:e5:cf:4b: f0:da:3b:42:7c:41:53:91:6b:00:fe:aa:59:85:cd:f1:5f:3e: e2:af:d3:b5:50:5d:b2:f6:ba:7a:63:be:58:66:14:c2:f8:5d: 0b:2e:44:84 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICCwMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC RkM5MDBFREMzNEY4MURBNDgyN0YxRjlGNjNEMDRFMEUyRjc1NjAeFw0yNTEwMjcw MjMxNDBaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDYyNDczQjUzRTNDNzJE RDhENEU5QkJEMTMyMTAwQkM0NDgxMzk2MUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDElBcGIaK+Qdd06sRyU9jPzrc2w126dIqspwlJmC9gpc7Gbs4n vVsf1Pi8Vffz4g3IMXfgohFRPhhG7GPFkcjeaHpW1yKNPE75gC9MRKDfRHcEqoDd Kt5EdmdgVwBjfjTCSzL3V+u+6//eTbZSHB49x27cP26qTst7/f90/+WNvhMKHk75 z1VTmUupgfh27xxzVwtbAySHVZXAOmpyw8Lf26Hpdb+2HpiJ2jdt7YZJhAFsD0bO 7PWPi28gTyW19bwe//kneYeuDt+SzoeNIAuKmL1gH9oN2UhyzXSRH3amUcZl+mcc ZYGiTN8UHwllxIMhlhfCcMPzF9J74xL7vF57AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUYkc7U+PHLdjU6bvRMhALxEgTlh8wHwYDVR0jBBgwFoAU3r/JAO3DT4HaSCfx +fY9BODi91YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIz LzNyX0pBTzNEVDRIYVNDZngtZlk5Qk9EaTkxWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvM3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIzL1lrYzdVLVBITGRqVTZi dlJNaEFMeEVnVGxoOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAV3AqAwDQYJKoZIhvcNAQELBQADggEBAARvXNY/DKYn9JhdQ3NFnJKCarfwzgMJ +O929jnhB6k+uEVTkZbICBv6f6TOfjZfnAMMecyVKhhmQiLlhV1wosu+K10M9YtY O85Ub62vxa8NTWuUSLTDk3iD1zh1W71EQJPe2sTm4rEm5fcu1G3Om12rlQwtRBV1 Ev+mbeK2u7mXt4pNLkqKiCLRpmcgzODlgu8pS7FuJXLKvFyGBwwwIn8M8hqjCE+C Fus7dzownaOu1Yjk9GkkgKCJBc9PJO6P/bObeq1Rvz71qEmMHZtD67qoYckAVuXP S/DaO0J8QVORawD+qlmFzfFfPuKv07VQXbL2unpjvlhmFML4XQsuRIQ= -----END CERTIFICATE-----Generated at Wed Nov 5 22:30:14 2025 by rpki-client