$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/h1Btbl0tGKlyyKjl23W5-9B5sd4.roa File: h1Btbl0tGKlyyKjl23W5-9B5sd4.roa (raw, json) Hash identifier: S7T+LMSg18bfec2IDG9TvKXl7b+NjmC+cHVaWWoOv1A= Subject key identifier: 87:50:6D:6E:5D:2D:18:A9:72:C8:A8:E5:DB:75:B9:FB:D0:79:B1:DE Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Certificate serial: 0B17 Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/h1Btbl0tGKlyyKjl23W5-9B5sd4.roa Signing time: Mon 27 Oct 2025 02:39:26 +0000 ROA not before: Mon 27 Oct 2025 02:39:26 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 58834 IP address blocks: 202.168.168.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 23:43:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2839 (0xb17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Validity Not Before: Oct 27 02:39:26 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=87506D6E5D2D18A972C8A8E5DB75B9FBD079B1DE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:24:d8:b2:81:e1:dd:7d:10:1c:ae:50:92:8c: f4:01:06:95:ed:c4:32:14:c1:11:92:77:0c:4c:fe: 99:ec:36:7d:11:1b:d5:b3:24:ab:ce:dd:b8:e9:1b: 72:fa:b7:cc:f5:11:b1:91:02:8a:49:28:64:8c:88: 1a:52:13:03:95:d5:4b:19:6a:e4:2c:89:2b:f0:7a: e3:d2:7c:87:21:75:77:4e:cd:75:aa:56:97:80:11: f3:9c:ad:55:72:68:52:1c:60:94:14:68:49:fe:1a: 82:e9:b1:ec:a5:2e:a8:56:94:a2:e6:95:e8:13:5f: 5d:9b:2e:9c:4f:41:94:bb:0e:b8:62:f5:81:92:d3: 4f:59:f8:32:c0:ee:3e:16:ec:d1:31:45:29:f8:e8: bd:68:25:ed:75:52:36:3e:3d:a0:3e:9b:72:ea:54: b9:a4:cc:56:e0:73:b7:e5:8c:85:5c:26:a8:5f:db: 3a:fb:98:0e:65:2a:25:61:51:38:79:97:3a:c1:73: 89:89:41:ca:a5:26:e8:55:db:5e:63:64:9f:28:f4: 90:82:93:c5:18:0f:c1:2c:be:8a:12:7f:70:71:e8: 0b:c5:88:ed:d3:04:98:ce:13:bf:1f:50:07:21:8b: 88:7a:72:6d:31:08:b2:5d:99:7a:64:41:ac:92:0e: c4:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:50:6D:6E:5D:2D:18:A9:72:C8:A8:E5:DB:75:B9:FB:D0:79:B1:DE X509v3 Authority Key Identifier: keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/h1Btbl0tGKlyyKjl23W5-9B5sd4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.168.168.0/21 Signature Algorithm: sha256WithRSAEncryption 5c:f8:98:e3:5d:50:c6:3e:af:d8:6e:c6:44:3e:a2:e6:0a:fb: b3:2c:b4:fb:4e:9d:45:e5:e4:8a:c7:de:04:be:e4:73:22:77: 6b:80:19:87:7f:53:1f:d8:18:14:35:6c:6f:07:48:34:60:74: a0:51:89:66:ab:1c:c4:df:4a:dc:2b:b4:6e:43:b8:c6:6c:d2: 5a:54:10:53:59:17:c0:f8:8b:73:00:c5:fd:9d:1a:3c:a0:16: 0f:e9:3a:61:ff:5b:2e:b9:37:d0:23:76:0b:ec:65:5a:6a:11: 63:d2:24:0a:dc:1a:79:c6:3a:3a:eb:90:20:3b:ac:99:a4:f7: 1b:df:69:91:0f:7a:25:5c:9d:d8:f7:d9:3d:3c:f5:7b:5a:0b: 9a:6a:ec:68:a1:bf:9b:ea:f4:cc:14:f0:f0:da:4d:54:49:4a: 9b:b0:18:7a:ab:dc:84:c6:6d:67:1f:40:ed:1e:05:c1:38:a3: f1:9d:5e:1e:2b:64:c4:6b:ef:dd:fa:7b:b3:fa:c4:39:52:1a: 0f:c1:fd:8b:b4:a2:4b:3a:98:1f:cf:3c:43:71:fd:20:a3:d3: 06:41:0a:1d:08:bd:03:c0:0c:34:54:35:ce:fa:4f:0a:f3:4b: 59:3f:7b:25:48:8e:97:4f:61:32:19:de:62:c0:5a:90:10:63: 18:b8:0e:2f -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICCxcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC RkM5MDBFREMzNEY4MURBNDgyN0YxRjlGNjNEMDRFMEUyRjc1NjAeFw0yNTEwMjcw MjM5MjZaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDg3NTA2RDZFNUQyRDE4 QTk3MkM4QThFNURCNzVCOUZCRDA3OUIxREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDfJNiygeHdfRAcrlCSjPQBBpXtxDIUwRGSdwxM/pnsNn0RG9Wz JKvO3bjpG3L6t8z1EbGRAopJKGSMiBpSEwOV1UsZauQsiSvweuPSfIchdXdOzXWq VpeAEfOcrVVyaFIcYJQUaEn+GoLpseylLqhWlKLmlegTX12bLpxPQZS7Drhi9YGS 009Z+DLA7j4W7NExRSn46L1oJe11UjY+PaA+m3LqVLmkzFbgc7fljIVcJqhf2zr7 mA5lKiVhUTh5lzrBc4mJQcqlJuhV215jZJ8o9JCCk8UYD8EsvooSf3Bx6AvFiO3T BJjOE78fUAchi4h6cm0xCLJdmXpkQaySDsSdAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUh1Btbl0tGKlyyKjl23W5+9B5sd4wHwYDVR0jBBgwFoAU3r/JAO3DT4HaSCfx +fY9BODi91YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIz LzNyX0pBTzNEVDRIYVNDZngtZlk5Qk9EaTkxWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvM3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIzL2gxQnRibDB0R0tseXlL amwyM1c1LTlCNXNkNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAPKqKgwDQYJKoZIhvcNAQELBQADggEBAFz4mONdUMY+r9huxkQ+ouYK+7MstPtO nUXl5IrH3gS+5HMid2uAGYd/Ux/YGBQ1bG8HSDRgdKBRiWarHMTfStwrtG5DuMZs 0lpUEFNZF8D4i3MAxf2dGjygFg/pOmH/Wy65N9AjdgvsZVpqEWPSJArcGnnGOjrr kCA7rJmk9xvfaZEPeiVcndj32T089XtaC5pq7Gihv5vq9MwU8PDaTVRJSpuwGHqr 3ITGbWcfQO0eBcE4o/GdXh4rZMRr7936e7P6xDlSGg/B/Yu0oks6mB/PPENx/SCj 0wZBCh0IvQPADDRUNc76TwrzS1k/eyVIjpdPYTIZ3mLAWpAQYxi4Di8= -----END CERTIFICATE-----Generated at Wed Nov 5 22:30:18 2025 by rpki-client