$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/6Y0zMfCAouzBw4a_HYdgFKlPTAg.roa File: 6Y0zMfCAouzBw4a_HYdgFKlPTAg.roa (raw, json) Hash identifier: Pf/7H4KOMV+cZLijI6pRnPVSDrv7IWUUhqW2S0hoPaM= Subject key identifier: E9:8D:33:31:F0:80:A2:EC:C1:C3:86:BF:1D:87:60:14:A9:4F:4C:08 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A6A Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/6Y0zMfCAouzBw4a_HYdgFKlPTAg.roa Signing time: Sat 13 Sep 2025 03:07:14 +0000 ROA not before: Sat 13 Sep 2025 03:07:14 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 2914 IP address blocks: 180.223.202.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 08 Oct 2025 13:36:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6762 (0x1a6a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:14 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=E98D3331F080A2ECC1C386BF1D876014A94F4C08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:e1:99:57:9e:8f:65:db:5a:c0:43:06:b8:f9: ff:7e:15:63:1d:d2:32:42:7e:d6:6d:32:c8:46:07: c7:92:a1:39:84:bf:44:fc:39:38:fd:ef:0b:6f:3b: a5:21:a6:82:b7:fd:3c:5f:ad:9e:aa:2c:0f:b2:72: c0:c5:7a:2b:19:44:84:83:a5:0c:a1:ad:9f:aa:47: 1d:56:1c:bb:4e:c5:0f:e7:0e:f6:32:63:73:82:9d: 26:2e:b9:42:f4:bf:c2:00:f8:b1:31:02:13:75:00: 59:a2:bf:4a:8f:5b:d9:ad:a0:9f:4c:20:ea:ef:96: da:18:09:8b:e2:a7:28:54:ae:3f:b9:91:9b:b8:dc: 47:db:75:70:84:d3:d0:b7:eb:b6:11:31:d4:ad:2a: f1:25:2b:69:ef:80:a3:68:0e:6e:52:6c:90:9c:ad: d8:23:99:4a:d9:b3:ca:a1:c8:0a:e8:ad:e2:98:95: 65:b7:d3:6c:1f:9c:8e:d2:a0:7e:a3:fc:f7:25:1e: e0:ef:e9:e0:e0:8e:3e:11:bc:12:91:63:9a:c4:0f: 43:02:ce:9e:5c:d1:96:da:ea:27:5c:68:6a:4a:24: 33:6c:a1:50:99:fd:83:cb:50:26:57:de:b2:9b:e8: 50:83:f1:d6:41:55:7b:2a:2f:5d:2d:b2:5f:4f:e9: 9d:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:8D:33:31:F0:80:A2:EC:C1:C3:86:BF:1D:87:60:14:A9:4F:4C:08 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/6Y0zMfCAouzBw4a_HYdgFKlPTAg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.202.0/24 Signature Algorithm: sha256WithRSAEncryption c5:a8:9c:64:67:ea:24:d6:4d:51:c2:fd:6c:3d:ae:92:58:91: 06:2a:fa:16:b0:55:c1:5c:b0:da:e6:db:c1:10:5f:1f:c6:78: 6a:c3:04:9a:e5:b0:22:4c:c4:30:1b:c5:64:7b:e3:86:00:6b: d0:f3:1a:ef:db:34:60:2a:50:57:1d:a9:58:89:8c:21:5f:d2: e4:e2:df:aa:1f:62:1d:79:44:93:ff:f8:10:f2:fa:52:4d:55: 6b:c7:a6:1b:59:2b:57:8d:67:77:eb:05:6d:f7:da:10:cd:4e: 23:10:0f:96:a0:76:6a:e6:50:0f:c6:59:03:c0:ff:6a:7a:60: 6b:6c:aa:fe:f0:2c:87:db:e8:fa:1d:62:51:4c:7d:7e:ac:37: dd:1a:d7:0f:4d:1d:8b:f1:b2:6f:93:4d:a7:62:9e:af:25:e6: 77:12:e2:7d:2d:b9:cf:16:5b:30:be:e6:d1:57:45:73:dd:8a: 18:e8:41:71:f2:1d:cf:50:ba:80:4d:85:7e:c1:68:39:2a:7d: 76:35:dd:f4:1e:0e:3f:12:da:7c:5a:d4:b8:70:c3:9c:20:bb: 60:89:86:e5:5f:09:54:65:07:63:f3:d9:68:77:e5:19:f8:2c: 43:41:d1:f0:de:90:ab:e0:4f:57:8c:76:c1:2b:49:fd:0e:20: ef:99:c6:0f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGmowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEU5OEQzMzMxRjA4MEEy RUNDMUMzODZCRjFEODc2MDE0QTk0RjRDMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCk4ZlXno9l21rAQwa4+f9+FWMd0jJCftZtMshGB8eSoTmEv0T8 OTj97wtvO6UhpoK3/TxfrZ6qLA+ycsDFeisZRISDpQyhrZ+qRx1WHLtOxQ/nDvYy Y3OCnSYuuUL0v8IA+LExAhN1AFmiv0qPW9mtoJ9MIOrvltoYCYvipyhUrj+5kZu4 3EfbdXCE09C367YRMdStKvElK2nvgKNoDm5SbJCcrdgjmUrZs8qhyAroreKYlWW3 02wfnI7SoH6j/PclHuDv6eDgjj4RvBKRY5rED0MCzp5c0Zba6idcaGpKJDNsoVCZ /YPLUCZX3rKb6FCD8dZBVXsqL10tsl9P6Z1ZAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU6Y0zMfCAouzBw4a/HYdgFKlPTAgwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvNlkwek1mQ0FvdXpC dzRhX0hZZGdGS2xQVEFnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTfyjANBgkqhkiG9w0BAQsFAAOCAQEAxaicZGfqJNZNUcL9bD2ukliRBir6 FrBVwVyw2ubbwRBfH8Z4asMEmuWwIkzEMBvFZHvjhgBr0PMa79s0YCpQVx2pWImM IV/S5OLfqh9iHXlEk//4EPL6Uk1Va8emG1krV41nd+sFbffaEM1OIxAPlqB2auZQ D8ZZA8D/anpga2yq/vAsh9vo+h1iUUx9fqw33RrXD00di/Gyb5NNp2KeryXmdxLi fS25zxZbML7m0VdFc92KGOhBcfIdz1C6gE2FfsFoOSp9djXd9B4OPxLafFrUuHDD nCC7YImG5V8JVGUHY/PZaHflGfgsQ0HR8N6Qq+BPV4x2wStJ/Q4g75nGDw== -----END CERTIFICATE-----Generated at Wed Oct 8 11:55:17 2025 by rpki-client