$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/SwQOc_uZAGwdnx5KdjGiveZwSO0.roa File: SwQOc_uZAGwdnx5KdjGiveZwSO0.roa (raw, json) Hash identifier: isHwwLcdMzuynoFlJ98tmb9V3Ka/ximz8RovI4R8HRc= Subject key identifier: 4B:04:0E:73:FB:99:00:6C:1D:9F:1E:4A:76:31:A2:BD:E6:70:48:ED Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A82 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/SwQOc_uZAGwdnx5KdjGiveZwSO0.roa Signing time: Sat 13 Sep 2025 03:07:20 +0000 ROA not before: Sat 13 Sep 2025 03:07:20 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 2914 IP address blocks: 180.223.208.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 08 Oct 2025 13:36:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6786 (0x1a82) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4B040E73FB99006C1D9F1E4A7631A2BDE67048ED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:1b:f1:40:c1:30:73:79:d2:9c:f0:8e:75:55: 35:09:f9:f8:de:8a:b4:3c:4a:a7:60:f6:8f:4b:9a: 7a:fc:38:f2:ba:be:bc:a7:66:ea:69:34:59:86:5a: 45:89:ff:54:2d:23:d0:2b:b0:1d:80:08:ba:b5:76: f2:7a:0a:b0:5d:ca:90:d8:dd:a4:26:e6:11:85:49: 30:d1:cf:dc:c5:6f:11:5e:ec:b4:88:17:f5:f8:a1: cc:17:f1:80:31:70:49:07:66:27:18:25:c4:79:f8: cb:39:6b:f3:fd:5a:36:6a:d6:27:7a:cb:66:df:be: 76:ae:3d:3b:be:11:a0:9a:11:13:7b:c3:b6:e5:d3: 14:57:5e:95:c5:d9:78:4b:c9:11:55:d8:df:c4:7a: 1b:d9:e6:cc:6b:c4:20:83:83:70:9c:be:25:e1:39: b8:9d:8c:45:ca:de:78:e8:ef:ea:af:90:74:ff:61: c3:af:31:96:1b:07:4d:56:82:e5:bf:29:3f:ba:0b: 78:7f:e3:eb:59:3b:db:41:93:d5:1d:bc:b4:33:16: 7a:93:9c:08:06:4a:fb:9e:3d:78:a7:45:b6:0f:89: 17:45:1d:94:dd:24:ba:a2:63:49:6a:a8:67:a6:e4: a2:96:aa:c2:88:fe:a8:54:90:c4:f6:49:d0:7f:94: 8b:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:04:0E:73:FB:99:00:6C:1D:9F:1E:4A:76:31:A2:BD:E6:70:48:ED X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/SwQOc_uZAGwdnx5KdjGiveZwSO0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.208.0/22 Signature Algorithm: sha256WithRSAEncryption d1:05:a5:5b:47:1e:ba:07:e4:df:d9:d6:a1:02:55:97:36:52: 1f:ed:c2:88:10:73:cd:95:c9:3f:92:61:1d:21:c4:2b:ff:6e: 41:56:fa:68:e5:3e:e9:72:fe:45:ef:42:2d:bb:38:0d:88:ed: cf:12:df:d5:04:8f:7d:aa:ae:26:ed:e4:d1:e3:91:19:be:b6: db:69:38:80:46:72:6b:cf:ad:95:d8:30:f1:d5:9d:75:df:2d: e5:cf:23:e1:74:1c:95:21:bb:be:3a:c2:01:3c:0c:f5:9a:ff: 09:61:b1:31:c8:79:ad:cf:93:e5:35:36:f4:fa:30:3b:1e:bd: 87:7a:a9:21:de:b3:99:62:82:70:01:2b:a3:0c:c6:54:2a:5d: 52:c6:ba:34:40:b2:a1:49:3b:28:0c:4b:5f:cf:96:03:3b:a8: 99:be:9e:38:51:42:6f:93:05:dd:fa:bc:57:26:89:9f:d3:a5: ee:ba:6b:b0:e2:d9:65:07:d7:17:de:67:00:db:e1:8f:e2:a4: d2:17:a0:b3:50:6d:7d:24:dc:84:bd:d0:8a:47:59:a4:53:4f: 75:94:7c:49:45:d0:69:07:33:44:22:a4:a4:30:22:e0:16:bf: c7:5e:ea:46:6d:84:76:7c:f5:b0:8a:ab:5a:a2:00:6f:bf:ef: 22:70:9f:63 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGoIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDRCMDQwRTczRkI5OTAw NkMxRDlGMUU0QTc2MzFBMkJERTY3MDQ4RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNG/FAwTBzedKc8I51VTUJ+fjeirQ8Sqdg9o9Lmnr8OPK6vryn ZuppNFmGWkWJ/1QtI9ArsB2ACLq1dvJ6CrBdypDY3aQm5hGFSTDRz9zFbxFe7LSI F/X4ocwX8YAxcEkHZicYJcR5+Ms5a/P9WjZq1id6y2bfvnauPTu+EaCaERN7w7bl 0xRXXpXF2XhLyRFV2N/EehvZ5sxrxCCDg3CcviXhObidjEXK3njo7+qvkHT/YcOv MZYbB01WguW/KT+6C3h/4+tZO9tBk9UdvLQzFnqTnAgGSvuePXinRbYPiRdFHZTd JLqiY0lqqGem5KKWqsKI/qhUkMT2SdB/lIsxAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUSwQOc/uZAGwdnx5KdjGiveZwSO0wHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvU3dRT2NfdVpBR3dk bng1S2RqR2l2ZVp3U08wLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArTf0DANBgkqhkiG9w0BAQsFAAOCAQEA0QWlW0ceugfk39nWoQJVlzZSH+3C iBBzzZXJP5JhHSHEK/9uQVb6aOU+6XL+Re9CLbs4DYjtzxLf1QSPfaquJu3k0eOR Gb6222k4gEZya8+tldgw8dWddd8t5c8j4XQclSG7vjrCATwM9Zr/CWGxMch5rc+T 5TU29PowOx69h3qpId6zmWKCcAErowzGVCpdUsa6NECyoUk7KAxLX8+WAzuomb6e OFFCb5MF3fq8VyaJn9Ol7rprsOLZZQfXF95nANvhj+Kk0hegs1BtfSTchL3QikdZ pFNPdZR8SUXQaQczRCKkpDAi4Ba/x17qRm2Ednz1sIqrWqIAb7/vInCfYw== -----END CERTIFICATE-----Generated at Wed Oct 8 11:54:31 2025 by rpki-client