$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/Yg8Sk1qRovIyPhce4LrcFVP7s-Q.roa File: Yg8Sk1qRovIyPhce4LrcFVP7s-Q.roa (raw, json) Hash identifier: +9gNvs5nOuYBUatPrP9PPr0ZSmMDgAz8/DMiL+vmSX0= Subject key identifier: 62:0F:12:93:5A:91:A2:F2:32:3E:17:1E:E0:BA:DC:15:53:FB:B3:E4 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A8F Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/Yg8Sk1qRovIyPhce4LrcFVP7s-Q.roa Signing time: Sat 13 Sep 2025 03:07:22 +0000 ROA not before: Sat 13 Sep 2025 03:07:22 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 2914 IP address blocks: 180.223.194.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 08 Oct 2025 13:36:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6799 (0x1a8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:22 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=620F12935A91A2F2323E171EE0BADC1553FBB3E4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:7a:39:3b:18:31:f5:cf:73:02:7d:43:2a:1d: 23:d0:aa:4c:68:2f:9b:39:b8:31:2f:a6:89:f6:f6: 14:5e:63:e5:ba:69:34:9a:f2:5c:0a:a0:03:9d:29: fa:51:cf:dc:e2:ad:31:9f:ad:a9:27:82:fc:bf:93: 6b:36:d6:81:73:84:4f:2b:bc:9f:e7:7e:bb:83:49: f3:1c:2e:67:da:04:15:09:a6:4c:8b:b6:e7:80:98: c9:e5:eb:d1:b6:0c:ed:63:51:ab:8f:10:f3:f5:7e: 42:8d:08:ba:8c:68:5e:06:c8:d5:3c:26:a5:22:db: e3:a8:43:63:87:99:76:45:1e:ae:74:ba:70:e9:0c: d5:40:e6:8c:35:a3:a4:db:36:6f:c3:0a:54:39:90: e4:97:cf:38:d8:be:0f:eb:6e:3e:3b:3e:6a:84:6b: 24:d7:eb:92:82:42:b8:f7:0e:05:24:08:d4:10:c9: 6e:c2:5c:57:dc:73:58:e8:46:6e:a9:ff:fd:62:61: c5:79:44:57:fe:16:98:41:7e:ba:5d:fc:7c:99:a1: 32:2d:7e:a2:7a:11:e1:ba:7c:bd:9f:3b:c0:66:9f: 28:7e:c9:b2:fa:0f:eb:01:48:06:92:d2:45:a0:de: 11:b7:e2:da:3e:13:b0:ea:ac:f4:62:6a:f9:3f:67: 1e:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:0F:12:93:5A:91:A2:F2:32:3E:17:1E:E0:BA:DC:15:53:FB:B3:E4 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/Yg8Sk1qRovIyPhce4LrcFVP7s-Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.194.0/24 Signature Algorithm: sha256WithRSAEncryption 12:2e:41:47:15:84:f1:ca:e1:3c:eb:23:2b:7a:1c:b4:bd:15: e1:b7:df:99:d5:c5:fb:53:f4:c9:99:07:49:11:2d:53:a0:fe: 7d:bd:a4:45:2d:36:0f:62:c1:28:bb:6a:c5:8c:4f:54:36:11: 03:29:eb:68:d1:87:5f:93:74:42:8e:3b:e1:11:8a:1f:f6:3e: 1c:bd:28:11:e7:bc:cf:54:16:ce:6e:e4:c1:47:91:59:b3:ba: a2:5e:fc:54:2d:31:51:70:f5:e8:11:9b:ef:79:9e:56:ba:4e: 4a:ed:dd:26:6b:bb:96:d1:ae:9d:06:10:a1:ff:40:af:be:d6: 24:9a:a9:fd:c6:33:f3:5b:0b:fc:48:e5:68:60:7d:b9:3e:85: 61:c6:d1:7c:8c:6f:e8:2c:80:9a:9c:be:6e:a7:aa:76:17:d9: 0e:85:65:c9:84:c4:e8:c3:0c:d3:12:34:6d:3b:51:48:c5:6b: a4:74:ed:c4:92:40:2c:34:e5:70:39:63:92:73:e6:23:76:ba: f1:d1:b9:18:b8:1b:8a:cc:08:e3:07:12:71:65:51:6c:da:87: 38:92:83:50:3e:83:63:ab:74:b7:d2:8d:ac:25:79:6e:09:2f: 25:3f:ef:25:04:31:9d:31:07:36:34:01:7f:4b:0b:6c:01:a3: d4:b5:4b:89 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGo8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MjJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDYyMEYxMjkzNUE5MUEy RjIzMjNFMTcxRUUwQkFEQzE1NTNGQkIzRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDlejk7GDH1z3MCfUMqHSPQqkxoL5s5uDEvpon29hReY+W6aTSa 8lwKoAOdKfpRz9zirTGfrakngvy/k2s21oFzhE8rvJ/nfruDSfMcLmfaBBUJpkyL tueAmMnl69G2DO1jUauPEPP1fkKNCLqMaF4GyNU8JqUi2+OoQ2OHmXZFHq50unDp DNVA5ow1o6TbNm/DClQ5kOSXzzjYvg/rbj47PmqEayTX65KCQrj3DgUkCNQQyW7C XFfcc1joRm6p//1iYcV5RFf+FphBfrpd/HyZoTItfqJ6EeG6fL2fO8Bmnyh+ybL6 D+sBSAaS0kWg3hG34to+E7DqrPRiavk/Zx61AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUYg8Sk1qRovIyPhce4LrcFVP7s+QwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvWWc4U2sxcVJvdkl5 UGhjZTRMcmNGVlA3cy1RLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTfwjANBgkqhkiG9w0BAQsFAAOCAQEAEi5BRxWE8crhPOsjK3octL0V4bff mdXF+1P0yZkHSREtU6D+fb2kRS02D2LBKLtqxYxPVDYRAynraNGHX5N0Qo474RGK H/Y+HL0oEee8z1QWzm7kwUeRWbO6ol78VC0xUXD16BGb73meVrpOSu3dJmu7ltGu nQYQof9Ar77WJJqp/cYz81sL/EjlaGB9uT6FYcbRfIxv6CyAmpy+bqeqdhfZDoVl yYTE6MMM0xI0bTtRSMVrpHTtxJJALDTlcDljknPmI3a68dG5GLgbiswI4wcScWVR bNqHOJKDUD6DY6t0t9KNrCV5bgkvJT/vJQQxnTEHNjQBf0sLbAGj1LVLiQ== -----END CERTIFICATE-----Generated at Wed Oct 8 11:55:16 2025 by rpki-client