$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/kIOq5dyCUmhPyVcB8SvYMkrmAXQ.roa File: kIOq5dyCUmhPyVcB8SvYMkrmAXQ.roa (raw, json) Hash identifier: UW+80X9JXQtcOfyfOV4eFhqLwXK4hE+DGQvBsUqGF8I= Subject key identifier: 90:83:AA:E5:DC:82:52:68:4F:C9:57:01:F1:2B:D8:32:4A:E6:01:74 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1929 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/kIOq5dyCUmhPyVcB8SvYMkrmAXQ.roa Signing time: Mon 14 Jul 2025 11:52:37 +0000 ROA not before: Mon 14 Jul 2025 11:52:37 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 9304 IP address blocks: 180.223.64.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 18:40:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6441 (0x1929) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Jul 14 11:52:37 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=9083AAE5DC8252684FC95701F12BD8324AE60174 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:5d:08:63:75:c3:de:27:7f:3e:c7:d5:e1:6b: 31:24:7e:1d:92:13:32:e6:d8:12:6c:dd:44:2d:71: 62:af:3f:65:d8:de:4e:ea:3d:c5:ad:05:71:11:6b: 03:22:c8:e1:f9:3b:22:ae:e0:2b:a8:07:fa:a6:61: 3e:8f:16:35:67:78:24:03:3b:19:7e:ef:6a:4b:70: 1b:f9:a6:1a:d4:49:f9:08:0f:af:e3:cb:d5:c8:bf: f0:f2:cf:eb:2c:b0:83:45:06:72:c5:3c:a1:b5:21: 1a:bd:0c:46:3a:63:1e:a7:df:f9:b6:8b:87:78:5e: d8:e0:5f:24:45:08:92:4d:65:ef:a6:df:8b:27:5b: b8:24:16:b0:43:52:58:a1:7c:95:6f:56:dd:a5:7a: f6:c8:22:21:46:ad:ab:c9:66:91:a1:c0:06:03:d9: 4c:47:e1:f1:fe:6c:e6:3b:07:35:d7:2d:7d:1a:a9: ee:f8:ff:fc:de:1c:7a:e2:ee:6e:f8:51:fc:bb:bf: 59:a7:7d:48:ed:d7:9a:d8:39:f2:47:12:d4:fb:3c: 12:47:12:4a:01:98:d2:1c:af:4a:70:13:da:8a:90: 26:d7:2b:9a:d6:cc:44:bb:34:9b:70:a8:0c:bf:79: 5a:e3:91:77:6c:0b:70:80:02:6b:d1:c1:6a:a3:66: 59:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:83:AA:E5:DC:82:52:68:4F:C9:57:01:F1:2B:D8:32:4A:E6:01:74 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/kIOq5dyCUmhPyVcB8SvYMkrmAXQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.64.0/18 Signature Algorithm: sha256WithRSAEncryption 1b:62:5c:2c:fd:22:20:26:c7:d1:9b:33:28:5e:5f:bf:de:bb: 0d:c3:c3:47:66:27:15:2a:c1:a5:89:98:da:7e:6b:93:4f:5b: ad:75:2d:88:d8:2a:70:7f:f7:13:4d:db:cf:25:8a:66:8b:df: 94:af:d2:82:fe:b0:ca:9a:8c:bd:45:98:ea:c6:f9:4c:de:c2: c8:a5:10:63:75:30:aa:3e:ae:d4:ab:ed:a8:7d:41:3b:48:eb: 02:7d:9c:2d:10:a5:de:b9:02:1f:df:54:df:3f:46:8b:d9:c3: 25:9f:78:5a:76:b0:e5:6f:44:39:43:77:a5:19:d8:cb:7e:5c: 7d:ac:b1:e3:9a:a7:c9:4f:2d:78:b2:ba:8c:b6:de:07:8c:8e: 0a:e0:d2:56:d9:97:f0:1d:ad:b5:ef:af:63:23:f9:81:c8:97: d3:53:88:9f:9a:3c:46:bb:9c:b2:52:9b:cd:2d:8f:cd:b9:25: d3:2d:6d:2e:93:11:ab:e7:7f:4a:1c:7c:66:40:5b:9d:25:d9: 4a:d3:9f:3c:72:e7:07:22:dc:a6:28:b9:86:f9:cd:51:0d:9b: 1f:9a:f4:2e:b0:51:bb:c3:d3:6b:2d:fa:bf:69:b0:63:96:c3: cc:7d:6b:ad:41:00:7b:ab:04:70:49:69:3a:b7:22:f5:8d:8f: 62:b9:22:31 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGSkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA3MTQx MTUyMzdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDkwODNBQUU1REM4MjUy Njg0RkM5NTcwMUYxMkJEODMyNEFFNjAxNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVXQhjdcPeJ38+x9XhazEkfh2SEzLm2BJs3UQtcWKvP2XY3k7q PcWtBXERawMiyOH5OyKu4CuoB/qmYT6PFjVneCQDOxl+72pLcBv5phrUSfkID6/j y9XIv/Dyz+sssINFBnLFPKG1IRq9DEY6Yx6n3/m2i4d4XtjgXyRFCJJNZe+m34sn W7gkFrBDUlihfJVvVt2levbIIiFGravJZpGhwAYD2UxH4fH+bOY7BzXXLX0aqe74 //zeHHri7m74Ufy7v1mnfUjt15rYOfJHEtT7PBJHEkoBmNIcr0pwE9qKkCbXK5rW zES7NJtwqAy/eVrjkXdsC3CAAmvRwWqjZlk7AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUkIOq5dyCUmhPyVcB8SvYMkrmAXQwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAva0lPcTVkeUNVbWhQ eVZjQjhTdllNa3JtQVhRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBrTfQDANBgkqhkiG9w0BAQsFAAOCAQEAG2JcLP0iICbH0ZszKF5fv967DcPD R2YnFSrBpYmY2n5rk09brXUtiNgqcH/3E03bzyWKZovflK/Sgv6wypqMvUWY6sb5 TN7CyKUQY3Uwqj6u1KvtqH1BO0jrAn2cLRCl3rkCH99U3z9Gi9nDJZ94Wnaw5W9E OUN3pRnYy35cfayx45qnyU8teLK6jLbeB4yOCuDSVtmX8B2tte+vYyP5gciX01OI n5o8RrucslKbzS2Pzbkl0y1tLpMRq+d/Shx8ZkBbnSXZStOfPHLnByLcpii5hvnN UQ2bH5r0LrBRu8PTay36v2mwY5bDzH1rrUEAe6sEcElpOrci9Y2PYrkiMQ== -----END CERTIFICATE-----Generated at Sun Jul 20 14:20:46 2025 by rpki-client