$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/rkgzE4a08qwQ_Xh_6TTRDKHrWJw.roa File: rkgzE4a08qwQ_Xh_6TTRDKHrWJw.roa (raw, json) Hash identifier: 79cb5dPZj3JSM/4jjG1o3hWueP5x8kZ1bRYhCpMjYpE= Subject key identifier: AE:48:33:13:86:B4:F2:AC:10:FD:78:7F:E9:34:D1:0C:A1:EB:58:9C Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A83 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/rkgzE4a08qwQ_Xh_6TTRDKHrWJw.roa Signing time: Sat 13 Sep 2025 03:07:20 +0000 ROA not before: Sat 13 Sep 2025 03:07:20 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 2914 IP address blocks: 180.223.200.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 08 Oct 2025 13:36:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6787 (0x1a83) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=AE48331386B4F2AC10FD787FE934D10CA1EB589C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:a4:40:9c:3a:38:d7:5e:8c:8f:62:93:20:20: 0d:78:bb:fc:91:3f:ba:b6:4c:80:49:11:5b:8f:ea: b6:55:9b:6e:9c:39:4a:7b:35:b7:41:e0:77:ff:aa: ed:31:fc:17:3a:ff:56:1b:04:07:bc:8d:5b:a0:ab: 39:89:d5:29:eb:63:5e:f9:8f:c1:8f:e6:00:21:e5: 3a:76:14:8d:7a:c9:bf:b5:74:c4:5d:58:2d:78:65: de:ad:c1:e2:2c:9b:10:89:86:f4:5a:b7:b5:0a:9d: 98:76:9f:dc:58:75:21:cc:d0:d4:8f:7b:b6:22:d2: e8:1b:9c:8e:13:ea:c9:6c:6a:d0:e4:33:6d:22:8d: c8:09:f9:9a:a6:c6:a1:0d:f0:a5:01:5d:07:01:70: 95:21:cc:91:8a:92:60:60:10:2a:f1:c9:2a:7f:73: 4f:37:c0:04:0d:2b:04:b6:e4:c0:1d:95:c1:a6:1d: fd:34:1b:b2:17:07:8a:66:32:17:d1:cf:2b:0b:67: cb:21:fb:5b:e4:41:18:88:0a:fb:9f:51:ed:2c:0f: 24:ae:50:da:68:98:b3:b9:cd:32:e1:46:7e:0a:3f: 39:5e:3b:35:53:02:2e:39:a0:83:f1:cf:80:03:f6: 3b:fc:b4:23:e6:e2:ae:1e:b7:44:c6:b7:bb:6a:48: cc:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:48:33:13:86:B4:F2:AC:10:FD:78:7F:E9:34:D1:0C:A1:EB:58:9C X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/rkgzE4a08qwQ_Xh_6TTRDKHrWJw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.200.0/24 Signature Algorithm: sha256WithRSAEncryption 6d:58:ad:fb:89:ff:19:72:6e:e9:1b:f8:d4:a2:98:25:4f:e7: 6a:0d:07:4f:67:f2:dd:3a:b8:58:f0:ee:79:ae:cb:fe:a9:1f: 22:c5:ae:a9:8b:be:3a:91:ce:72:19:09:8f:b6:a1:2e:0b:18: 88:60:33:da:dd:00:9f:a3:36:59:43:c9:58:a6:aa:66:98:dd: de:87:97:4e:40:0e:e8:7d:60:7c:a2:a8:46:40:f4:eb:92:e8: 35:9c:9f:ea:d5:6b:be:1b:3b:00:e2:ed:37:45:2a:6d:7d:62: 3a:6d:10:22:23:60:65:3b:65:1e:e7:d1:54:99:5c:4c:17:b4: 01:99:fe:91:ea:3a:c6:28:af:f6:79:8c:44:66:89:42:22:bf: 0a:0a:4b:2e:39:17:66:f3:06:5e:dc:e0:cb:04:b8:17:ef:21: 1c:80:41:df:02:c9:8a:09:0e:f2:c1:d9:04:07:04:e8:05:80: f6:d6:e0:53:3e:d3:b3:a8:28:cb:e4:f1:ba:3a:67:e5:0c:1d: 2b:f8:c5:9e:c7:77:92:f8:c0:3d:e5:35:41:c2:ef:fa:16:00: b8:98:b9:f4:04:28:17:1b:41:53:24:f2:7e:67:03:b5:1c:cd: 09:5c:2a:10:12:d8:59:23:66:de:29:4c:e0:0a:49:b8:d9:13: d2:d3:9d:89 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGoMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEFFNDgzMzEzODZCNEYy QUMxMEZENzg3RkU5MzREMTBDQTFFQjU4OUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCdpECcOjjXXoyPYpMgIA14u/yRP7q2TIBJEVuP6rZVm26cOUp7 NbdB4Hf/qu0x/Bc6/1YbBAe8jVugqzmJ1SnrY175j8GP5gAh5Tp2FI16yb+1dMRd WC14Zd6tweIsmxCJhvRat7UKnZh2n9xYdSHM0NSPe7Yi0ugbnI4T6slsatDkM20i jcgJ+ZqmxqEN8KUBXQcBcJUhzJGKkmBgECrxySp/c083wAQNKwS25MAdlcGmHf00 G7IXB4pmMhfRzysLZ8sh+1vkQRiICvufUe0sDySuUNpomLO5zTLhRn4KPzleOzVT Ai45oIPxz4AD9jv8tCPm4q4et0TGt7tqSMzHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUrkgzE4a08qwQ/Xh/6TTRDKHrWJwwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvcmtnekU0YTA4cXdR X1hoXzZUVFJES0hyV0p3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTfyDANBgkqhkiG9w0BAQsFAAOCAQEAbVit+4n/GXJu6Rv41KKYJU/nag0H T2fy3Tq4WPDuea7L/qkfIsWuqYu+OpHOchkJj7ahLgsYiGAz2t0An6M2WUPJWKaq Zpjd3oeXTkAO6H1gfKKoRkD065LoNZyf6tVrvhs7AOLtN0UqbX1iOm0QIiNgZTtl HufRVJlcTBe0AZn+keo6xiiv9nmMRGaJQiK/CgpLLjkXZvMGXtzgywS4F+8hHIBB 3wLJigkO8sHZBAcE6AWA9tbgUz7Ts6goy+Txujpn5QwdK/jFnsd3kvjAPeU1QcLv +hYAuJi59AQoFxtBUyTyfmcDtRzNCVwqEBLYWSNm3ilM4ApJuNkT0tOdiQ== -----END CERTIFICATE-----Generated at Wed Oct 8 11:54:27 2025 by rpki-client