$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/vUKFEt0Nqeqe-YRYzaJgk6nqiNY.roa File: vUKFEt0Nqeqe-YRYzaJgk6nqiNY.roa (raw, json) Hash identifier: U1n4me1FUEz6Xijwpn6C7UnGfi9lu5zQ+RCmc+OYR6Q= Subject key identifier: BD:42:85:12:DD:0D:A9:EA:9E:F9:84:58:CD:A2:60:93:A9:EA:88:D6 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 24F6 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/vUKFEt0Nqeqe-YRYzaJgk6nqiNY.roa Signing time: Sat 13 Sep 2025 03:08:52 +0000 ROA not before: Sat 13 Sep 2025 03:08:52 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 61317 IP address blocks: 223.29.252.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 Oct 2025 04:07:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9462 (0x24f6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 13 03:08:52 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=BD428512DD0DA9EA9EF98458CDA26093A9EA88D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:94:58:e8:e5:c8:5c:0d:7d:1d:b7:88:b3:b6: 7f:45:c1:f0:f5:20:26:28:c4:6d:b3:49:e9:aa:25: 97:7b:c6:c3:26:2d:79:7a:6b:eb:dd:4d:2e:2d:ba: fb:15:75:83:7f:b7:f0:c7:97:cb:ac:6f:bb:55:ab: 81:79:8d:a0:3c:da:95:29:a2:ef:4c:2a:9b:65:9d: 90:cd:fb:63:7f:6f:c9:bc:43:19:1f:6d:4b:13:4c: 28:80:8f:80:90:88:d1:34:64:69:1d:13:89:af:3c: 88:10:e0:6c:04:72:44:6c:d6:fc:a9:52:04:f4:cf: b1:fc:06:2e:a8:f1:b4:15:f1:3b:36:d6:06:3e:82: 99:45:d0:28:7b:8e:1c:33:96:81:1c:a9:46:79:bf: c4:fc:d6:ea:aa:a4:b4:4f:4b:c2:45:0c:87:e6:0f: 92:46:cb:ba:3a:3c:67:61:c1:11:93:f9:2d:3e:a0: c4:4e:58:b3:4f:15:5e:6f:d8:89:2a:29:0d:72:97: 43:57:59:bf:a6:46:3d:8c:d6:e4:8e:bf:71:25:50: 7b:e9:c2:8d:a4:1a:7e:01:84:d1:e6:79:77:6f:dd: 72:03:59:85:00:c7:95:fc:1c:6b:9e:00:12:4d:26: dc:9f:08:57:49:07:92:eb:8c:09:ca:bc:58:a7:a6: 83:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:42:85:12:DD:0D:A9:EA:9E:F9:84:58:CD:A2:60:93:A9:EA:88:D6 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/vUKFEt0Nqeqe-YRYzaJgk6nqiNY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.29.252.0/22 Signature Algorithm: sha256WithRSAEncryption d0:8d:6e:24:2b:63:f7:a9:02:31:57:6a:0c:83:0f:42:75:af: 67:aa:89:11:cc:c7:9a:92:95:d4:ee:d3:db:31:f5:b0:cb:e8: 4c:6d:2b:b7:cd:15:b5:2e:87:94:97:1d:8c:14:20:3c:e2:06: 02:47:ec:57:90:42:b0:51:9d:9d:44:a7:d5:3f:d6:f4:30:2b: e8:fe:4a:81:a6:f3:79:a9:38:8d:eb:ae:f0:60:ed:5f:c9:eb: 5f:32:e5:9d:65:0e:57:1c:f9:ad:92:ac:73:b6:7f:d8:ad:ed: c9:c0:58:8b:b4:26:f4:2d:93:be:05:4b:9f:dd:4d:bb:ba:82: 40:a2:00:3c:1f:27:85:df:e7:41:a6:e9:99:4d:6b:b5:f5:e9: 54:d5:0d:ca:d8:45:df:55:8b:2f:9a:01:b7:79:75:1f:30:52: 34:85:b0:b0:fc:11:aa:a6:ea:07:16:2c:ab:90:35:da:53:ff: 86:27:f2:5f:8a:ba:fd:a6:15:a7:e1:6c:cc:8f:37:0e:df:51: ba:06:67:5c:48:6b:3a:63:d2:a6:69:b3:64:fa:f5:d8:d5:7e: 52:33:54:9d:6c:26:15:57:f3:a8:98:66:05:7b:4b:0e:40:b0: da:62:fc:fd:92:61:b9:af:69:f5:22:45:5a:a1:82:d2:a9:22: 2a:5c:ae:3d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICJPYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTA5MTMw MzA4NTJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEJENDI4NTEyREQwREE5 RUE5RUY5ODQ1OENEQTI2MDkzQTlFQTg4RDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9lFjo5chcDX0dt4iztn9FwfD1ICYoxG2zSemqJZd7xsMmLXl6 a+vdTS4tuvsVdYN/t/DHl8usb7tVq4F5jaA82pUpou9MKptlnZDN+2N/b8m8Qxkf bUsTTCiAj4CQiNE0ZGkdE4mvPIgQ4GwEckRs1vypUgT0z7H8Bi6o8bQV8Ts21gY+ gplF0Ch7jhwzloEcqUZ5v8T81uqqpLRPS8JFDIfmD5JGy7o6PGdhwRGT+S0+oMRO WLNPFV5v2IkqKQ1yl0NXWb+mRj2M1uSOv3ElUHvpwo2kGn4BhNHmeXdv3XIDWYUA x5X8HGueABJNJtyfCFdJB5LrjAnKvFinpoPjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUvUKFEt0Nqeqe+YRYzaJgk6nqiNYwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvdlVLRkV0ME5xZXFl LVlSWXphSmdrNm5xaU5ZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAt8d/DANBgkqhkiG9w0BAQsFAAOCAQEA0I1uJCtj96kCMVdqDIMPQnWvZ6qJ EczHmpKV1O7T2zH1sMvoTG0rt80VtS6HlJcdjBQgPOIGAkfsV5BCsFGdnUSn1T/W 9DAr6P5Kgabzeak4jeuu8GDtX8nrXzLlnWUOVxz5rZKsc7Z/2K3tycBYi7Qm9C2T vgVLn91Nu7qCQKIAPB8nhd/nQabpmU1rtfXpVNUNythF31WLL5oBt3l1HzBSNIWw sPwRqqbqBxYsq5A12lP/hifyX4q6/aYVp+FszI83Dt9RugZnXEhrOmPSpmmzZPr1 2NV+UjNUnWwmFVfzqJhmBXtLDkCw2mL8/ZJhua9p9SJFWqGC0qkiKlyuPQ== -----END CERTIFICATE-----Generated at Thu Oct 9 03:47:47 2025 by rpki-client