$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/ULqSC4GwPEFShTqbFNcCDKI6Hi0.roa File: ULqSC4GwPEFShTqbFNcCDKI6Hi0.roa (raw, json) Hash identifier: R4oGAyXZf43GVTCiKXLq1aODq5CmaIK5EgCnSH+mJnY= Subject key identifier: 50:BA:92:0B:81:B0:3C:41:52:85:3A:9B:14:D7:02:0C:A2:3A:1E:2D Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Certificate serial: 0CB7 Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/ULqSC4GwPEFShTqbFNcCDKI6Hi0.roa Signing time: Wed 09 Jul 2025 10:27:21 +0000 ROA not before: Wed 09 Jul 2025 10:27:21 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 135061 IP address blocks: 202.46.224.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 12:40:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3255 (0xcb7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Validity Not Before: Jul 9 10:27:21 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=50BA920B81B03C4152853A9B14D7020CA23A1E2D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:95:03:3e:07:e6:a6:ed:5e:7d:6e:f4:7d:58: af:19:9f:0d:cf:0f:b7:ea:95:0b:29:b1:63:66:aa: f6:7f:7b:4f:d5:2f:bf:90:37:9f:84:d3:0c:5a:70: 7d:02:fe:c0:ee:37:fd:ad:d7:65:5a:ea:87:b5:d7: 6f:98:6a:87:f5:f8:f5:98:55:0b:2b:fd:68:97:e7: 01:13:df:45:79:70:c5:9f:4b:3c:74:82:e5:01:71: 5b:3c:a5:2d:ac:fc:46:be:56:88:5b:89:04:17:b9: fb:b2:4d:1b:a0:6c:3f:6d:01:ea:f2:97:5d:ec:90: 42:c1:01:1b:cc:b7:c7:96:3e:6e:1e:dd:b0:ca:ea: 3e:f0:c4:b9:52:9d:ef:92:65:cd:71:0b:75:96:83: 88:b5:74:9b:db:8e:c2:f2:ad:17:5d:a7:c5:41:91: fd:cf:7a:1b:84:41:da:5c:8a:20:fe:eb:a3:69:ab: dd:14:8b:0b:3a:d3:29:7f:ce:7d:0c:36:35:4c:00: 8c:ea:4c:f3:89:06:6d:20:87:db:93:bb:0e:2e:3b: 07:67:de:12:33:5d:78:3d:ea:f5:d9:69:06:7b:23: a0:49:2d:a4:25:e0:b0:a7:59:54:b6:95:de:00:ac: 1f:f6:31:13:0e:54:25:75:78:31:76:bf:a9:82:ef: 47:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:BA:92:0B:81:B0:3C:41:52:85:3A:9B:14:D7:02:0C:A2:3A:1E:2D X509v3 Authority Key Identifier: keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/ULqSC4GwPEFShTqbFNcCDKI6Hi0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.46.224.0/20 Signature Algorithm: sha256WithRSAEncryption 92:bc:d1:00:35:85:dc:40:19:78:78:9b:9d:b9:6b:ba:c0:f0: 06:03:18:8d:5f:c9:57:27:9e:d8:f1:28:2b:dd:ce:4a:bc:0e: 19:87:5d:d2:e6:81:12:b3:ef:2c:ea:c6:e1:04:5a:88:46:bc: 3e:00:47:e0:c2:5b:3c:2b:d3:74:b5:dc:f4:8a:6c:50:b2:7d: 1d:d8:b7:5f:bb:53:11:26:bc:ec:08:27:10:65:e8:03:6a:e7: 93:95:c6:ce:17:ab:56:2c:be:1e:72:8a:b8:98:5b:f9:02:f4: 62:9f:29:8e:ad:12:36:c9:41:28:82:dc:4a:8e:df:0d:06:c6: 1c:dc:9d:4f:1a:b6:8b:83:84:10:01:00:69:c4:ea:f5:73:55: 3b:2e:6c:70:8a:43:da:6c:73:1f:f1:96:36:aa:ba:ab:3e:85: 31:e6:30:bd:16:c8:34:d9:fb:a5:7e:a2:45:1b:40:58:d7:a4: 19:41:e6:d9:04:8e:49:d9:96:7d:9f:dd:29:56:db:b1:9c:51: 06:a6:59:ea:40:dc:60:b9:6c:aa:2d:23:cd:93:17:b2:8e:35: 05:61:8f:9f:1a:6f:37:1b:d5:73:57:b4:34:fd:0b:2d:5d:5e: 7c:64:13:9d:aa:1b:fd:b4:4b:76:0a:0c:48:7e:2e:39:87:dd: 32:d0:c9:5d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDLcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNTA3MDkx MDI3MjFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDUwQkE5MjBCODFCMDND NDE1Mjg1M0E5QjE0RDcwMjBDQTIzQTFFMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+lQM+B+am7V59bvR9WK8Znw3PD7fqlQspsWNmqvZ/e0/VL7+Q N5+E0wxacH0C/sDuN/2t12Va6oe112+Yaof1+PWYVQsr/WiX5wET30V5cMWfSzx0 guUBcVs8pS2s/Ea+VohbiQQXufuyTRugbD9tAeryl13skELBARvMt8eWPm4e3bDK 6j7wxLlSne+SZc1xC3WWg4i1dJvbjsLyrRddp8VBkf3PehuEQdpciiD+66Npq90U iws60yl/zn0MNjVMAIzqTPOJBm0gh9uTuw4uOwdn3hIzXXg96vXZaQZ7I6BJLaQl 4LCnWVS2ld4ArB/2MRMOVCV1eDF2v6mC70d5AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUULqSC4GwPEFShTqbFNcCDKI6Hi0wHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b 3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvVUxxU0M0R3dQRUZT aFRxYkZOY0NES0k2SGkwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBMou4DANBgkqhkiG9w0BAQsFAAOCAQEAkrzRADWF3EAZeHibnblrusDwBgMY jV/JVyee2PEoK93OSrwOGYdd0uaBErPvLOrG4QRaiEa8PgBH4MJbPCvTdLXc9Ips ULJ9Hdi3X7tTESa87AgnEGXoA2rnk5XGzherViy+HnKKuJhb+QL0Yp8pjq0SNslB KILcSo7fDQbGHNydTxq2i4OEEAEAacTq9XNVOy5scIpD2mxzH/GWNqq6qz6FMeYw vRbINNn7pX6iRRtAWNekGUHm2QSOSdmWfZ/dKVbbsZxRBqZZ6kDcYLlsqi0jzZMX so41BWGPnxpvNxvVc1e0NP0LLV1efGQTnaob/bRLdgoMSH4uOYfdMtDJXQ== -----END CERTIFICATE-----Generated at Sun Jul 20 12:32:13 2025 by rpki-client