$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/7-UJy-1Ia98-5793Ui4jp1wOiLE.roa File: 7-UJy-1Ia98-5793Ui4jp1wOiLE.roa (raw, json) Hash identifier: HWRgUvhzQsB/62CWx7W7iPDbv/LYIlqg/K/PfuBXg6g= Subject key identifier: EF:E5:09:CB:ED:48:6B:DF:3E:E7:BF:77:52:2E:23:A7:5C:0E:88:B1 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A6F Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/7-UJy-1Ia98-5793Ui4jp1wOiLE.roa Signing time: Sat 13 Sep 2025 03:07:15 +0000 ROA not before: Sat 13 Sep 2025 03:07:15 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 398704 IP address blocks: 180.223.232.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Sep 2025 04:33:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6767 (0x1a6f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:15 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=EFE509CBED486BDF3EE7BF77522E23A75C0E88B1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:80:34:29:fe:27:20:82:18:b7:66:d3:f3:16: 10:25:9b:3e:c5:a9:f4:f2:f0:f6:dd:e5:ad:99:d5: d2:a0:21:40:5e:56:a5:9d:25:c4:17:2b:a5:e4:be: 1b:a1:b0:f3:0c:71:74:f8:06:cf:39:7c:13:3a:8b: 25:f4:f2:13:20:f6:ea:37:ea:60:ff:52:55:b0:42: b0:fd:5a:14:f9:31:91:b4:7c:06:7a:d9:2f:95:1b: 43:90:2f:f0:eb:3c:ec:4e:18:2b:d0:93:2c:07:db: aa:e7:fa:c1:83:88:16:f0:15:6d:eb:aa:df:5b:aa: b5:ba:5c:bf:a8:78:49:6d:16:4e:9e:17:1a:2e:2a: 28:57:b5:fa:97:c5:96:7c:16:7f:3b:d9:98:49:74: f9:ee:ae:fe:b7:f7:12:e3:df:32:90:12:4e:21:d7: 9c:a7:2c:81:12:e4:d8:eb:27:5a:c2:33:47:88:d3: 36:4e:41:a5:2c:01:83:44:11:df:86:61:21:16:b0: ce:be:ce:bc:ac:76:68:f9:77:80:c0:98:73:0d:e2: 1b:f3:5c:62:49:a1:4d:b0:61:52:ef:f9:db:02:39: 2b:6e:70:89:54:da:d0:bb:2d:39:1f:5c:2b:16:af: 41:6e:e0:2a:31:c2:80:c2:7e:ec:af:53:d2:91:a7: b8:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:E5:09:CB:ED:48:6B:DF:3E:E7:BF:77:52:2E:23:A7:5C:0E:88:B1 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/7-UJy-1Ia98-5793Ui4jp1wOiLE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.232.0/21 Signature Algorithm: sha256WithRSAEncryption 8d:b4:15:a8:1b:53:0e:30:e3:f2:d7:4a:e2:36:02:e4:ee:56: cc:ef:f0:8b:45:7e:fa:6a:ed:9c:1e:29:c0:0e:09:f0:e5:b9: 1a:d3:75:1c:47:93:cf:e1:87:24:50:c2:ca:74:02:d6:f1:da: d8:ed:f8:ea:6e:8b:5c:ae:dc:37:99:15:89:54:b9:8f:75:5b: cc:a8:e3:7c:b7:f6:14:34:10:2e:38:1b:8e:30:b6:4f:11:3e: d7:03:4b:1f:15:6e:46:4e:4c:08:cb:f5:24:c3:48:0b:71:38: 82:c0:e2:18:9f:a3:12:c0:85:c7:18:93:43:52:f8:7c:ca:fd: e4:88:57:99:f6:4b:a8:63:23:eb:0e:f6:31:3f:0a:12:3f:88: 2f:fe:05:c9:a1:8c:cc:f0:5c:3f:64:da:40:dd:95:90:79:ac: 7c:00:b8:44:ee:14:ab:2e:0b:07:ba:13:7d:bb:5f:0e:2a:b2: 57:10:bf:ad:d5:d4:0a:87:7e:96:5a:35:50:7d:bc:fd:0f:ca: 4c:5b:89:47:94:01:98:a8:1a:5e:5a:b5:ba:f3:6e:c0:3e:be: df:ed:ed:99:c4:33:db:73:58:e2:64:f6:10:e2:68:c9:17:1e: 8a:92:d2:34:b1:c0:21:f7:64:6f:e1:1f:4a:e5:9c:d5:ad:17: 7b:f6:f4:c2 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGm8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEVGRTUwOUNCRUQ0ODZC REYzRUU3QkY3NzUyMkUyM0E3NUMwRTg4QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7gDQp/icgghi3ZtPzFhAlmz7FqfTy8Pbd5a2Z1dKgIUBeVqWd JcQXK6XkvhuhsPMMcXT4Bs85fBM6iyX08hMg9uo36mD/UlWwQrD9WhT5MZG0fAZ6 2S+VG0OQL/DrPOxOGCvQkywH26rn+sGDiBbwFW3rqt9bqrW6XL+oeEltFk6eFxou KihXtfqXxZZ8Fn872ZhJdPnurv639xLj3zKQEk4h15ynLIES5NjrJ1rCM0eI0zZO QaUsAYNEEd+GYSEWsM6+zrysdmj5d4DAmHMN4hvzXGJJoU2wYVLv+dsCOStucIlU 2tC7LTkfXCsWr0Fu4CoxwoDCfuyvU9KRp7jXAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU7+UJy+1Ia98+5793Ui4jp1wOiLEwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvNy1VSnktMUlhOTgt NTc5M1VpNGpwMXdPaUxFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7Tf6DANBgkqhkiG9w0BAQsFAAOCAQEAjbQVqBtTDjDj8tdK4jYC5O5WzO/w i0V++mrtnB4pwA4J8OW5GtN1HEeTz+GHJFDCynQC1vHa2O346m6LXK7cN5kViVS5 j3VbzKjjfLf2FDQQLjgbjjC2TxE+1wNLHxVuRk5MCMv1JMNIC3E4gsDiGJ+jEsCF xxiTQ1L4fMr95IhXmfZLqGMj6w72MT8KEj+IL/4FyaGMzPBcP2TaQN2VkHmsfAC4 RO4Uqy4LB7oTfbtfDiqyVxC/rdXUCod+llo1UH28/Q/KTFuJR5QBmKgaXlq1uvNu wD6+3+3tmcQz23NY4mT2EOJoyRceipLSNLHAIfdkb+EfSuWc1a0Xe/b0wg== -----END CERTIFICATE-----Generated at Thu Sep 18 02:53:45 2025 by rpki-client