$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/AJU5b7pLZp71ZMp3GDEwwT3xONI.roa File: AJU5b7pLZp71ZMp3GDEwwT3xONI.roa (raw, json) Hash identifier: UNoLgIIceMo4rIs0xiV5r4HdEMUt2ZMlvVxGVEjDJxI= Subject key identifier: 00:95:39:6F:BA:4B:66:9E:F5:64:CA:77:18:31:30:C1:3D:F1:38:D2 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 192E Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/AJU5b7pLZp71ZMp3GDEwwT3xONI.roa Signing time: Mon 14 Jul 2025 11:56:17 +0000 ROA not before: Mon 14 Jul 2025 11:56:17 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4134 IP address blocks: 180.223.148.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 18:40:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6446 (0x192e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Jul 14 11:56:17 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=0095396FBA4B669EF564CA77183130C13DF138D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:e6:85:a4:9f:82:fe:97:59:b5:25:b8:2e:e5: 59:45:85:5c:b2:87:68:4b:39:b0:c5:67:5f:de:5c: b0:9d:56:bb:68:ea:21:8f:40:97:13:ec:2f:16:85: e7:26:3f:9b:2d:72:ff:e7:88:2f:20:af:c7:13:1a: 13:db:84:9f:90:d2:f5:65:76:c2:54:45:44:b8:02: 5e:13:fd:28:d2:ff:b5:07:3a:04:c8:b4:11:05:87: f0:b0:70:04:0e:ff:db:ec:00:33:05:da:f6:e4:c4: 45:3a:d9:48:8b:37:42:af:2e:54:45:89:bc:61:c3: a0:fa:3d:69:29:a3:a7:cf:25:c7:91:2a:20:14:a6: d1:eb:cd:ff:6d:a4:9d:f5:d5:c1:29:3a:9f:58:4d: d8:6a:e3:d8:fe:cd:f7:21:e9:da:7a:92:3a:77:ff: 7c:78:f1:b0:a4:7a:df:4d:94:a2:94:4a:ba:ca:78: f3:ea:ad:e4:a7:2b:c3:02:4c:97:1a:1a:d1:f0:ca: d8:ea:90:a8:d5:07:b7:61:68:91:be:eb:29:2d:fe: bb:a6:f4:0d:12:57:a6:b7:f7:d0:62:d4:3d:5f:50: 87:b2:ba:91:7f:c0:13:5f:4a:ad:b9:18:03:b1:79: 25:08:44:8c:2f:09:94:35:d5:86:4a:b9:b3:90:0d: a1:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:95:39:6F:BA:4B:66:9E:F5:64:CA:77:18:31:30:C1:3D:F1:38:D2 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/AJU5b7pLZp71ZMp3GDEwwT3xONI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.148.0/22 Signature Algorithm: sha256WithRSAEncryption da:57:cd:19:a1:b5:50:4b:af:c4:69:24:d6:1a:68:4d:1e:d5: fd:79:ad:bd:fd:ab:e9:d1:cf:f5:45:32:9d:fc:6b:73:ec:b8: f7:47:ef:76:5e:34:01:38:50:ed:d7:2c:3e:1d:09:94:c2:89: a9:07:77:39:d8:ff:4b:66:5f:3b:8c:ba:4f:5c:cd:04:89:9a: 17:78:56:ae:b7:09:57:73:01:5e:fe:f8:11:82:c7:63:94:73: 71:b9:7a:74:67:41:f2:73:f1:a6:87:ef:3b:c9:c9:a4:c1:96: 7c:82:33:d2:d6:10:64:28:90:be:de:75:3d:ec:8a:ed:ee:41: 09:39:c6:0f:62:37:38:c1:38:73:8c:11:7d:07:7d:f7:39:bb: 54:ea:42:de:e5:e6:24:f1:6a:b1:0b:7e:a5:ab:66:99:cd:3d: 10:2c:76:84:db:ac:07:ab:45:62:ae:f0:66:74:9b:47:00:3f: a7:17:61:c0:5d:c9:da:06:d0:4a:5f:11:15:4c:4e:36:2e:c4: 8d:9f:b3:76:30:5c:05:e0:57:06:7d:27:e7:ad:96:d6:c4:33: fc:c0:21:b8:ed:e7:21:ed:4c:bc:a0:8e:1c:a3:8d:e7:fc:64: 9f:08:c5:77:3d:c0:37:a1:84:c1:c7:0c:c0:96:57:89:23:e1: b3:00:9d:c9 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGS4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA3MTQx MTU2MTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDAwOTUzOTZGQkE0QjY2 OUVGNTY0Q0E3NzE4MzEzMEMxM0RGMTM4RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDZ5oWkn4L+l1m1Jbgu5VlFhVyyh2hLObDFZ1/eXLCdVrto6iGP QJcT7C8WhecmP5stcv/niC8gr8cTGhPbhJ+Q0vVldsJURUS4Al4T/SjS/7UHOgTI tBEFh/CwcAQO/9vsADMF2vbkxEU62UiLN0KvLlRFibxhw6D6PWkpo6fPJceRKiAU ptHrzf9tpJ311cEpOp9YTdhq49j+zfch6dp6kjp3/3x48bCket9NlKKUSrrKePPq reSnK8MCTJcaGtHwytjqkKjVB7dhaJG+6ykt/rum9A0SV6a399Bi1D1fUIeyupF/ wBNfSq25GAOxeSUIRIwvCZQ11YZKubOQDaEfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUAJU5b7pLZp71ZMp3GDEwwT3xONIwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvQUpVNWI3cExacDcx Wk1wM0dERXd3VDN4T05JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArTflDANBgkqhkiG9w0BAQsFAAOCAQEA2lfNGaG1UEuvxGkk1hpoTR7V/Xmt vf2r6dHP9UUynfxrc+y490fvdl40AThQ7dcsPh0JlMKJqQd3Odj/S2ZfO4y6T1zN BImaF3hWrrcJV3MBXv74EYLHY5Rzcbl6dGdB8nPxpofvO8nJpMGWfIIz0tYQZCiQ vt51PeyK7e5BCTnGD2I3OME4c4wRfQd99zm7VOpC3uXmJPFqsQt+patmmc09ECx2 hNusB6tFYq7wZnSbRwA/pxdhwF3J2gbQSl8RFUxONi7EjZ+zdjBcBeBXBn0n562W 1sQz/MAhuO3nIe1MvKCOHKON5/xknwjFdz3AN6GEwccMwJZXiSPhswCdyQ== -----END CERTIFICATE-----Generated at Sun Jul 20 16:36:05 2025 by rpki-client