$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/BNlslUkaHBdzGnCpJdf9SARldbM.roa File: BNlslUkaHBdzGnCpJdf9SARldbM.roa (raw, json) Hash identifier: oTWZ4Y50kdhC5k24a3k3a9lJu/ppFqZLgo5PCZTZyx0= Subject key identifier: 04:D9:6C:95:49:1A:1C:17:73:1A:70:A9:25:D7:FD:48:04:65:75:B3 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1AA0 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/BNlslUkaHBdzGnCpJdf9SARldbM.roa Signing time: Sat 13 Sep 2025 03:07:25 +0000 ROA not before: Sat 13 Sep 2025 03:07:25 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 398704 IP address blocks: 180.223.248.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Sep 2025 04:33:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6816 (0x1aa0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:25 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=04D96C95491A1C17731A70A925D7FD48046575B3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:4a:c2:90:a4:4e:a9:82:82:ab:99:41:68:74: 3c:22:9d:3b:2b:15:b0:c8:7a:b0:d6:f7:b8:cb:e3: ef:47:43:2c:53:9e:7f:d6:aa:6c:22:e3:b3:14:1a: 7a:aa:58:91:b8:f2:81:90:21:14:3c:68:90:88:be: 57:a0:32:f8:a3:00:15:6c:f8:95:0f:3e:1c:08:6f: 4c:6a:ed:ec:84:d0:ac:ef:8c:e9:43:5d:31:cf:e5: 3e:65:c1:0d:ad:cf:d1:9b:1c:20:38:5f:6f:c2:e3: 41:c3:e1:cf:02:2d:8b:31:97:dc:27:4a:bf:dd:1d: 20:31:c8:63:f1:eb:5f:02:f8:4a:f2:4c:78:b9:0a: a1:dc:e3:c5:25:30:b9:bf:e3:f9:c2:63:f3:8f:fc: 18:a1:6e:a7:f0:53:80:1a:b8:fb:d6:ea:f9:de:f0: e9:f8:60:db:71:ec:a1:51:35:ee:b3:67:94:2c:75: 2f:57:8c:39:24:3d:e3:b2:f5:35:43:dd:c2:6f:51: f9:c9:d1:32:72:d4:bd:74:29:4b:74:b2:98:8e:c1: ad:eb:d2:9f:75:dd:49:c3:82:85:99:b0:e2:72:10: 66:d2:80:31:59:ef:e8:66:ab:03:4c:2f:36:b2:21: 96:06:5b:84:02:e1:28:8b:d6:89:86:14:5b:73:b7: 69:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:D9:6C:95:49:1A:1C:17:73:1A:70:A9:25:D7:FD:48:04:65:75:B3 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/BNlslUkaHBdzGnCpJdf9SARldbM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.248.0/21 Signature Algorithm: sha256WithRSAEncryption 04:49:09:c0:bd:c7:84:2f:24:7e:15:cd:5b:82:56:73:9f:f9: 81:89:6f:0e:27:34:a0:a6:07:bb:cd:2c:5a:c3:d5:e5:19:73: 5c:8c:be:c3:a8:32:aa:22:80:b5:b7:0c:71:0b:6e:7d:cf:61: 3b:d5:7e:3e:ba:11:57:f1:04:b4:ea:31:b6:95:67:43:ac:a9: c1:b5:2c:f5:46:1b:5b:f0:dd:18:77:0f:3f:2f:53:b4:87:18: 22:a8:70:7f:c1:c4:a8:f2:a7:53:c8:b9:7f:02:98:93:7e:06: 42:8a:99:76:e3:18:25:99:13:44:9a:6a:ae:53:81:a3:8c:2b: d6:5e:30:5e:f2:b3:65:ee:8a:ba:7d:d9:75:46:06:8a:c0:26: e6:e3:f3:4b:8b:16:66:80:3f:1b:54:6c:05:fe:4b:47:14:0b: 78:e4:0b:3c:40:e8:30:39:be:3c:1e:4c:96:6f:12:61:1f:c3: 0b:22:00:01:1c:ad:d6:9e:91:1b:07:7b:ab:df:fb:5f:5d:f9: 53:bb:f2:14:81:5d:35:60:91:19:9a:a6:44:95:67:1a:c6:26: e3:8f:b4:53:a3:b0:25:7d:d7:82:be:8f:eb:84:98:65:2e:b6: 8c:8a:30:28:2b:86:37:d3:1e:a9:f4:56:6a:fc:95:42:a9:24: fb:f4:71:11 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGqAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MjVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDA0RDk2Qzk1NDkxQTFD MTc3MzFBNzBBOTI1RDdGRDQ4MDQ2NTc1QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCuSsKQpE6pgoKrmUFodDwinTsrFbDIerDW97jL4+9HQyxTnn/W qmwi47MUGnqqWJG48oGQIRQ8aJCIvlegMvijABVs+JUPPhwIb0xq7eyE0KzvjOlD XTHP5T5lwQ2tz9GbHCA4X2/C40HD4c8CLYsxl9wnSr/dHSAxyGPx618C+EryTHi5 CqHc48UlMLm/4/nCY/OP/BihbqfwU4AauPvW6vne8On4YNtx7KFRNe6zZ5QsdS9X jDkkPeOy9TVD3cJvUfnJ0TJy1L10KUt0spiOwa3r0p913UnDgoWZsOJyEGbSgDFZ 7+hmqwNMLzayIZYGW4QC4SiL1omGFFtzt2nbAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUBNlslUkaHBdzGnCpJdf9SARldbMwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvQk5sc2xVa2FIQmR6 R25DcEpkZjlTQVJsZGJNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7Tf+DANBgkqhkiG9w0BAQsFAAOCAQEABEkJwL3HhC8kfhXNW4JWc5/5gYlv Dic0oKYHu80sWsPV5RlzXIy+w6gyqiKAtbcMcQtufc9hO9V+ProRV/EEtOoxtpVn Q6ypwbUs9UYbW/DdGHcPPy9TtIcYIqhwf8HEqPKnU8i5fwKYk34GQoqZduMYJZkT RJpqrlOBo4wr1l4wXvKzZe6Kun3ZdUYGisAm5uPzS4sWZoA/G1RsBf5LRxQLeOQL PEDoMDm+PB5Mlm8SYR/DCyIAARyt1p6RGwd7q9/7X135U7vyFIFdNWCRGZqmRJVn GsYm44+0U6OwJX3Xgr6P64SYZS62jIowKCuGN9MeqfRWavyVQqkk+/RxEQ== -----END CERTIFICATE-----Generated at Thu Sep 18 02:52:43 2025 by rpki-client