$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/CahqnAeL630VcAXvzP5tJ7_FDfw.roa File: CahqnAeL630VcAXvzP5tJ7_FDfw.roa (raw, json) Hash identifier: ibE6c9ZfUrz/fGRE8yjiHT8X3r1pnLveaGC1bC3mev0= Subject key identifier: 09:A8:6A:9C:07:8B:EB:7D:15:70:05:EF:CC:FE:6D:27:BF:C5:0D:FC Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A86 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/CahqnAeL630VcAXvzP5tJ7_FDfw.roa Signing time: Sat 13 Sep 2025 03:07:20 +0000 ROA not before: Sat 13 Sep 2025 03:07:20 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 10103 IP address blocks: 180.223.212.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 09:55:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6790 (0x1a86) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=09A86A9C078BEB7D157005EFCCFE6D27BFC50DFC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:4f:66:12:b6:4d:b7:7a:0c:99:90:7d:f2:92: f2:78:e6:f5:f4:45:f1:22:57:70:01:bb:bf:f5:83: 4d:4a:53:64:ec:31:48:5c:ee:1d:2c:48:7b:79:31: 09:77:22:b4:65:f4:14:6c:ee:c0:ec:cb:eb:d8:a5: 5d:b3:d8:6a:61:1d:bb:36:9e:12:56:d5:60:7b:53: d2:02:01:c4:bd:7b:c2:bc:33:69:f9:31:e1:7d:67: cd:a3:6c:27:41:38:93:42:8d:71:a3:c4:c3:68:42: 8c:19:26:08:77:a7:8d:6d:0f:8c:e8:51:22:bd:f3: a2:0b:62:b2:71:d3:4b:8b:6e:d9:c9:79:30:84:e1: 56:50:f0:e0:55:cb:d1:67:38:94:de:e5:27:a6:36: 07:38:31:ed:53:8d:cd:5d:5e:ae:a5:22:71:8a:98: 8f:67:a1:0a:0f:11:41:94:26:53:78:d6:d3:4d:07: 2d:cb:cd:e7:d4:c3:e9:d2:01:ab:88:22:9c:8b:87: f8:e2:b6:74:42:2f:dd:a6:2b:9d:a0:dc:23:13:a7: ed:da:a5:3c:0f:01:2a:7b:cf:6d:e9:4a:97:85:aa: da:4c:77:a8:5f:d4:ba:25:26:12:34:3d:25:32:b6: e9:8e:a5:24:84:41:f6:bf:c1:39:11:87:08:3d:34: 22:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:A8:6A:9C:07:8B:EB:7D:15:70:05:EF:CC:FE:6D:27:BF:C5:0D:FC X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/CahqnAeL630VcAXvzP5tJ7_FDfw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.212.0/22 Signature Algorithm: sha256WithRSAEncryption 95:d1:b3:c2:9c:69:a2:8a:26:f2:2f:71:5c:ac:da:72:0f:e6: e8:74:d0:c8:8b:a4:15:25:13:bd:91:a5:47:81:ce:46:69:8c: ca:ba:91:16:ed:f4:3b:e7:87:3f:33:b0:d1:b8:4d:d7:67:67: 62:20:10:23:84:76:21:0f:a3:51:fd:1f:dc:18:49:5e:12:2b: 45:26:0c:7a:3f:18:16:a6:ff:29:00:12:bf:06:f0:d3:ad:86: 48:86:8e:ac:3f:09:4f:30:5f:a5:9c:96:02:c7:6f:b4:9e:6c: 0e:5b:61:fc:74:59:d2:7b:bc:5a:9f:01:6b:27:44:0c:e2:07: 22:a9:93:cd:14:09:85:d3:b3:96:a7:3a:dc:39:18:f4:9d:ae: 1d:37:ea:0b:04:91:22:b7:39:71:17:cf:7b:29:58:05:95:75: fc:76:b9:ac:44:f4:90:60:53:a3:b2:ed:59:1e:a0:07:1c:61: 6f:5e:41:c5:73:ef:e0:0c:a0:e2:a2:f8:89:47:44:48:b8:6d: 7c:5a:35:c4:6f:6d:50:cd:d1:06:36:95:a9:38:a1:36:3e:c5: 94:6f:4b:12:bd:d7:3a:a5:52:07:57:45:3a:2c:37:24:52:b2: e7:5b:22:97:bf:b8:b2:c6:6d:0f:01:7f:6b:4f:93:37:25:11: c9:d3:a3:ba -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGoYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDA5QTg2QTlDMDc4QkVC N0QxNTcwMDVFRkNDRkU2RDI3QkZDNTBERkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCUT2YStk23egyZkH3ykvJ45vX0RfEiV3ABu7/1g01KU2TsMUhc 7h0sSHt5MQl3IrRl9BRs7sDsy+vYpV2z2GphHbs2nhJW1WB7U9ICAcS9e8K8M2n5 MeF9Z82jbCdBOJNCjXGjxMNoQowZJgh3p41tD4zoUSK986ILYrJx00uLbtnJeTCE 4VZQ8OBVy9FnOJTe5SemNgc4Me1Tjc1dXq6lInGKmI9noQoPEUGUJlN41tNNBy3L zefUw+nSAauIIpyLh/jitnRCL92mK52g3CMTp+3apTwPASp7z23pSpeFqtpMd6hf 1LolJhI0PSUytumOpSSEQfa/wTkRhwg9NCIhAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUCahqnAeL630VcAXvzP5tJ7/FDfwwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvQ2FocW5BZUw2MzBW Y0FYdnpQNXRKN19GRGZ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArTf1DANBgkqhkiG9w0BAQsFAAOCAQEAldGzwpxpooom8i9xXKzacg/m6HTQ yIukFSUTvZGlR4HORmmMyrqRFu30O+eHPzOw0bhN12dnYiAQI4R2IQ+jUf0f3BhJ XhIrRSYMej8YFqb/KQASvwbw062GSIaOrD8JTzBfpZyWAsdvtJ5sDlth/HRZ0nu8 Wp8BaydEDOIHIqmTzRQJhdOzlqc63DkY9J2uHTfqCwSRIrc5cRfPeylYBZV1/Ha5 rET0kGBTo7LtWR6gBxxhb15BxXPv4Ayg4qL4iUdESLhtfFo1xG9tUM3RBjaVqTih Nj7FlG9LEr3XOqVSB1dFOiw3JFKy51sil7+4ssZtDwF/a0+TNyURydOjug== -----END CERTIFICATE-----Generated at Tue Sep 16 06:31:35 2025 by rpki-client