$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/LRXIf0VPa7xa-dHhLbJhLul3src.roa File: LRXIf0VPa7xa-dHhLbJhLul3src.roa (raw, json) Hash identifier: 6biregmlVSr3x95b6rG4JE9TEa9hoVHyaS3G7ZeWpZk= Subject key identifier: 2D:15:C8:7F:45:4F:6B:BC:5A:F9:D1:E1:2D:B2:61:2E:E9:77:B2:B7 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A70 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/LRXIf0VPa7xa-dHhLbJhLul3src.roa Signing time: Sat 13 Sep 2025 03:07:15 +0000 ROA not before: Sat 13 Sep 2025 03:07:15 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 7018 IP address blocks: 180.223.212.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Oct 2025 18:36:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6768 (0x1a70) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:15 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2D15C87F454F6BBC5AF9D1E12DB2612EE977B2B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:48:75:7d:4b:2c:b7:ef:9b:51:ae:0f:8b:f5: 09:cc:8b:2d:8b:fd:b4:60:1e:f2:57:a3:0a:31:19: f6:da:f6:5d:c3:64:48:1c:5e:b7:7d:2b:52:eb:1b: f4:12:f0:8f:b1:1b:a1:20:96:b3:53:2e:d0:b5:ad: 19:38:0e:eb:5e:55:27:83:46:fe:bf:d1:40:4f:e4: 2f:58:42:84:0d:e9:4b:26:e7:b0:0a:b6:bf:a9:cd: 26:ea:d1:4c:0b:22:3a:b5:26:1e:62:3b:4b:20:66: 46:86:a9:1d:2d:1e:f0:ca:ca:19:fb:ee:69:6e:44: a5:a0:d3:36:0d:77:35:56:af:1c:1f:98:4d:45:4c: 22:c8:78:84:2d:7d:5c:1f:0f:93:fe:38:b4:88:1f: 5b:42:f1:1e:cb:d2:f9:ca:dc:87:20:e0:8a:f9:63: f8:68:ea:f9:c9:f7:6f:c6:c9:4f:d6:ef:df:93:a9: ff:86:97:32:ab:2a:cf:4e:d7:08:31:4d:a8:26:bf: 0f:cd:2d:e8:10:35:eb:16:ea:43:be:59:88:04:fa: 1b:c7:66:e2:57:83:90:d1:62:f9:b9:54:0f:c3:68: cc:49:a1:7c:bd:5d:d9:4b:7b:92:16:d0:16:44:53: df:1b:86:45:09:ce:4e:d1:a7:12:48:07:bf:94:3a: 8b:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:15:C8:7F:45:4F:6B:BC:5A:F9:D1:E1:2D:B2:61:2E:E9:77:B2:B7 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/LRXIf0VPa7xa-dHhLbJhLul3src.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.212.0/22 Signature Algorithm: sha256WithRSAEncryption 84:f4:bb:38:08:9e:64:60:41:74:dd:69:75:14:7f:27:5c:6a: 27:29:fe:43:b6:62:f7:87:b6:c0:2a:e0:d6:30:c1:db:0b:65: d4:ce:d8:3a:6c:76:01:f4:23:95:9f:6b:96:2b:37:fc:62:26: 5b:86:07:f4:2e:86:3b:65:7f:f9:41:f6:76:50:df:84:1f:ef: 55:c7:dc:8d:32:ff:09:98:f1:7e:e0:ef:65:43:77:97:ef:ea: cb:12:9b:6d:71:9e:dc:53:8f:69:99:d2:66:f7:d9:b9:c7:fd: 37:3f:31:5c:05:ac:e1:8e:b8:c9:cc:bd:b7:4f:52:56:33:ab: a5:71:e6:69:1d:f0:97:91:02:fe:65:52:a7:4f:26:25:97:c9: e3:55:57:75:b2:e9:f6:3e:3b:6c:08:71:dd:a6:1b:1b:e5:88: 65:09:44:99:8f:d6:1e:c9:7d:eb:dc:99:85:5f:e0:1a:55:28: ce:a8:79:99:d9:c6:eb:d5:4f:fb:34:fe:83:a0:7f:05:51:3e: f1:58:f3:e3:30:9d:53:5f:37:87:2a:c0:9a:4d:24:4e:66:bf: e4:6c:75:8a:76:68:c6:45:fd:a3:41:04:45:50:ce:01:9c:53: 8e:b7:94:e5:6c:53:78:f8:da:db:18:d9:ea:c8:69:2a:b3:dd: 2b:57:96:bc -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGnAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDJEMTVDODdGNDU0RjZC QkM1QUY5RDFFMTJEQjI2MTJFRTk3N0IyQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDSSHV9Syy375tRrg+L9QnMiy2L/bRgHvJXowoxGfba9l3DZEgc Xrd9K1LrG/QS8I+xG6EglrNTLtC1rRk4DuteVSeDRv6/0UBP5C9YQoQN6Usm57AK tr+pzSbq0UwLIjq1Jh5iO0sgZkaGqR0tHvDKyhn77mluRKWg0zYNdzVWrxwfmE1F TCLIeIQtfVwfD5P+OLSIH1tC8R7L0vnK3Icg4Ir5Y/ho6vnJ92/GyU/W79+Tqf+G lzKrKs9O1wgxTagmvw/NLegQNesW6kO+WYgE+hvHZuJXg5DRYvm5VA/DaMxJoXy9 XdlLe5IW0BZEU98bhkUJzk7RpxJIB7+UOou/AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQULRXIf0VPa7xa+dHhLbJhLul3srcwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvTFJYSWYwVlBhN3hh LWRIaExiSmhMdWwzc3JjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArTf1DANBgkqhkiG9w0BAQsFAAOCAQEAhPS7OAieZGBBdN1pdRR/J1xqJyn+ Q7Zi94e2wCrg1jDB2wtl1M7YOmx2AfQjlZ9rlis3/GImW4YH9C6GO2V/+UH2dlDf hB/vVcfcjTL/CZjxfuDvZUN3l+/qyxKbbXGe3FOPaZnSZvfZucf9Nz8xXAWs4Y64 ycy9t09SVjOrpXHmaR3wl5EC/mVSp08mJZfJ41VXdbLp9j47bAhx3aYbG+WIZQlE mY/WHsl969yZhV/gGlUozqh5mdnG69VP+zT+g6B/BVE+8Vjz4zCdU183hyrAmk0k Tma/5Gx1inZoxkX9o0EERVDOAZxTjreU5WxTePja2xjZ6shpKrPdK1eWvA== -----END CERTIFICATE-----Generated at Sun Oct 19 16:05:28 2025 by rpki-client