$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/Ln8gmMdqQOUwkyoCOZHUCrn6ajM.roa File: Ln8gmMdqQOUwkyoCOZHUCrn6ajM.roa (raw, json) Hash identifier: cwxX9ngM/h5uF8PgB2BRoZe/y/7TqHR0RcpCnQBZtXY= Subject key identifier: 2E:7F:20:98:C7:6A:40:E5:30:93:2A:02:39:91:D4:0A:B9:FA:6A:33 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A79 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/Ln8gmMdqQOUwkyoCOZHUCrn6ajM.roa Signing time: Sat 13 Sep 2025 03:07:18 +0000 ROA not before: Sat 13 Sep 2025 03:07:18 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 10103 IP address blocks: 180.223.124.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 09:55:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6777 (0x1a79) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:18 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2E7F2098C76A40E530932A023991D40AB9FA6A33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:fc:d9:3d:74:09:cc:89:02:63:cf:1a:39:e7: 44:21:75:6c:c5:65:c1:26:be:d8:92:2b:1d:2d:ae: a0:6c:34:1e:d1:ee:fb:f4:62:2e:df:c9:fe:3c:7a: 39:38:67:46:80:97:70:f1:16:36:fd:2f:08:70:61: c3:42:6e:f8:20:29:4b:d4:0d:2c:78:fe:aa:e4:50: ee:fb:28:26:46:de:2d:20:83:a1:aa:62:7e:e6:d0: c3:1a:69:02:00:e3:05:7d:23:7f:11:88:9c:b1:0a: f0:42:66:33:3f:41:5b:37:a3:65:6c:cf:c0:40:c2: 14:35:8c:ac:44:c1:8e:a9:2b:3b:50:9c:ac:33:ad: c3:d0:2f:7b:c1:47:ad:26:22:da:a5:2f:0f:0c:36: 41:ca:66:5d:80:b1:d9:c5:b5:9d:c9:00:35:a4:ff: 30:a9:c8:21:1d:45:b8:c7:cd:9a:36:41:0b:45:84: b3:7d:d2:08:64:ac:a1:b0:06:d0:e6:d7:37:31:1a: f6:1a:3c:1a:66:99:24:cf:14:94:52:59:11:9f:21: 5e:8b:73:c1:10:0d:17:3b:ec:05:f7:38:75:1f:12: e7:c1:27:67:d5:4e:06:1c:5a:2e:15:90:a6:fe:b4: d5:ee:0b:76:7b:30:eb:19:35:03:c3:51:e2:e4:48: 85:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:7F:20:98:C7:6A:40:E5:30:93:2A:02:39:91:D4:0A:B9:FA:6A:33 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/Ln8gmMdqQOUwkyoCOZHUCrn6ajM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.124.0/22 Signature Algorithm: sha256WithRSAEncryption c9:dd:93:fe:08:d8:fa:88:c9:b3:51:e5:22:a0:31:88:6e:49: 24:6a:5b:04:b0:c8:bf:68:ba:8a:74:59:36:47:7c:a7:8c:82: c7:70:c6:c3:21:fc:28:4a:f7:4b:71:81:5d:89:6a:14:3d:d8: 99:80:fd:91:5b:7f:55:65:b8:4c:28:d3:a9:32:23:37:f2:79: 9a:f8:4a:a8:cb:62:87:d3:33:1e:9e:3f:7b:af:3f:e8:80:f3: 2c:36:29:c9:ee:d9:9b:65:1d:49:f4:f8:1d:6e:e4:5f:75:da: a4:b9:c1:40:f2:d7:98:78:02:54:87:15:99:bc:19:1a:ba:d6: af:69:88:55:28:9a:48:0e:b5:5d:6c:c8:d8:15:e1:83:d6:78: 07:1e:b2:ea:51:43:3e:68:dd:4e:44:48:c9:df:e9:f9:3a:5f: eb:36:83:19:2f:aa:b0:25:a6:a6:58:5f:56:b9:9b:4b:0e:55: 57:c3:e0:da:a6:d5:1c:f3:60:44:22:1c:d3:df:16:c3:c5:64: 9d:6a:0b:16:81:48:76:da:27:f1:d6:c2:78:08:e7:24:78:8b: 68:99:10:2a:df:fd:6c:8a:17:04:08:19:88:c0:92:a9:e5:f2: 49:36:6b:d7:62:9a:78:7d:fe:99:db:35:15:a0:f4:7e:dd:44: 7f:ba:bf:c3 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGnkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDJFN0YyMDk4Qzc2QTQw RTUzMDkzMkEwMjM5OTFENDBBQjlGQTZBMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCx/Nk9dAnMiQJjzxo550QhdWzFZcEmvtiSKx0trqBsNB7R7vv0 Yi7fyf48ejk4Z0aAl3DxFjb9LwhwYcNCbvggKUvUDSx4/qrkUO77KCZG3i0gg6Gq Yn7m0MMaaQIA4wV9I38RiJyxCvBCZjM/QVs3o2Vsz8BAwhQ1jKxEwY6pKztQnKwz rcPQL3vBR60mItqlLw8MNkHKZl2AsdnFtZ3JADWk/zCpyCEdRbjHzZo2QQtFhLN9 0ghkrKGwBtDm1zcxGvYaPBpmmSTPFJRSWRGfIV6Lc8EQDRc77AX3OHUfEufBJ2fV TgYcWi4VkKb+tNXuC3Z7MOsZNQPDUeLkSIVZAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQULn8gmMdqQOUwkyoCOZHUCrn6ajMwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvTG44Z21NZHFRT1V3 a3lvQ09aSFVDcm42YWpNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArTffDANBgkqhkiG9w0BAQsFAAOCAQEAyd2T/gjY+ojJs1HlIqAxiG5JJGpb BLDIv2i6inRZNkd8p4yCx3DGwyH8KEr3S3GBXYlqFD3YmYD9kVt/VWW4TCjTqTIj N/J5mvhKqMtih9MzHp4/e68/6IDzLDYpye7Zm2UdSfT4HW7kX3XapLnBQPLXmHgC VIcVmbwZGrrWr2mIVSiaSA61XWzI2BXhg9Z4Bx6y6lFDPmjdTkRIyd/p+Tpf6zaD GS+qsCWmplhfVrmbSw5VV8Pg2qbVHPNgRCIc098Ww8VknWoLFoFIdton8dbCeAjn JHiLaJkQKt/9bIoXBAgZiMCSqeXySTZr12KaeH3+mds1FaD0ft1Ef7q/ww== -----END CERTIFICATE-----Generated at Tue Sep 16 06:31:26 2025 by rpki-client