$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/OLGXw_JrX1teZvoesyQ2RYTaY_o.roa File: OLGXw_JrX1teZvoesyQ2RYTaY_o.roa (raw, json) Hash identifier: uzUfvRnmhiCvuaOEPk6t9y1wud5JDIhS2iZWH7mcFvA= Subject key identifier: 38:B1:97:C3:F2:6B:5F:5B:5E:66:FA:1E:B3:24:36:45:84:DA:63:FA Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 19E7 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/OLGXw_JrX1teZvoesyQ2RYTaY_o.roa Signing time: Wed 20 Aug 2025 06:34:16 +0000 ROA not before: Wed 20 Aug 2025 06:34:16 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 398704 IP address blocks: 180.223.128.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Aug 2025 22:32:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6631 (0x19e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Aug 20 06:34:16 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=38B197C3F26B5F5B5E66FA1EB324364584DA63FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:7d:0d:9f:0c:18:51:34:f9:6f:e3:ef:52:32: c7:ce:a2:41:40:7e:09:6c:e7:8d:ce:be:df:02:cc: e2:dd:ab:48:ac:45:19:8b:b6:64:83:36:a2:42:db: 02:b6:fb:d8:b7:43:53:c9:07:91:12:2a:58:d7:84: 9b:07:3b:56:30:cb:7f:a2:b9:2e:8e:23:4e:aa:2c: ac:d7:c7:63:95:7d:76:d8:89:56:84:f9:81:ab:8b: 7e:2e:16:ac:8b:9f:64:95:94:b0:42:33:38:2d:77: 93:a5:d5:bc:91:fa:b4:6b:10:dc:4c:96:51:3d:8f: a1:ca:96:1e:38:25:db:75:9c:69:12:d5:ca:68:79: 39:b1:d7:da:27:39:d7:f7:26:26:c8:17:97:cf:5d: d8:ee:01:bf:53:ae:1c:37:b0:dd:2e:5c:38:b5:c3: f0:c9:01:fc:cb:3d:ce:8e:e3:7c:d0:e8:a8:0b:01: 42:ac:fd:5e:3c:65:cf:d3:b5:71:bc:a3:f1:21:14: 35:53:65:3b:e1:b5:37:c6:32:bc:05:9f:84:61:e1: a2:f4:94:bf:62:d0:ce:b4:85:52:a0:ba:fe:35:d1: 58:59:88:b9:fc:64:42:c9:91:8e:e1:12:c3:01:df: 1c:41:e6:1e:fc:99:58:7d:a6:3f:85:f7:1b:17:d4: 3c:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:B1:97:C3:F2:6B:5F:5B:5E:66:FA:1E:B3:24:36:45:84:DA:63:FA X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/OLGXw_JrX1teZvoesyQ2RYTaY_o.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.128.0/18 Signature Algorithm: sha256WithRSAEncryption ad:01:a8:24:45:d1:7a:87:fd:66:09:08:6e:3a:0b:52:01:a2: 72:42:6f:62:ab:5f:8f:b9:87:ea:39:ba:40:72:40:65:bd:ab: d0:11:f9:5c:0b:a1:a0:5f:4f:f1:3f:68:74:23:36:d7:e5:ab: f2:6a:e3:28:6b:87:37:a1:20:88:69:08:ac:82:89:08:03:8d: c6:25:b5:72:45:e3:5f:97:03:21:49:12:45:5c:34:d9:64:61: 94:76:81:fd:c9:85:8b:17:13:b7:e6:89:6c:02:70:97:7d:9d: b0:f2:78:22:f5:7a:db:89:85:4f:e6:6f:2c:ae:16:00:84:16: de:76:00:77:18:1b:59:b5:6e:a8:7e:1f:9e:23:60:0a:12:4d: 59:e7:26:da:a1:49:36:a3:7c:9e:de:3c:74:46:27:f2:34:e3: 4d:1d:8b:c5:cd:fd:ac:8e:0c:87:b5:2b:24:ec:6c:b4:d2:77: 7d:b5:42:7d:e3:e6:37:c9:a3:ee:5c:3c:4f:78:ff:e4:dd:60: 8e:d3:be:a6:74:0c:37:01:7a:0d:5f:a3:66:b2:7b:ca:91:c6: 39:34:4a:d5:cf:4c:a4:5f:c2:a2:89:44:59:c5:44:22:d9:9c: 41:47:dd:e0:bf:9c:89:22:58:52:74:78:56:21:cf:01:50:cc: a4:8f:f1:8f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGecwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA4MjAw NjM0MTZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDM4QjE5N0MzRjI2QjVG NUI1RTY2RkExRUIzMjQzNjQ1ODREQTYzRkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBfQ2fDBhRNPlv4+9SMsfOokFAfgls543Ovt8CzOLdq0isRRmL tmSDNqJC2wK2+9i3Q1PJB5ESKljXhJsHO1Ywy3+iuS6OI06qLKzXx2OVfXbYiVaE +YGri34uFqyLn2SVlLBCMzgtd5Ol1byR+rRrENxMllE9j6HKlh44Jdt1nGkS1cpo eTmx19onOdf3JibIF5fPXdjuAb9Trhw3sN0uXDi1w/DJAfzLPc6O43zQ6KgLAUKs /V48Zc/TtXG8o/EhFDVTZTvhtTfGMrwFn4Rh4aL0lL9i0M60hVKguv410VhZiLn8 ZELJkY7hEsMB3xxB5h78mVh9pj+F9xsX1Dy9AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUOLGXw/JrX1teZvoesyQ2RYTaY/owHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvT0xHWHdfSnJYMXRl WnZvZXN5UTJSWVRhWV9vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBrTfgDANBgkqhkiG9w0BAQsFAAOCAQEArQGoJEXReof9ZgkIbjoLUgGickJv Yqtfj7mH6jm6QHJAZb2r0BH5XAuhoF9P8T9odCM21+Wr8mrjKGuHN6EgiGkIrIKJ CAONxiW1ckXjX5cDIUkSRVw02WRhlHaB/cmFixcTt+aJbAJwl32dsPJ4IvV624mF T+ZvLK4WAIQW3nYAdxgbWbVuqH4fniNgChJNWecm2qFJNqN8nt48dEYn8jTjTR2L xc39rI4Mh7UrJOxstNJ3fbVCfePmN8mj7lw8T3j/5N1gjtO+pnQMNwF6DV+jZrJ7 ypHGOTRK1c9MpF/CoolEWcVEItmcQUfd4L+ciSJYUnR4ViHPAVDMpI/xjw== -----END CERTIFICATE-----Generated at Wed Aug 20 19:43:43 2025 by rpki-client