$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/On8kfEviSMviS7DjYPdYAdEGxvg.roa File: On8kfEviSMviS7DjYPdYAdEGxvg.roa (raw, json) Hash identifier: uv06yHA9649dEGkpnIahNBjNVHpKKdmmJMsM6YHyDeY= Subject key identifier: 3A:7F:24:7C:4B:E2:48:CB:E2:4B:B0:E3:60:F7:58:01:D1:06:C6:F8 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A6B Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/On8kfEviSMviS7DjYPdYAdEGxvg.roa Signing time: Sat 13 Sep 2025 03:07:14 +0000 ROA not before: Sat 13 Sep 2025 03:07:14 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 398704 IP address blocks: 180.223.124.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Sep 2025 04:33:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6763 (0x1a6b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:14 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3A7F247C4BE248CBE24BB0E360F75801D106C6F8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:74:03:8a:74:25:b4:04:35:94:c0:de:69:36: 3f:1c:e1:e3:da:f9:36:1c:57:79:be:83:ef:82:12: a7:a3:41:81:c2:5f:5d:18:d4:60:e3:fa:36:d0:99: 33:82:70:3e:af:f5:2d:de:e8:72:6d:73:40:a8:6a: d7:74:47:d0:2d:8e:44:40:77:a5:d7:1a:69:e2:c2: 63:f1:9a:2d:bd:3d:4a:4e:ef:9e:e3:a2:16:50:02: d9:41:08:08:e3:74:83:1e:17:fe:6b:b9:bd:9f:96: da:3c:59:74:7d:65:2e:a1:2d:35:a1:d7:55:7d:0a: d9:f6:89:6b:98:1f:2d:02:2b:bc:53:4d:c6:8f:14: 57:2f:aa:96:8e:f0:bc:9d:a4:36:e3:54:c3:1d:5f: d8:bc:4c:bc:b2:3a:92:71:39:4a:fd:c0:0b:bd:b0: 8a:8a:1b:b7:9d:01:1a:ab:f1:c8:72:75:c5:e0:cc: 15:70:a4:da:4b:1a:4a:ca:22:70:f1:23:e2:98:47: 93:ed:41:f9:2e:ce:a4:0b:81:29:ce:68:19:a7:22: 43:40:38:71:f4:8f:24:5a:54:d4:6d:45:da:53:ee: 66:5b:1c:09:df:26:c8:69:2b:8d:1d:1b:d6:bf:78: 04:83:e5:65:d4:39:41:d5:49:b8:f6:23:49:5c:30: 1a:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:7F:24:7C:4B:E2:48:CB:E2:4B:B0:E3:60:F7:58:01:D1:06:C6:F8 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/On8kfEviSMviS7DjYPdYAdEGxvg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.124.0/22 Signature Algorithm: sha256WithRSAEncryption b0:1a:aa:7b:85:88:44:51:42:b9:f9:a1:11:01:32:02:94:81: 53:72:dd:99:90:86:10:40:fb:c9:0c:cf:aa:be:aa:f6:28:28: 67:b6:e9:81:43:de:5d:18:3f:e6:fd:23:eb:9f:e9:ed:b3:13: 9b:6a:47:1d:e0:fc:0f:15:a5:fe:e2:5d:d3:9e:b5:10:ba:ee: 91:a7:9f:6e:76:45:e2:20:9d:f9:3a:70:04:65:03:53:05:b3: 51:c0:93:32:c0:dd:3a:29:11:7a:cc:39:9e:3b:fa:b8:51:a5: c6:13:8e:cf:6c:89:b0:91:d5:9d:7d:02:de:1f:c4:61:3e:f5: 2f:f2:71:c4:b8:e2:21:26:08:02:4c:a0:0c:4b:a1:a1:fb:f4: 34:d2:b5:28:5a:d4:82:ca:f0:69:de:44:14:aa:a9:0c:db:3f: 9e:df:4e:f1:f8:38:e4:53:b3:80:56:51:f5:91:c5:28:6d:fe: 34:2e:c9:12:02:1f:4f:74:07:ee:08:53:07:20:92:03:3f:d4: 30:12:33:f1:16:16:99:56:11:df:dd:19:87:5d:0c:5e:92:10: b8:9e:62:7d:de:f7:79:b6:a8:55:b7:4a:5e:07:28:ae:11:19: 07:17:b5:5a:46:49:41:51:34:91:d4:d4:01:5b:6d:df:b3:6b: 58:67:aa:f2 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGmswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDNBN0YyNDdDNEJFMjQ4 Q0JFMjRCQjBFMzYwRjc1ODAxRDEwNkM2RjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDidAOKdCW0BDWUwN5pNj8c4ePa+TYcV3m+g++CEqejQYHCX10Y 1GDj+jbQmTOCcD6v9S3e6HJtc0Coatd0R9AtjkRAd6XXGmniwmPxmi29PUpO757j ohZQAtlBCAjjdIMeF/5rub2flto8WXR9ZS6hLTWh11V9Ctn2iWuYHy0CK7xTTcaP FFcvqpaO8LydpDbjVMMdX9i8TLyyOpJxOUr9wAu9sIqKG7edARqr8chydcXgzBVw pNpLGkrKInDxI+KYR5PtQfkuzqQLgSnOaBmnIkNAOHH0jyRaVNRtRdpT7mZbHAnf JshpK40dG9a/eASD5WXUOUHVSbj2I0lcMBojAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUOn8kfEviSMviS7DjYPdYAdEGxvgwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvT244a2ZFdmlTTXZp UzdEallQZFlBZEVHeHZnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArTffDANBgkqhkiG9w0BAQsFAAOCAQEAsBqqe4WIRFFCufmhEQEyApSBU3Ld mZCGEED7yQzPqr6q9igoZ7bpgUPeXRg/5v0j65/p7bMTm2pHHeD8DxWl/uJd0561 ELrukaefbnZF4iCd+TpwBGUDUwWzUcCTMsDdOikResw5njv6uFGlxhOOz2yJsJHV nX0C3h/EYT71L/JxxLjiISYIAkygDEuhofv0NNK1KFrUgsrwad5EFKqpDNs/nt9O 8fg45FOzgFZR9ZHFKG3+NC7JEgIfT3QH7ghTByCSAz/UMBIz8RYWmVYR390Zh10M XpIQuJ5ifd73ebaoVbdKXgcorhEZBxe1WkZJQVE0kdTUAVtt37NrWGeq8g== -----END CERTIFICATE-----Generated at Thu Sep 18 02:52:38 2025 by rpki-client