$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/VZUw1hUN-B7IvTm0GZfhMffRfCE.roa File: VZUw1hUN-B7IvTm0GZfhMffRfCE.roa (raw, json) Hash identifier: eGQcZRderBX2j9jQXaE7UG/oCIToYEUVDFT/JPsiO/g= Subject key identifier: 55:95:30:D6:15:0D:F8:1E:C8:BD:39:B4:19:97:E1:31:F7:D1:7C:21 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A8E Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/VZUw1hUN-B7IvTm0GZfhMffRfCE.roa Signing time: Sat 13 Sep 2025 03:07:22 +0000 ROA not before: Sat 13 Sep 2025 03:07:22 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 10103 IP address blocks: 180.223.232.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 09:55:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6798 (0x1a8e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:22 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=559530D6150DF81EC8BD39B41997E131F7D17C21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:09:ae:2a:a2:ef:40:7e:41:40:d0:59:7e:2a: 80:d9:a6:d6:d8:08:5d:02:0c:a4:e1:9e:14:77:b1: 14:36:7f:59:b4:2e:61:0f:2d:77:ba:23:f4:f6:ba: 81:12:4b:dd:c9:72:4f:93:1f:fd:72:36:c7:e4:f6: b3:87:7f:e1:59:93:a2:9e:26:fa:a7:e9:dc:3a:82: 6e:95:31:e8:3e:5a:3f:9c:34:50:a2:26:32:d7:96: 51:00:8a:78:10:27:a5:a1:ab:19:e5:66:4d:1a:fc: 95:c1:c0:cb:fe:e2:81:30:e1:32:ba:02:52:b7:11: 8b:7e:25:8e:cf:da:43:69:88:5f:92:f5:ae:b4:35: 7e:c4:9f:bc:e2:77:b4:13:15:14:34:f0:5d:f5:f1: 99:34:f9:c7:ce:bc:f6:71:e7:e9:13:1b:8c:cd:4b: 05:d1:db:0d:ae:82:1f:e3:0a:9d:d4:87:bb:f1:c2: c3:3a:08:d6:59:1f:cc:6e:73:7a:7f:28:8f:fa:0c: d4:25:8e:55:89:bd:50:9e:ba:b0:13:1d:de:3b:26: 89:22:78:30:81:f2:23:ce:d4:34:00:dc:87:98:9e: fb:d2:2b:bf:1b:be:09:aa:58:55:4a:4a:3f:5b:c1: 72:08:30:ff:25:a8:da:90:c3:8a:fb:2d:f9:e9:1c: 49:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:95:30:D6:15:0D:F8:1E:C8:BD:39:B4:19:97:E1:31:F7:D1:7C:21 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/VZUw1hUN-B7IvTm0GZfhMffRfCE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.232.0/21 Signature Algorithm: sha256WithRSAEncryption a5:00:3a:94:52:41:36:be:b7:41:a5:ef:9d:b1:ad:5f:29:00: f4:fe:ff:56:a5:a1:4d:ce:d8:64:54:ff:10:95:88:10:76:36: 0c:12:af:4e:88:75:87:c9:18:5d:b8:d0:63:70:06:47:86:4b: 13:f8:86:44:73:3b:be:8c:fa:ed:01:69:a1:c6:71:98:9e:71: 5b:6a:d1:72:71:98:6d:c0:af:45:0e:7a:4e:c5:7b:b7:c1:08: cb:83:25:4f:0e:22:eb:d5:bd:c6:f4:61:d3:96:c5:65:08:fe: 83:d5:c9:c4:ea:cc:7e:b3:73:79:e8:29:31:21:4d:c6:23:90: 28:a4:e3:00:09:e1:08:d7:2b:7c:7a:65:3a:32:99:9e:4e:01: a5:a8:23:ad:59:76:5e:5d:84:86:0c:83:52:ab:9b:2d:a3:37: 2a:92:08:d8:bf:70:fb:9a:74:91:f3:4f:ad:51:f4:bb:1d:c5: 2f:1c:b4:b3:95:57:4e:64:dc:a5:2d:9a:53:49:d5:f0:c8:0b: 6f:14:56:ef:21:49:a7:c4:90:a1:ab:32:1f:81:a0:30:1f:6d: b9:dd:ef:4d:db:f5:d7:25:06:bb:0a:49:1a:d5:1a:85:86:5c: 0d:d9:6c:b3:dd:ed:53:cf:0a:01:99:4e:17:98:ce:79:6d:65: 5a:dd:08:aa -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGo4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MjJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDU1OTUzMEQ2MTUwREY4 MUVDOEJEMzlCNDE5OTdFMTMxRjdEMTdDMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzCa4qou9AfkFA0Fl+KoDZptbYCF0CDKThnhR3sRQ2f1m0LmEP LXe6I/T2uoESS93Jck+TH/1yNsfk9rOHf+FZk6KeJvqn6dw6gm6VMeg+Wj+cNFCi JjLXllEAingQJ6WhqxnlZk0a/JXBwMv+4oEw4TK6AlK3EYt+JY7P2kNpiF+S9a60 NX7En7zid7QTFRQ08F318Zk0+cfOvPZx5+kTG4zNSwXR2w2ugh/jCp3Uh7vxwsM6 CNZZH8xuc3p/KI/6DNQljlWJvVCeurATHd47JokieDCB8iPO1DQA3IeYnvvSK78b vgmqWFVKSj9bwXIIMP8lqNqQw4r7LfnpHEn5AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUVZUw1hUN+B7IvTm0GZfhMffRfCEwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvVlpVdzFoVU4tQjdJ dlRtMEdaZmhNZmZSZkNFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7Tf6DANBgkqhkiG9w0BAQsFAAOCAQEApQA6lFJBNr63QaXvnbGtXykA9P7/ VqWhTc7YZFT/EJWIEHY2DBKvToh1h8kYXbjQY3AGR4ZLE/iGRHM7voz67QFpocZx mJ5xW2rRcnGYbcCvRQ56TsV7t8EIy4MlTw4i69W9xvRh05bFZQj+g9XJxOrMfrNz eegpMSFNxiOQKKTjAAnhCNcrfHplOjKZnk4BpagjrVl2Xl2EhgyDUqubLaM3KpII 2L9w+5p0kfNPrVH0ux3FLxy0s5VXTmTcpS2aU0nV8MgLbxRW7yFJp8SQoasyH4Gg MB9tud3vTdv11yUGuwpJGtUahYZcDdlss93tU88KAZlOF5jOeW1lWt0Iqg== -----END CERTIFICATE-----Generated at Tue Sep 16 06:31:25 2025 by rpki-client