$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/WsKlAONIqplgXIz3SXDxsiqI-RQ.roa File: WsKlAONIqplgXIz3SXDxsiqI-RQ.roa (raw, json) Hash identifier: KOtV0+FM5aqoRcmTsHVmYfNdZCcUbdpqaWvURQf1SKo= Subject key identifier: 5A:C2:A5:00:E3:48:AA:99:60:5C:8C:F7:49:70:F1:B2:2A:88:F9:14 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1927 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/WsKlAONIqplgXIz3SXDxsiqI-RQ.roa Signing time: Mon 14 Jul 2025 11:52:36 +0000 ROA not before: Mon 14 Jul 2025 11:52:36 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4515 IP address blocks: 180.223.64.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Jul 2025 04:10:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6439 (0x1927) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Jul 14 11:52:36 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=5AC2A500E348AA99605C8CF74970F1B22A88F914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:40:1d:2a:db:55:e4:cb:5a:48:47:a2:e6:80: 08:bd:13:bb:f9:5c:80:bd:59:27:e0:96:b0:ae:49: a1:95:10:86:a0:1f:be:24:75:94:3f:aa:a5:2c:63: ec:34:84:41:e2:9d:5c:a5:b2:a9:81:30:0c:9a:66: 54:2f:32:9e:71:c0:f5:56:1c:c4:17:64:e6:41:5a: 89:e8:f1:e9:25:ae:37:2f:ed:17:20:6c:eb:46:8c: 1e:02:23:59:6f:0c:20:d8:32:b1:42:d0:82:6e:e2: 1d:b5:c3:2d:b5:a8:98:e2:40:aa:15:f2:cd:80:cb: 01:80:9f:ae:53:a0:87:f3:af:03:51:8d:f9:e4:5b: 6e:46:f2:6c:5c:96:b0:40:0e:49:f1:97:cf:a7:55: b3:20:0c:54:9e:49:ef:0a:31:0e:76:a4:b7:51:0d: a8:7a:2d:b3:d4:82:ba:14:32:cf:07:35:c5:b7:41: ce:c8:f1:c4:09:77:f9:6e:0b:f1:80:da:93:a8:b4: 47:a2:c6:e9:87:84:c2:18:68:4c:c7:13:9c:bb:67: a1:b8:04:ed:31:8f:8a:92:03:bc:13:db:f4:b9:92: 48:56:5b:45:cd:12:f0:94:23:e6:32:9b:27:01:28: 2f:dc:1c:c6:72:f5:e0:4d:86:c5:b0:5e:fd:1f:c2: 8d:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:C2:A5:00:E3:48:AA:99:60:5C:8C:F7:49:70:F1:B2:2A:88:F9:14 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/WsKlAONIqplgXIz3SXDxsiqI-RQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.64.0/18 Signature Algorithm: sha256WithRSAEncryption cb:10:66:02:aa:75:f5:be:3c:da:0b:11:6a:8c:db:84:e3:9d: 28:40:e9:45:7a:cf:7f:26:1d:ae:54:2a:da:47:52:35:c3:05: 0c:8a:eb:ce:57:e9:35:f5:b4:48:b6:59:78:ac:b7:32:f0:4a: b8:34:1c:14:b8:f9:e3:f2:2f:42:fa:2b:af:7d:4b:af:94:8e: 62:d7:83:53:34:ab:95:7e:de:bd:b7:a4:44:b8:8b:d9:ba:0f: 06:a5:74:bc:59:30:f2:fe:4b:ba:6b:66:09:dd:d0:0b:51:b2: ea:af:2b:15:ce:3d:c5:5e:3c:9a:c7:64:cb:14:e5:80:3d:ef: 66:b1:b0:71:6f:a8:b5:54:b1:23:a5:de:56:02:57:4c:4d:1c: 9a:16:3f:1e:95:c4:77:5a:50:54:15:4c:a1:b5:cc:23:7a:0e: 78:d2:24:de:5f:98:a1:7d:55:3b:68:93:c5:a1:84:dd:e9:0c: 05:bd:2e:c2:9f:df:50:d6:fe:4a:c2:ba:77:2c:e4:66:60:0e: 1a:b8:b8:17:06:71:89:9e:a4:f4:37:2e:52:ab:ba:30:7c:34: 4d:cd:aa:d8:fe:0b:de:8b:3e:b1:01:d2:c8:5a:4e:9e:a0:b1: f5:fc:3e:3f:28:f1:13:64:52:22:e9:32:dd:d5:4c:cc:2a:35: 77:c7:65:29 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGScwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA3MTQx MTUyMzZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVBQzJBNTAwRTM0OEFB OTk2MDVDOENGNzQ5NzBGMUIyMkE4OEY5MTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvQB0q21Xky1pIR6LmgAi9E7v5XIC9WSfglrCuSaGVEIagH74k dZQ/qqUsY+w0hEHinVylsqmBMAyaZlQvMp5xwPVWHMQXZOZBWono8eklrjcv7Rcg bOtGjB4CI1lvDCDYMrFC0IJu4h21wy21qJjiQKoV8s2AywGAn65ToIfzrwNRjfnk W25G8mxclrBADknxl8+nVbMgDFSeSe8KMQ52pLdRDah6LbPUgroUMs8HNcW3Qc7I 8cQJd/luC/GA2pOotEeixumHhMIYaEzHE5y7Z6G4BO0xj4qSA7wT2/S5kkhWW0XN EvCUI+YymycBKC/cHMZy9eBNhsWwXv0fwo0NAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUWsKlAONIqplgXIz3SXDxsiqI+RQwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvV3NLbEFPTklxcGxn WEl6M1NYRHhzaXFJLVJRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBrTfQDANBgkqhkiG9w0BAQsFAAOCAQEAyxBmAqp19b482gsRaozbhOOdKEDp RXrPfyYdrlQq2kdSNcMFDIrrzlfpNfW0SLZZeKy3MvBKuDQcFLj54/IvQvorr31L r5SOYteDUzSrlX7evbekRLiL2boPBqV0vFkw8v5LumtmCd3QC1Gy6q8rFc49xV48 msdkyxTlgD3vZrGwcW+otVSxI6XeVgJXTE0cmhY/HpXEd1pQVBVMobXMI3oOeNIk 3l+YoX1VO2iTxaGE3ekMBb0uwp/fUNb+SsK6dyzkZmAOGri4FwZxiZ6k9DcuUqu6 MHw0Tc2q2P4L3os+sQHSyFpOnqCx9fw+PyjxE2RSIuky3dVMzCo1d8dlKQ== -----END CERTIFICATE-----Generated at Mon Jul 21 00:33:42 2025 by rpki-client