$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/gyU2NjiI-eKgi9sI3YCmm_4Acw4.roa File: gyU2NjiI-eKgi9sI3YCmm_4Acw4.roa (raw, json) Hash identifier: dfOUJJ92nI6uLrgtxd/05wvCEHhtWMmAa+pb7tpXLrY= Subject key identifier: 83:25:36:36:38:88:F9:E2:A0:8B:DB:08:DD:80:A6:9B:FE:00:73:0E Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A62 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/gyU2NjiI-eKgi9sI3YCmm_4Acw4.roa Signing time: Sat 13 Sep 2025 03:07:12 +0000 ROA not before: Sat 13 Sep 2025 03:07:12 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 10103 IP address blocks: 180.223.208.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 09:55:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6754 (0x1a62) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:12 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=832536363888F9E2A08BDB08DD80A69BFE00730E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:3c:83:18:31:96:b5:61:dd:83:c4:f2:47:e2: d4:4e:47:ef:2c:c7:80:f8:3f:84:66:f7:83:aa:d0: 03:bc:2d:5a:57:94:4c:e3:c5:cd:75:74:4d:f1:6e: 2c:bc:b0:ac:ff:61:ea:aa:ae:eb:e8:5d:ed:48:ea: 1a:16:06:48:5e:e2:74:03:e0:02:60:75:3d:4f:02: 4d:87:a7:d1:c4:81:7f:d0:47:52:db:2e:e7:c8:81: a8:35:d1:1b:14:b1:09:96:da:76:95:00:41:8f:92: 5f:59:bc:ff:97:c8:73:4b:56:9e:28:5e:81:e4:b6: a9:da:28:11:2c:87:b9:10:ec:35:70:94:a7:7c:03: 38:02:95:9b:b0:18:ff:8b:f0:18:74:f4:ed:3c:6c: ea:92:63:93:d4:bd:d7:7f:7d:a6:81:b2:f4:29:67: e1:03:61:b0:d9:af:ab:f7:72:ab:20:5a:3c:7e:0f: e0:60:54:3f:ae:2f:86:89:69:62:8e:2c:b2:37:82: 41:66:cc:6c:16:ef:df:ae:ca:65:95:90:01:93:42: 98:bd:f6:85:70:05:27:f2:8c:f4:20:de:de:63:95: 84:9b:aa:fc:34:a9:ee:7e:27:e7:45:be:99:6f:cb: cc:d2:e2:3f:4f:ec:e0:38:9d:6c:29:a7:5d:9f:b7: d0:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:25:36:36:38:88:F9:E2:A0:8B:DB:08:DD:80:A6:9B:FE:00:73:0E X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/gyU2NjiI-eKgi9sI3YCmm_4Acw4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.208.0/22 Signature Algorithm: sha256WithRSAEncryption 54:79:d4:78:e1:f5:36:49:7c:d3:03:48:da:06:af:6f:bd:ab: 3a:3d:7e:12:de:f5:a7:81:ba:88:b5:6f:c4:81:7b:e1:2d:b5: 28:d7:28:d6:22:9f:b9:73:fa:97:a3:ed:5d:be:49:8e:e9:a7: 70:e7:85:a4:20:e2:92:df:8a:2f:f9:84:d9:e6:ad:bd:61:15: f8:91:15:62:7d:81:de:e0:93:ae:84:63:2c:c1:7d:23:e3:c0: 01:d2:54:ab:e4:66:ec:d9:5c:ca:bd:a5:f7:59:68:0c:25:1f: 47:42:16:43:6f:a6:0c:13:c4:53:df:86:95:ed:8c:41:22:1c: a5:fa:18:2b:7f:33:ca:ac:8b:d1:05:8b:c8:c3:e2:75:7c:f5: e6:c5:70:1f:85:b5:77:18:ef:50:8e:8a:f8:fb:f7:e5:e4:d0: 65:62:82:0f:da:66:67:4c:d5:03:f8:61:da:f8:47:41:2b:79: ac:3e:62:a2:45:4a:42:05:54:4f:93:c8:2f:c1:8d:ab:6d:0f: a6:b3:b4:16:c7:cf:9f:58:51:3d:c1:d7:c9:95:82:d2:06:43: 50:39:61:15:8f:95:f7:b4:d8:af:4b:5e:d6:2f:3e:f4:83:ee: 08:b2:19:80:43:47:94:64:a6:49:74:70:72:cc:cd:9f:c4:c9: 69:88:e2:45 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGmIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MTJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDgzMjUzNjM2Mzg4OEY5 RTJBMDhCREIwOEREODBBNjlCRkUwMDczMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCuPIMYMZa1Yd2DxPJH4tROR+8sx4D4P4Rm94Oq0AO8LVpXlEzj xc11dE3xbiy8sKz/YeqqruvoXe1I6hoWBkhe4nQD4AJgdT1PAk2Hp9HEgX/QR1Lb LufIgag10RsUsQmW2naVAEGPkl9ZvP+XyHNLVp4oXoHktqnaKBEsh7kQ7DVwlKd8 AzgClZuwGP+L8Bh09O08bOqSY5PUvdd/faaBsvQpZ+EDYbDZr6v3cqsgWjx+D+Bg VD+uL4aJaWKOLLI3gkFmzGwW79+uymWVkAGTQpi99oVwBSfyjPQg3t5jlYSbqvw0 qe5+J+dFvplvy8zS4j9P7OA4nWwpp12ft9BZAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUgyU2NjiI+eKgi9sI3YCmm/4Acw4wHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvZ3lVMk5qaUktZUtn aTlzSTNZQ21tXzRBY3c0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArTf0DANBgkqhkiG9w0BAQsFAAOCAQEAVHnUeOH1Nkl80wNI2gavb72rOj1+ Et71p4G6iLVvxIF74S21KNco1iKfuXP6l6PtXb5JjumncOeFpCDikt+KL/mE2eat vWEV+JEVYn2B3uCTroRjLMF9I+PAAdJUq+Rm7Nlcyr2l91loDCUfR0IWQ2+mDBPE U9+Gle2MQSIcpfoYK38zyqyL0QWLyMPidXz15sVwH4W1dxjvUI6K+Pv35eTQZWKC D9pmZ0zVA/hh2vhHQSt5rD5iokVKQgVUT5PIL8GNq20PprO0FsfPn1hRPcHXyZWC 0gZDUDlhFY+V97TYr0te1i8+9IPuCLIZgENHlGSmSXRwcszNn8TJaYjiRQ== -----END CERTIFICATE-----Generated at Tue Sep 16 06:31:23 2025 by rpki-client