$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/k66psZvh3me6tofKpEbaDWN8gGg.roa File: k66psZvh3me6tofKpEbaDWN8gGg.roa (raw, json) Hash identifier: yeYo9UYPIUME2c2B2hSY4uPVaQjDFmTc40TNpQLNVj4= Subject key identifier: 93:AE:A9:B1:9B:E1:DE:67:BA:B6:87:CA:A4:46:DA:0D:63:7C:80:68 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A66 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/k66psZvh3me6tofKpEbaDWN8gGg.roa Signing time: Sat 13 Sep 2025 03:07:13 +0000 ROA not before: Sat 13 Sep 2025 03:07:13 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 398704 IP address blocks: 180.223.192.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Sep 2025 04:33:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6758 (0x1a66) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:13 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=93AEA9B19BE1DE67BAB687CAA446DA0D637C8068 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:6a:82:ad:0c:78:8c:a9:1a:fb:5e:7f:43:0b: e4:75:fa:dd:c0:de:ba:3e:ed:da:bd:cc:bd:79:08: c8:d5:62:fb:a7:88:d0:6b:6b:b8:33:90:03:50:43: a3:d3:26:1f:22:bb:dd:46:0a:46:f8:e2:16:09:3e: 84:c1:05:db:51:9e:d6:99:58:8a:dc:e8:3b:81:df: 27:77:6d:d5:e2:ae:b2:a9:6a:06:ee:1c:96:3e:cf: 99:61:03:ae:10:6e:78:24:20:85:67:44:a9:34:90: 4e:19:12:ff:01:28:3b:dc:95:fc:44:98:1a:2a:0d: 40:42:a9:90:1d:94:ff:38:a3:53:6a:f3:70:b1:6c: 31:fa:17:43:27:e3:f1:66:28:38:81:2e:16:c7:62: 54:a0:32:82:02:6d:d7:71:37:31:00:0f:bf:43:b9: a4:ad:c8:dd:25:0c:6c:69:09:ac:5a:fd:ac:c8:63: 83:18:c8:45:ac:08:87:95:f9:26:d0:75:e2:09:d4: c1:66:6e:e1:8a:0c:5e:73:75:8f:b9:fe:5a:cc:ec: c9:a3:63:3a:5a:c4:48:5a:16:48:d9:01:dd:33:3c: aa:ce:d4:67:48:b4:40:50:ae:5e:a1:57:81:87:1e: ad:85:94:92:c9:47:3d:bd:94:7a:22:79:1c:a8:8a: 5d:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:AE:A9:B1:9B:E1:DE:67:BA:B6:87:CA:A4:46:DA:0D:63:7C:80:68 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/k66psZvh3me6tofKpEbaDWN8gGg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.192.0/21 Signature Algorithm: sha256WithRSAEncryption 7e:1d:b3:6f:6b:95:77:9e:b9:9a:17:d2:71:23:9a:41:f2:e8: 34:f3:1f:a9:d3:b3:7a:ee:69:74:1b:e6:5d:a2:ee:a7:b5:33: 77:25:7b:1c:79:71:8a:12:92:33:82:8c:95:dc:45:73:fb:f4: c5:71:68:98:f7:27:df:f4:93:0f:7d:ae:a4:bb:18:fa:02:05: 11:54:0b:0c:c3:7d:ce:cc:a7:bb:e2:d6:d8:09:f4:2f:36:7d: 5e:06:2e:c3:e0:78:9a:cf:f9:11:96:62:d7:1d:3b:90:a4:c7: e9:14:53:c8:50:6e:42:d3:85:95:1f:d0:29:22:e7:c8:a2:7c: 71:b4:f2:94:ca:d4:58:82:5d:53:24:45:c6:6e:6f:1b:fd:d8: 25:c2:09:42:26:f5:8f:d7:39:9a:80:3d:fb:a8:bf:9c:51:9b: 3d:a8:92:83:83:1b:a5:47:90:3c:aa:e7:fb:9d:8b:15:8d:4f: 11:0d:e3:41:c5:ed:fe:0d:e0:5a:51:91:25:49:f2:d0:95:2c: 62:be:ae:f3:5d:a5:66:69:2f:13:b9:ff:ef:0f:a5:d8:75:92: 87:40:d3:64:3e:67:b5:c8:c3:be:5c:63:73:55:7a:33:17:24: 39:fd:87:03:23:a9:54:7a:e9:fc:8c:a2:05:26:ae:83:75:f5: c2:e1:db:40 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGmYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MTNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDkzQUVBOUIxOUJFMURF NjdCQUI2ODdDQUE0NDZEQTBENjM3QzgwNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGaoKtDHiMqRr7Xn9DC+R1+t3A3ro+7dq9zL15CMjVYvuniNBr a7gzkANQQ6PTJh8iu91GCkb44hYJPoTBBdtRntaZWIrc6DuB3yd3bdXirrKpagbu HJY+z5lhA64QbngkIIVnRKk0kE4ZEv8BKDvclfxEmBoqDUBCqZAdlP84o1Nq83Cx bDH6F0Mn4/FmKDiBLhbHYlSgMoICbddxNzEAD79DuaStyN0lDGxpCaxa/azIY4MY yEWsCIeV+SbQdeIJ1MFmbuGKDF5zdY+5/lrM7MmjYzpaxEhaFkjZAd0zPKrO1GdI tEBQrl6hV4GHHq2FlJLJRz29lHoieRyoil3XAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUk66psZvh3me6tofKpEbaDWN8gGgwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvazY2cHNadmgzbWU2 dG9mS3BFYmFEV044Z0dnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7TfwDANBgkqhkiG9w0BAQsFAAOCAQEAfh2zb2uVd565mhfScSOaQfLoNPMf qdOzeu5pdBvmXaLup7UzdyV7HHlxihKSM4KMldxFc/v0xXFomPcn3/STD32upLsY +gIFEVQLDMN9zsynu+LW2An0LzZ9XgYuw+B4ms/5EZZi1x07kKTH6RRTyFBuQtOF lR/QKSLnyKJ8cbTylMrUWIJdUyRFxm5vG/3YJcIJQib1j9c5moA9+6i/nFGbPaiS g4MbpUeQPKrn+52LFY1PEQ3jQcXt/g3gWlGRJUny0JUsYr6u812lZmkvE7n/7w+l 2HWSh0DTZD5ntcjDvlxjc1V6MxckOf2HAyOpVHrp/IyiBSaug3X1wuHbQA== -----END CERTIFICATE-----Generated at Thu Sep 18 02:51:48 2025 by rpki-client