$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/HnRuKgNC5PtSCwgnHRE4jEinoGk.roa File: HnRuKgNC5PtSCwgnHRE4jEinoGk.roa (raw, json) Hash identifier: RtSmcZyQZMSPEyvg5q84y6hefhYQiGXaziDVDrnqgDk= Subject key identifier: 1E:74:6E:2A:03:42:E4:FB:52:0B:08:27:1D:11:38:8C:48:A7:A0:69 Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Certificate serial: 078C Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/HnRuKgNC5PtSCwgnHRE4jEinoGk.roa Signing time: Thu 10 Jul 2025 08:01:48 +0000 ROA not before: Thu 10 Jul 2025 08:01:48 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4812 IP address blocks: 114.111.191.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 12:41:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1932 (0x78c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Validity Not Before: Jul 10 08:01:48 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=1E746E2A0342E4FB520B08271D11388C48A7A069 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:c3:b6:f5:1c:b7:76:88:a9:01:75:b3:bf:50: 20:f0:d9:a7:a3:86:f9:34:c8:ff:00:c4:c8:5a:0e: 41:af:56:ea:4a:60:bc:43:e0:86:ca:b6:be:45:3b: e3:e8:a9:e5:a8:00:b1:75:5e:a1:89:88:a2:82:45: d7:3f:73:93:f5:b5:da:7c:bc:d7:61:09:19:1f:b4: 3d:52:a2:1c:ac:81:36:9a:e5:b9:cf:45:e5:43:94: e3:f2:47:46:fc:19:5a:a7:c5:c0:26:5d:6c:2c:73: 81:da:c6:0a:3a:eb:66:5e:c3:da:ef:d9:5e:0e:15: 8e:40:96:e6:fc:45:42:84:05:a8:9f:c2:ca:57:65: 32:cd:a2:b6:d2:69:52:f0:25:ce:d4:1a:1d:b8:fd: d0:e5:3c:0c:bc:39:3a:8f:b4:3c:bb:7b:06:c5:f4: e9:55:67:97:f2:67:bc:67:3e:ba:60:74:ea:98:2a: 88:65:dc:0b:09:c3:08:66:b1:52:79:0d:4b:80:40: 25:97:f5:67:cf:33:d4:8a:fe:94:82:a5:d0:1c:ac: 5f:74:a2:3b:d0:cf:89:0a:b4:c0:c0:0c:eb:b1:86: 53:ee:7e:d9:84:89:ae:b3:b4:09:00:34:55:ed:ad: b2:a0:ca:ff:21:01:29:6c:4b:c0:00:3e:b3:8f:78: c1:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:74:6E:2A:03:42:E4:FB:52:0B:08:27:1D:11:38:8C:48:A7:A0:69 X509v3 Authority Key Identifier: keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/HnRuKgNC5PtSCwgnHRE4jEinoGk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.111.191.0/24 Signature Algorithm: sha256WithRSAEncryption 60:60:9a:12:21:0f:86:9e:9a:a4:a1:41:c1:9b:c8:b4:71:98: 12:ab:bf:5c:cc:98:3a:16:f9:a7:9c:b5:03:54:fa:43:7a:c5: 15:59:79:35:87:c0:e4:d3:6f:9a:35:18:df:98:42:3f:9b:14: 55:4a:3e:68:a7:51:f6:40:43:6a:3f:cf:af:4c:9d:39:be:86: c5:76:4e:b9:00:0e:3a:23:63:8e:de:99:61:e9:79:f6:16:25: 3c:73:3c:ab:8b:16:ff:23:e3:b6:ff:2b:d6:5f:26:30:0a:c1: a6:43:28:cc:f2:8a:26:ee:10:e2:fb:22:0f:01:b9:e4:eb:40: 73:ad:fd:5b:74:66:45:e0:50:aa:d8:84:88:c7:aa:c3:59:0b: 9e:75:ba:c6:f1:39:bb:c2:07:e5:fb:ef:32:82:2e:50:8b:e5: 7e:0d:38:68:2f:bc:f7:f1:fa:cc:26:e1:92:ed:3e:17:d4:26: c1:7b:ea:e8:3a:39:ee:8d:a6:86:bf:c5:33:44:5b:77:73:62: 6c:f7:a2:7f:f7:f8:23:5d:4a:c0:3e:37:8c:db:8c:01:19:7d: ac:5b:d6:ee:99:b7:6c:c2:d2:85:db:b3:e6:c5:5c:b6:91:3a: 00:d2:e7:38:62:a6:f3:40:56:85:5c:fc:64:d3:4f:13:17:63: 2f:40:a1:12 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICB4wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNTA3MTAw ODAxNDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDFFNzQ2RTJBMDM0MkU0 RkI1MjBCMDgyNzFEMTEzODhDNDhBN0EwNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFw7b1HLd2iKkBdbO/UCDw2aejhvk0yP8AxMhaDkGvVupKYLxD 4IbKtr5FO+PoqeWoALF1XqGJiKKCRdc/c5P1tdp8vNdhCRkftD1SohysgTaa5bnP ReVDlOPyR0b8GVqnxcAmXWwsc4Haxgo662Zew9rv2V4OFY5Alub8RUKEBaifwspX ZTLNorbSaVLwJc7UGh24/dDlPAy8OTqPtDy7ewbF9OlVZ5fyZ7xnPrpgdOqYKohl 3AsJwwhmsVJ5DUuAQCWX9WfPM9SK/pSCpdAcrF90ojvQz4kKtMDADOuxhlPuftmE ia6ztAkANFXtrbKgyv8hASlsS8AAPrOPeMHXAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUHnRuKgNC5PtSCwgnHRE4jEinoGkwHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvSG5SdUtnTkM1UHRT Q3dnbkhSRTRqRWlub0drLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHJvvzANBgkqhkiG9w0BAQsFAAOCAQEAYGCaEiEPhp6apKFBwZvItHGYEqu/ XMyYOhb5p5y1A1T6Q3rFFVl5NYfA5NNvmjUY35hCP5sUVUo+aKdR9kBDaj/Pr0yd Ob6GxXZOuQAOOiNjjt6ZYel59hYlPHM8q4sW/yPjtv8r1l8mMArBpkMozPKKJu4Q 4vsiDwG55OtAc639W3RmReBQqtiEiMeqw1kLnnW6xvE5u8IH5fvvMoIuUIvlfg04 aC+89/H6zCbhku0+F9QmwXvq6Do57o2mhr/FM0Rbd3NibPeif/f4I11KwD43jNuM ARl9rFvW7pm3bMLShduz5sVctpE6ANLnOGKm80BWhVz8ZNNPExdjL0ChEg== -----END CERTIFICATE-----Generated at Sun Jul 20 12:37:12 2025 by rpki-client