$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/M9G958ynnKlta1JlYdgrEtU51Rk.roa File: M9G958ynnKlta1JlYdgrEtU51Rk.roa (raw, json) Hash identifier: i8nfwXN10nn98cnUMZFgBAhxSDuzv38O3WWAu1Z5Fj8= Subject key identifier: 33:D1:BD:E7:CC:A7:9C:A9:6D:6B:52:65:61:D8:2B:12:D5:39:D5:19 Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Certificate serial: 076E Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/M9G958ynnKlta1JlYdgrEtU51Rk.roa Signing time: Tue 08 Jul 2025 08:45:10 +0000 ROA not before: Tue 08 Jul 2025 08:45:10 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146762 IP address blocks: 114.111.190.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 12:41:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1902 (0x76e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Validity Not Before: Jul 8 08:45:10 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=33D1BDE7CCA79CA96D6B526561D82B12D539D519 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:4e:9c:98:84:a9:96:91:29:ff:59:7a:30:6f: 4f:62:1a:88:e1:c7:e1:28:5f:b8:93:8d:b5:14:42: 6b:a4:c4:0c:2e:00:54:19:a2:85:c8:ba:fd:80:9a: f7:94:5e:8f:23:85:ae:fc:fa:15:11:57:35:6b:1b: f5:0b:50:60:d6:fc:9c:5e:6f:9b:b3:33:fd:1f:bd: 3c:09:6f:9f:d9:fd:7e:65:d9:6e:75:58:80:65:0b: b5:fa:18:24:b5:88:7d:da:64:1a:c0:52:38:e1:62: 3f:aa:b5:38:bd:8a:0c:0f:a7:b0:57:f9:c3:a9:80: 47:e4:5f:5a:38:64:21:f3:fe:25:e0:10:93:33:b6: 49:83:95:de:ed:39:95:e1:0d:54:37:92:58:84:e6: 78:57:09:6a:0a:0c:dc:5d:70:d7:1d:b3:f6:a4:90: d7:dd:4b:1e:5a:f0:d1:ad:25:de:c5:2b:bc:30:a3: a6:e9:db:b2:06:31:d0:29:b6:18:f1:9e:0f:52:97: 1d:85:b4:7d:e9:c0:51:3d:49:44:98:fe:21:07:e3: 80:5c:0d:96:97:ed:1f:b1:e5:3d:ba:5a:fe:21:e0: f8:a6:47:aa:72:ca:81:13:47:0e:73:ea:84:e1:5f: ac:df:e0:2b:1d:4a:a6:c5:60:c5:8f:bc:ca:53:cf: 06:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:D1:BD:E7:CC:A7:9C:A9:6D:6B:52:65:61:D8:2B:12:D5:39:D5:19 X509v3 Authority Key Identifier: keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/M9G958ynnKlta1JlYdgrEtU51Rk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.111.190.0/24 Signature Algorithm: sha256WithRSAEncryption 54:4d:c6:62:bb:de:50:dc:0c:73:33:ea:28:34:54:64:51:3f: 71:4b:83:1a:70:55:3a:11:8b:72:9c:5a:68:61:bc:c5:80:f1: 20:51:d9:18:8e:04:5c:83:dc:c9:e6:8a:47:c8:66:fb:39:6e: dc:8a:be:02:11:74:84:15:19:2d:1f:fc:db:1b:df:60:3d:6a: ad:c8:88:e4:03:45:95:cd:10:d2:09:5c:57:8d:ff:72:29:08: e8:a8:5e:e3:ed:a8:84:4b:17:83:c3:74:2a:29:b7:8c:1d:af: 06:94:0e:b1:2c:1d:29:d2:5f:c1:d2:e2:86:1e:a1:b5:c6:85: e1:2a:30:d4:d9:d4:7e:13:0b:c3:58:6c:ea:dd:ad:d5:79:71: eb:45:7a:0a:f8:2a:b0:8e:10:5f:3b:ba:b7:14:21:a6:ff:0a: 1a:22:7a:48:1d:a7:75:67:1a:aa:ec:a6:80:84:a2:98:d2:6a: 31:b4:83:af:9d:21:95:f5:86:00:13:8f:36:51:87:7b:e3:c9: eb:7a:4c:cd:90:59:16:2b:c7:e5:b7:77:b0:84:3c:46:db:50: 7e:f0:8b:df:f9:65:1c:16:c4:0f:6c:87:30:06:3e:5f:88:59: 85:87:0c:ad:1d:c0:c4:e3:09:b8:4e:8d:a1:4d:9e:d4:9d:c6: 77:6f:75:ab -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICB24wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNTA3MDgw ODQ1MTBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDMzRDFCREU3Q0NBNzlD QTk2RDZCNTI2NTYxRDgyQjEyRDUzOUQ1MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6TpyYhKmWkSn/WXowb09iGojhx+EoX7iTjbUUQmukxAwuAFQZ ooXIuv2AmveUXo8jha78+hURVzVrG/ULUGDW/Jxeb5uzM/0fvTwJb5/Z/X5l2W51 WIBlC7X6GCS1iH3aZBrAUjjhYj+qtTi9igwPp7BX+cOpgEfkX1o4ZCHz/iXgEJMz tkmDld7tOZXhDVQ3kliE5nhXCWoKDNxdcNcds/akkNfdSx5a8NGtJd7FK7wwo6bp 27IGMdApthjxng9Slx2FtH3pwFE9SUSY/iEH44BcDZaX7R+x5T26Wv4h4PimR6py yoETRw5z6oThX6zf4CsdSqbFYMWPvMpTzwYRAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUM9G958ynnKlta1JlYdgrEtU51RkwHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvTTlHOTU4eW5uS2x0 YTFKbFlkZ3JFdFU1MVJrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHJvvjANBgkqhkiG9w0BAQsFAAOCAQEAVE3GYrveUNwMczPqKDRUZFE/cUuD GnBVOhGLcpxaaGG8xYDxIFHZGI4EXIPcyeaKR8hm+zlu3Iq+AhF0hBUZLR/82xvf YD1qrciI5ANFlc0Q0glcV43/cikI6Khe4+2ohEsXg8N0Kim3jB2vBpQOsSwdKdJf wdLihh6htcaF4Sow1NnUfhMLw1hs6t2t1Xlx60V6CvgqsI4QXzu6txQhpv8KGiJ6 SB2ndWcaquymgISimNJqMbSDr50hlfWGABOPNlGHe+PJ63pMzZBZFivH5bd3sIQ8 RttQfvCL3/llHBbED2yHMAY+X4hZhYcMrR3AxOMJuE6NoU2e1J3Gd291qw== -----END CERTIFICATE-----Generated at Sun Jul 20 12:36:18 2025 by rpki-client