$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/XkxfITJS6KXNjdcO4MPaIzhZHAY.roa File: XkxfITJS6KXNjdcO4MPaIzhZHAY.roa (raw, json) Hash identifier: c3157+aWAodGnOB+sDYTlohIqzEMle+d0FP3WlWZyPk= Subject key identifier: 5E:4C:5F:21:32:52:E8:A5:CD:8D:D7:0E:E0:C3:DA:23:38:59:1C:06 Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Certificate serial: 076C Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/XkxfITJS6KXNjdcO4MPaIzhZHAY.roa Signing time: Tue 08 Jul 2025 08:45:10 +0000 ROA not before: Tue 08 Jul 2025 08:45:10 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146762 IP address blocks: 114.111.186.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 17:41:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1900 (0x76c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Validity Not Before: Jul 8 08:45:10 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=5E4C5F213252E8A5CD8DD70EE0C3DA2338591C06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:d4:cd:47:01:c9:b0:8f:e9:c6:1f:6c:a8:67: c9:c1:65:a9:62:d2:f1:0f:5a:c6:00:26:62:de:88: 1c:7c:59:9c:00:76:6f:de:3b:af:63:a7:c3:58:08: f6:17:7b:21:2b:c6:bf:a6:ba:5b:d5:e3:ab:0a:28: 94:ca:43:0d:86:4d:ff:2c:aa:7b:48:1a:eb:9c:46: fe:02:e2:03:4c:f2:0f:3f:5f:69:3c:d5:e9:fc:62: ba:ab:1d:56:62:4a:67:56:b0:e0:7d:7b:7f:69:c6: bd:19:47:2a:fd:e7:b8:d2:de:64:ed:cc:6f:e5:f8: 29:7f:09:00:04:ac:22:9f:c5:5c:3e:51:cb:d0:ba: bf:60:2e:e1:fd:be:5e:52:ad:f7:09:4d:89:a6:a5: 8c:22:79:00:19:0c:02:ec:04:64:6c:cc:c7:c7:54: 8d:20:01:8a:b6:ed:71:3c:ec:45:a4:49:2d:bc:05: d1:4d:b6:89:c9:57:e3:5d:d1:79:d6:08:22:ea:86: bf:9f:db:e2:fd:46:5c:f5:42:55:40:44:21:aa:d4: 64:ea:d4:09:b7:a5:1d:73:b0:64:e6:35:3e:ec:fc: 9e:29:c2:8a:82:2b:74:91:2d:e6:37:f6:96:59:fc: 53:2e:b6:b3:30:c8:bf:7e:a8:46:dd:7a:81:e8:06: 49:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:4C:5F:21:32:52:E8:A5:CD:8D:D7:0E:E0:C3:DA:23:38:59:1C:06 X509v3 Authority Key Identifier: keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/XkxfITJS6KXNjdcO4MPaIzhZHAY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.111.186.0/24 Signature Algorithm: sha256WithRSAEncryption 7e:fd:81:1d:ac:17:95:d9:09:d6:e3:b0:c3:2e:b9:26:5d:90: 7c:fc:ca:98:53:89:da:3f:35:7a:ff:06:f8:b5:0a:75:7d:16: b5:76:8f:7c:f4:9e:a1:04:a9:d0:0d:4d:3c:6c:b5:93:84:5b: bb:62:9b:94:87:e2:b1:27:b5:87:7b:d2:14:81:97:29:e3:13: 4c:2b:8d:7a:b3:1b:e4:c6:c6:e3:9b:ea:82:18:e7:24:93:bf: 7e:f9:2d:8d:4c:ec:45:88:fd:61:a9:4f:1a:4c:e5:eb:2d:18: 32:aa:06:f8:9e:96:63:9f:89:77:e3:5c:21:fe:ae:ef:6a:13: 67:6f:b4:a3:ad:53:4f:30:13:32:34:f1:a4:16:1c:50:37:90: e7:64:7c:e8:ab:d8:bb:84:8c:44:d7:4b:72:60:2a:c3:05:f1: 55:b2:51:39:d5:49:fe:9d:ed:63:d4:25:62:88:e5:0e:29:84: c8:ea:05:5a:82:4d:80:9c:f8:d5:c5:5f:77:96:7c:f3:ea:1d: 83:4d:0f:c6:69:ed:ee:ee:21:13:8a:26:cd:87:0f:2e:ab:5d: 80:db:f4:57:b1:22:7d:3c:d8:b7:54:e9:f6:9f:54:27:4e:85: 0c:d7:3c:aa:36:16:b2:96:57:c7:7e:6b:fd:8e:6d:c9:12:94: 96:5d:15:3d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICB2wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNTA3MDgw ODQ1MTBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVFNEM1RjIxMzI1MkU4 QTVDRDhERDcwRUUwQzNEQTIzMzg1OTFDMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCm1M1HAcmwj+nGH2yoZ8nBZali0vEPWsYAJmLeiBx8WZwAdm/e O69jp8NYCPYXeyErxr+mulvV46sKKJTKQw2GTf8sqntIGuucRv4C4gNM8g8/X2k8 1en8YrqrHVZiSmdWsOB9e39pxr0ZRyr957jS3mTtzG/l+Cl/CQAErCKfxVw+UcvQ ur9gLuH9vl5SrfcJTYmmpYwieQAZDALsBGRszMfHVI0gAYq27XE87EWkSS28BdFN tonJV+Nd0XnWCCLqhr+f2+L9Rlz1QlVARCGq1GTq1Am3pR1zsGTmNT7s/J4pwoqC K3SRLeY39pZZ/FMutrMwyL9+qEbdeoHoBknjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUXkxfITJS6KXNjdcO4MPaIzhZHAYwHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvWGt4ZklUSlM2S1hO amRjTzRNUGFJemhaSEFZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHJvujANBgkqhkiG9w0BAQsFAAOCAQEAfv2BHawXldkJ1uOwwy65Jl2QfPzK mFOJ2j81ev8G+LUKdX0WtXaPfPSeoQSp0A1NPGy1k4Rbu2KblIfisSe1h3vSFIGX KeMTTCuNerMb5MbG45vqghjnJJO/fvktjUzsRYj9YalPGkzl6y0YMqoG+J6WY5+J d+NcIf6u72oTZ2+0o61TTzATMjTxpBYcUDeQ52R86KvYu4SMRNdLcmAqwwXxVbJR OdVJ/p3tY9QlYojlDimEyOoFWoJNgJz41cVfd5Z88+odg00Pxmnt7u4hE4omzYcP LqtdgNv0V7EifTzYt1Tp9p9UJ06FDNc8qjYWspZXx35r/Y5tyRKUll0VPQ== -----END CERTIFICATE-----Generated at Sun Jul 20 16:33:48 2025 by rpki-client