$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/bI4LLxofUt_ZROTf3Ub1ab2lnVI.roa File: bI4LLxofUt_ZROTf3Ub1ab2lnVI.roa (raw, json) Hash identifier: tFMPN6Lx2R1pXXeobEI0u0bkRjvq5vlbaTbVC3XJetU= Subject key identifier: 6C:8E:0B:2F:1A:1F:52:DF:D9:44:E4:DF:DD:46:F5:69:BD:A5:9D:52 Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Certificate serial: 0770 Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/bI4LLxofUt_ZROTf3Ub1ab2lnVI.roa Signing time: Tue 08 Jul 2025 08:45:11 +0000 ROA not before: Tue 08 Jul 2025 08:45:11 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146762 IP address blocks: 114.111.185.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 12:41:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1904 (0x770) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Validity Not Before: Jul 8 08:45:11 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=6C8E0B2F1A1F52DFD944E4DFDD46F569BDA59D52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:56:40:17:c4:d6:21:25:de:ca:90:2a:b9:eb: f2:3c:33:20:f9:86:48:27:07:48:b3:cb:c9:ea:a8: 32:23:d2:8a:a6:68:d8:c2:54:34:4d:94:3d:39:27: c2:64:ce:ca:ff:87:18:c2:4a:66:39:1c:09:20:75: b6:a7:a4:91:03:e8:34:b1:73:7d:29:b1:e5:77:5b: f5:92:0b:25:e5:61:a4:45:2b:5a:b3:ed:ba:00:a8: 4c:9e:ac:41:86:3d:0c:de:e2:fe:f2:bc:5b:7b:86: a6:e0:e5:82:84:eb:c3:66:bc:7f:de:05:fd:74:7b: 49:c3:22:e9:70:67:0a:79:59:3e:1b:1c:79:84:f1: 55:ef:e7:67:6f:8b:ed:cf:13:d1:75:06:b8:83:17: 2a:7a:52:14:3b:46:f1:02:a1:9f:c8:51:a3:1b:28: d7:0f:42:60:80:e4:c0:27:c3:f7:12:8f:1a:96:cc: 3e:7e:33:ff:58:a0:56:39:76:f9:26:b0:e4:a4:09: 4c:2b:b8:ba:7e:0f:8a:68:61:9c:39:f9:76:e2:d9: 9b:19:db:35:03:a5:32:9b:17:e6:99:f4:b4:aa:8d: ed:04:d0:62:8a:1f:06:29:a8:18:e5:e6:77:d4:0b: a6:8d:76:67:89:0e:74:0b:fc:af:ee:67:89:c6:0d: 38:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:8E:0B:2F:1A:1F:52:DF:D9:44:E4:DF:DD:46:F5:69:BD:A5:9D:52 X509v3 Authority Key Identifier: keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/bI4LLxofUt_ZROTf3Ub1ab2lnVI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.111.185.0/24 Signature Algorithm: sha256WithRSAEncryption ac:98:f7:1e:1c:0e:b0:c6:38:75:75:36:fd:bc:d3:21:53:a3: ac:6b:c4:04:52:79:7e:6d:ea:64:c0:d0:27:f5:d6:ce:a1:83: 22:4f:36:2d:a3:44:af:49:31:b7:51:2e:a7:d3:a1:a7:b9:bc: 49:12:5f:0a:d2:46:67:85:c7:8b:50:78:3e:12:84:fb:93:29: bc:10:09:a4:9b:06:d4:65:9f:2c:42:06:88:ff:c9:ae:00:36: 48:a5:10:e5:d6:38:f9:3a:82:a1:c4:7f:de:bb:1b:c9:85:11: 22:0a:f3:43:a4:7a:e6:4b:7c:bc:6e:85:2c:cd:f8:c1:0c:3e: ae:8e:42:f4:35:13:c2:27:3e:50:fb:4c:80:92:3c:a9:57:96: f4:b1:bd:62:9b:65:5b:6b:e1:a6:7b:9e:cf:9b:48:aa:90:1c: f3:35:f3:7e:9a:82:26:c7:35:d4:75:5e:8d:b3:19:e1:a8:cc: e8:1c:db:03:74:93:d8:f9:bb:c2:50:4b:ae:38:2b:d9:01:4c: fe:4f:46:55:ab:ea:72:19:85:ec:55:1e:d0:90:ce:f1:51:a5: 9d:d5:d9:fb:dd:aa:16:63:25:87:17:44:c2:7a:43:71:1e:95: 8e:dd:ee:c6:1a:8c:38:70:af:bc:74:e8:dc:c6:61:53:f2:d5: 36:97:61:e3 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICB3AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNTA3MDgw ODQ1MTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDZDOEUwQjJGMUExRjUy REZEOTQ0RTRERkRENDZGNTY5QkRBNTlENTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCUVkAXxNYhJd7KkCq56/I8MyD5hkgnB0izy8nqqDIj0oqmaNjC VDRNlD05J8Jkzsr/hxjCSmY5HAkgdbanpJED6DSxc30pseV3W/WSCyXlYaRFK1qz 7boAqEyerEGGPQze4v7yvFt7hqbg5YKE68NmvH/eBf10e0nDIulwZwp5WT4bHHmE 8VXv52dvi+3PE9F1BriDFyp6UhQ7RvECoZ/IUaMbKNcPQmCA5MAnw/cSjxqWzD5+ M/9YoFY5dvkmsOSkCUwruLp+D4poYZw5+Xbi2ZsZ2zUDpTKbF+aZ9LSqje0E0GKK HwYpqBjl5nfUC6aNdmeJDnQL/K/uZ4nGDThVAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUbI4LLxofUt/ZROTf3Ub1ab2lnVIwHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvYkk0TEx4b2ZVdF9a Uk9UZjNVYjFhYjJsblZJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHJvuTANBgkqhkiG9w0BAQsFAAOCAQEArJj3HhwOsMY4dXU2/bzTIVOjrGvE BFJ5fm3qZMDQJ/XWzqGDIk82LaNEr0kxt1Eup9Ohp7m8SRJfCtJGZ4XHi1B4PhKE +5MpvBAJpJsG1GWfLEIGiP/JrgA2SKUQ5dY4+TqCocR/3rsbyYURIgrzQ6R65kt8 vG6FLM34wQw+ro5C9DUTwic+UPtMgJI8qVeW9LG9YptlW2vhpnuez5tIqpAc8zXz fpqCJsc11HVejbMZ4ajM6BzbA3ST2Pm7wlBLrjgr2QFM/k9GVavqchmF7FUe0JDO 8VGlndXZ+92qFmMlhxdEwnpDcR6Vjt3uxhqMOHCvvHTo3MZhU/LVNpdh4w== -----END CERTIFICATE-----Generated at Sun Jul 20 12:34:22 2025 by rpki-client