$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/j62s71G-cZ3fjPif5hiGxzQcpI4.roa File: j62s71G-cZ3fjPif5hiGxzQcpI4.roa (raw, json) Hash identifier: xrm120S0nhNiznUYDg7E1X/4dsjXKyElBZ6rTL9Zrn0= Subject key identifier: 8F:AD:AC:EF:51:BE:71:9D:DF:8C:F8:9F:E6:18:86:C7:34:1C:A4:8E Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Certificate serial: 076F Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/j62s71G-cZ3fjPif5hiGxzQcpI4.roa Signing time: Tue 08 Jul 2025 08:45:11 +0000 ROA not before: Tue 08 Jul 2025 08:45:11 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146762 IP address blocks: 114.111.184.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:43:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1903 (0x76f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Validity Not Before: Jul 8 08:45:11 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=8FADACEF51BE719DDF8CF89FE61886C7341CA48E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:0d:32:10:67:1b:38:fe:56:d9:6a:a4:c3:f1: ac:1b:a4:08:bc:32:b0:33:71:06:36:f2:de:f8:5d: 06:59:f7:86:84:98:c4:ef:92:54:1d:09:00:d6:ba: 3b:2e:f2:cd:ff:fd:8d:ed:6b:29:58:20:cf:f5:e2: 97:21:9c:51:2d:2a:11:19:6a:83:73:16:e4:d1:fb: c5:54:93:93:a8:4f:cd:6c:6f:df:e3:56:88:20:3b: a3:9e:3e:a9:f5:b2:10:14:1d:37:ec:b9:a3:ad:29: e1:0d:dc:58:d6:bd:bd:fa:58:88:08:d4:5a:5e:7f: 7f:6a:6d:9a:7c:19:e5:44:a1:8f:28:b8:72:fd:73: 2f:b4:2c:86:5d:5b:5e:24:20:c4:f2:d8:e3:13:bd: 41:ac:06:73:78:df:64:3c:24:52:ee:59:13:1e:c3: 4e:e9:44:9a:3f:72:9f:86:ad:98:4a:2c:47:9e:6c: 28:43:66:97:78:55:9f:70:d2:21:e4:d0:c3:47:53: 48:d3:85:3e:3d:64:80:57:ee:d1:70:2c:68:71:66: fb:f6:6d:25:44:c4:7d:10:0a:5a:ad:ed:81:c6:81: cf:c6:8b:7d:9c:11:8b:2e:b2:e1:78:32:40:13:95: 9e:cd:dd:e1:d8:89:de:35:3c:fe:27:93:80:89:40: a7:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:AD:AC:EF:51:BE:71:9D:DF:8C:F8:9F:E6:18:86:C7:34:1C:A4:8E X509v3 Authority Key Identifier: keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/j62s71G-cZ3fjPif5hiGxzQcpI4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.111.184.0/24 Signature Algorithm: sha256WithRSAEncryption d2:38:1a:6e:10:a1:d3:ef:55:85:e1:7b:1a:a1:e4:6d:c8:90: ab:4b:7f:ad:89:81:43:93:d1:e8:8c:1e:ac:0f:06:b8:7d:02: fa:67:e2:55:bd:9d:ae:6d:2c:61:ca:e0:c4:09:31:83:8f:e4: 9d:65:56:a2:d2:77:ef:14:f5:9e:dd:7c:78:71:f8:ab:da:a1: e7:34:b3:ca:1e:79:a5:7f:00:af:ad:63:65:d8:a5:f8:40:d4: ab:36:ad:8f:cc:84:70:d6:6b:34:54:8a:9a:81:63:a0:e2:66: 44:ae:05:a6:28:50:f8:3d:33:f5:35:32:3e:7c:71:35:ef:d0: 59:66:ab:15:2f:ce:ad:3e:c8:2b:45:57:82:04:bf:a2:fa:68: f8:2f:dc:2c:5b:c1:a6:e6:a0:e6:d2:98:4c:a0:eb:a5:34:19: a8:23:d5:ae:fd:1e:0e:e8:49:bf:f2:a2:f8:f0:03:fb:a2:d0: a1:cf:43:42:0c:9e:78:9b:65:d6:e8:2a:a7:37:bd:bc:e7:b6: 60:df:93:28:ad:8b:31:f0:09:88:c5:d3:91:66:b1:c7:85:be: 61:bd:01:64:40:68:00:f6:45:fe:42:22:35:e6:37:c2:91:eb: 26:6f:23:7a:6f:53:65:1b:eb:ff:bc:90:a7:9e:47:55:0d:a3: be:ca:37:2f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICB28wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNTA3MDgw ODQ1MTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDhGQURBQ0VGNTFCRTcx OURERjhDRjg5RkU2MTg4NkM3MzQxQ0E0OEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5DTIQZxs4/lbZaqTD8awbpAi8MrAzcQY28t74XQZZ94aEmMTv klQdCQDWujsu8s3//Y3taylYIM/14pchnFEtKhEZaoNzFuTR+8VUk5OoT81sb9/j VoggO6OePqn1shAUHTfsuaOtKeEN3FjWvb36WIgI1Fpef39qbZp8GeVEoY8ouHL9 cy+0LIZdW14kIMTy2OMTvUGsBnN432Q8JFLuWRMew07pRJo/cp+GrZhKLEeebChD Zpd4VZ9w0iHk0MNHU0jThT49ZIBX7tFwLGhxZvv2bSVExH0QClqt7YHGgc/Gi32c EYsusuF4MkATlZ7N3eHYid41PP4nk4CJQKclAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUj62s71G+cZ3fjPif5hiGxzQcpI4wHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvajYyczcxRy1jWjNm alBpZjVoaUd4elFjcEk0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHJvuDANBgkqhkiG9w0BAQsFAAOCAQEA0jgabhCh0+9VheF7GqHkbciQq0t/ rYmBQ5PR6IwerA8GuH0C+mfiVb2drm0sYcrgxAkxg4/knWVWotJ37xT1nt18eHH4 q9qh5zSzyh55pX8Ar61jZdil+EDUqzatj8yEcNZrNFSKmoFjoOJmRK4FpihQ+D0z 9TUyPnxxNe/QWWarFS/OrT7IK0VXggS/ovpo+C/cLFvBpuag5tKYTKDrpTQZqCPV rv0eDuhJv/Ki+PAD+6LQoc9DQgyeeJtl1ugqpze9vOe2YN+TKK2LMfAJiMXTkWax x4W+Yb0BZEBoAPZF/kIiNeY3wpHrJm8jem9TZRvr/7yQp55HVQ2jvso3Lw== -----END CERTIFICATE-----Generated at Sun Jul 20 12:46:54 2025 by rpki-client