$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/D4lqQvXeV04SRvOMVQ_t58jBmhU.roa File: D4lqQvXeV04SRvOMVQ_t58jBmhU.roa (raw, json) Hash identifier: 8f0gqBdod/bLdz9StGHjQYYsMM10B4Ksg/lcn/AEr88= Subject key identifier: 0F:89:6A:42:F5:DE:57:4E:12:46:F3:8C:55:0F:ED:E7:C8:C1:9A:15 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 139E Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/D4lqQvXeV04SRvOMVQ_t58jBmhU.roa Signing time: Sat 12 Jul 2025 07:17:00 +0000 ROA not before: Sat 12 Jul 2025 07:17:00 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 62387 IP address blocks: 101.232.40.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:40:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5022 (0x139e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Jul 12 07:17:00 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=0F896A42F5DE574E1246F38C550FEDE7C8C19A15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:a6:d1:94:83:32:56:4c:3d:fb:ee:71:ae:63: 81:15:26:c5:0c:f8:e8:71:46:70:ca:32:a2:94:3b: 83:35:8e:7d:48:4b:96:de:09:e6:3e:5b:2e:d3:ac: e5:75:66:9f:77:03:c4:4a:23:d6:00:a8:ea:0e:e6: 9b:fc:60:dc:ba:39:2d:b6:58:1e:9a:cb:18:fc:8c: 10:5c:95:fc:73:fa:5a:18:c9:b9:43:4f:1c:00:36: 76:90:c7:d1:3a:d5:5d:cd:aa:0f:eb:ca:c8:6c:67: f0:75:c5:bc:87:f5:58:2c:5a:a5:38:7b:46:4a:24: b5:22:24:a5:8d:22:f3:02:f6:c3:7d:7c:2f:1c:c7: ee:22:3c:d2:d2:c7:a7:e9:1e:dd:e6:4f:12:c1:55: 5a:7d:66:f0:5d:76:db:6f:2a:8b:e0:2b:e0:b9:5b: 4d:13:e8:d9:78:04:96:28:0d:17:a5:b9:cf:9c:b7: f3:e3:9e:fc:b3:f3:a3:83:a6:4a:8b:2e:4c:ef:b9: a8:76:65:5b:6c:db:89:9b:05:10:85:14:e2:71:7a: b2:15:6c:cd:07:e5:80:4f:c7:a0:72:a7:c0:f7:69: 98:06:5c:68:97:0e:ea:67:b4:be:34:99:01:44:26: fd:6d:09:12:22:92:50:72:84:0a:fe:35:69:c2:93: 41:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:89:6A:42:F5:DE:57:4E:12:46:F3:8C:55:0F:ED:E7:C8:C1:9A:15 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/D4lqQvXeV04SRvOMVQ_t58jBmhU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.40.0/22 Signature Algorithm: sha256WithRSAEncryption 72:77:5d:3b:01:12:8e:1d:35:15:07:7f:ab:41:a4:45:7a:71: 80:1f:87:b6:52:57:d3:52:f0:ae:10:79:38:12:a6:b4:29:32: f1:26:04:b8:1b:c1:20:f8:a7:2c:24:0a:e3:76:f8:dc:a9:13: b3:4b:4c:31:44:3d:8c:a6:0e:a6:88:eb:3c:80:5b:1b:d3:af: 77:20:48:b0:a6:e5:7a:c6:a4:8d:c9:f4:a0:6f:b9:46:50:58: cb:f3:2e:57:58:c8:13:06:85:9a:3d:0f:54:35:7a:b1:db:cd: 9c:b1:31:7c:92:98:fd:11:07:44:d3:e8:eb:98:b1:79:2e:06: 0e:f9:83:f0:64:53:7e:46:0d:0c:89:51:e4:8d:17:35:98:84: 92:94:43:2e:54:6e:88:99:79:70:16:17:b9:61:e5:27:be:dd: 2e:3d:03:73:db:22:3f:d5:a9:90:6d:64:ce:fe:83:ea:7a:c3: cc:1a:fd:45:bc:fd:b5:df:64:31:3d:c4:43:bc:50:da:d5:b2: 2b:3b:61:1f:53:fb:c0:77:de:cc:8f:4f:67:1c:f6:02:2f:0a: 8e:fb:51:68:f9:9e:c8:56:a1:87:35:79:b5:5e:17:74:98:a0: 0a:4e:f9:75:bc:ac:29:26:19:c5:14:36:63:e4:2a:e8:f3:9d: 80:b7:fd:c2 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICE54wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA3MTIw NzE3MDBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBGODk2QTQyRjVERTU3 NEUxMjQ2RjM4QzU1MEZFREU3QzhDMTlBMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDfptGUgzJWTD377nGuY4EVJsUM+OhxRnDKMqKUO4M1jn1IS5be CeY+Wy7TrOV1Zp93A8RKI9YAqOoO5pv8YNy6OS22WB6ayxj8jBBclfxz+loYyblD TxwANnaQx9E61V3Nqg/ryshsZ/B1xbyH9VgsWqU4e0ZKJLUiJKWNIvMC9sN9fC8c x+4iPNLSx6fpHt3mTxLBVVp9ZvBddttvKovgK+C5W00T6Nl4BJYoDReluc+ct/Pj nvyz86ODpkqLLkzvuah2ZVts24mbBRCFFOJxerIVbM0H5YBPx6Byp8D3aZgGXGiX DupntL40mQFEJv1tCRIiklByhAr+NWnCk0HrAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUD4lqQvXeV04SRvOMVQ/t58jBmhUwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0Q0bHFRdlhlVjA0U1J2 T01WUV90NThqQm1oVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6CgwDQYJKoZIhvcNAQELBQADggEBAHJ3XTsBEo4dNRUHf6tBpEV6cYAfh7ZS V9NS8K4QeTgSprQpMvEmBLgbwSD4pywkCuN2+NypE7NLTDFEPYymDqaI6zyAWxvT r3cgSLCm5XrGpI3J9KBvuUZQWMvzLldYyBMGhZo9D1Q1erHbzZyxMXySmP0RB0TT 6OuYsXkuBg75g/BkU35GDQyJUeSNFzWYhJKUQy5UboiZeXAWF7lh5Se+3S49A3Pb Ij/VqZBtZM7+g+p6w8wa/UW8/bXfZDE9xEO8UNrVsis7YR9T+8B33syPT2cc9gIv Co77UWj5nshWoYc1ebVeF3SYoApO+XW8rCkmGcUUNmPkKujznYC3/cI= -----END CERTIFICATE-----Generated at Sun Jul 20 12:47:31 2025 by rpki-client