$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/OuYp8XIeOpFVWkKB7XswdJgnIRM.roa File: OuYp8XIeOpFVWkKB7XswdJgnIRM.roa (raw, json) Hash identifier: VYIyv/h5aEn7YDYIjq1O4Bfc0+pkkTcqwHRPymGpjq0= Subject key identifier: 3A:E6:29:F1:72:1E:3A:91:55:5A:42:81:ED:7B:30:74:98:27:21:13 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 13B4 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/OuYp8XIeOpFVWkKB7XswdJgnIRM.roa Signing time: Wed 16 Jul 2025 09:00:03 +0000 ROA not before: Wed 16 Jul 2025 09:00:03 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 62387 IP address blocks: 101.232.36.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:40:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5044 (0x13b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Jul 16 09:00:03 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=3AE629F1721E3A91555A4281ED7B307498272113 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:60:a9:d2:6a:9c:5b:0d:f8:2f:ab:13:7a:c1: 4b:1d:83:b3:18:b1:2b:92:7b:5c:7a:a8:72:b6:6c: ba:35:00:98:f0:de:ec:f8:f3:ce:48:ca:d4:f7:61: fe:59:0a:89:f8:9e:ae:6b:f7:7f:f5:86:be:59:86: 64:b7:79:04:cc:92:a9:69:6d:f7:7e:c0:ec:f8:d0: 59:ab:fa:ae:c5:17:64:4f:cb:26:b1:ea:ba:ee:80: 11:cd:0f:f1:be:5c:43:67:7b:42:5b:60:67:40:21: 0f:97:f8:70:6a:7e:be:78:73:82:ac:bf:ed:97:12: 78:2b:bd:98:dc:6c:68:e7:6a:7d:de:21:74:9d:a4: 7a:8f:fa:fe:6a:76:8f:16:2c:37:08:29:ca:bc:83: 68:8e:ab:ff:28:85:49:04:be:f3:c6:12:32:f9:6d: 9c:87:63:99:dd:c1:09:86:72:93:54:9b:10:39:e5: 6a:b1:4d:34:ad:ee:9b:4f:0b:b8:4c:e1:2e:47:7b: 45:26:d7:0f:bd:16:03:eb:a1:d4:77:75:69:45:e2: 04:fb:8d:e3:7c:22:4c:bb:9a:73:9c:9a:c0:6f:b2: c1:5f:9d:df:e6:a1:f3:89:3d:bb:61:e7:61:d7:6c: 7d:18:df:d5:4c:41:c4:54:73:4f:6b:9c:33:29:51: ec:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:E6:29:F1:72:1E:3A:91:55:5A:42:81:ED:7B:30:74:98:27:21:13 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/OuYp8XIeOpFVWkKB7XswdJgnIRM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.36.0/22 Signature Algorithm: sha256WithRSAEncryption 63:23:a8:61:05:c8:ad:3a:1b:af:f9:3d:02:36:e1:cc:d0:e8: ea:5d:db:27:5e:c3:90:c5:04:90:2d:bb:10:dd:1e:b3:63:a0: f2:d8:ef:f2:68:57:a7:86:f8:dc:c3:97:87:89:63:bf:01:1d: 8b:5e:1c:be:16:90:d1:b7:f6:8c:4e:ce:1d:fd:42:b8:9c:42: 10:fc:5b:83:90:e9:dc:78:17:f9:77:a3:35:c5:00:bd:1a:eb: 65:2d:d4:0d:bd:7d:c7:3c:ec:ab:8e:2b:fc:43:c7:3b:2e:cc: 5d:f0:cd:13:a7:09:90:4f:91:b0:aa:d8:cc:2b:db:7a:e9:07: 28:99:86:a8:3c:3d:79:1e:a4:f6:72:9f:6f:2e:a5:a4:bc:89: 66:aa:fb:4e:b8:75:59:c4:cc:53:a9:2f:13:20:d6:ad:2b:c3: bc:48:b3:aa:b1:69:8a:3f:c7:3c:b9:9b:5f:ca:1c:a0:c8:b3: 0c:ef:df:12:fe:46:df:0c:de:9e:89:7e:bc:b7:fe:e1:5c:74: 65:df:14:3a:a5:b7:04:f6:a1:77:ea:b3:7d:f5:79:77:bd:82: 23:24:9d:25:b1:a7:41:a7:e5:2e:13:42:3d:66:56:97:bb:da: cb:d4:6e:02:be:a9:a0:f6:20:06:d0:13:43:fa:78:22:20:db: cb:a2:af:3f -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICE7QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA3MTYw OTAwMDNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDNBRTYyOUYxNzIxRTNB OTE1NTVBNDI4MUVEN0IzMDc0OTgyNzIxMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDaYKnSapxbDfgvqxN6wUsdg7MYsSuSe1x6qHK2bLo1AJjw3uz4 885IytT3Yf5ZCon4nq5r93/1hr5ZhmS3eQTMkqlpbfd+wOz40Fmr+q7FF2RPyyax 6rrugBHND/G+XENne0JbYGdAIQ+X+HBqfr54c4Ksv+2XEngrvZjcbGjnan3eIXSd pHqP+v5qdo8WLDcIKcq8g2iOq/8ohUkEvvPGEjL5bZyHY5ndwQmGcpNUmxA55Wqx TTSt7ptPC7hM4S5He0Um1w+9FgProdR3dWlF4gT7jeN8Iky7mnOcmsBvssFfnd/m ofOJPbth52HXbH0Y39VMQcRUc09rnDMpUeyJAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUOuYp8XIeOpFVWkKB7XswdJgnIRMwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL091WXA4WEllT3BGVldr S0I3WHN3ZEpnbklSTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6CQwDQYJKoZIhvcNAQELBQADggEBAGMjqGEFyK06G6/5PQI24czQ6Opd2yde w5DFBJAtuxDdHrNjoPLY7/JoV6eG+NzDl4eJY78BHYteHL4WkNG39oxOzh39Qric QhD8W4OQ6dx4F/l3ozXFAL0a62Ut1A29fcc87KuOK/xDxzsuzF3wzROnCZBPkbCq 2Mwr23rpByiZhqg8PXkepPZyn28upaS8iWaq+064dVnEzFOpLxMg1q0rw7xIs6qx aYo/xzy5m1/KHKDIswzv3xL+Rt8M3p6Jfry3/uFcdGXfFDqltwT2oXfqs331eXe9 giMknSWxp0Gn5S4TQj1mVpe72svUbgK+qaD2IAbQE0P6eCIg28uirz8= -----END CERTIFICATE-----Generated at Sun Jul 20 12:43:18 2025 by rpki-client