$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/gdaYRJTDZoV5Ly2TEDIcQAj_0ZA.roa File: gdaYRJTDZoV5Ly2TEDIcQAj_0ZA.roa (raw, json) Hash identifier: rpw21+tvlf/wZr5WmhbElQQ1SJJ1prg8/scEBm0IMpQ= Subject key identifier: 81:D6:98:44:94:C3:66:85:79:2F:2D:93:10:32:1C:40:08:FF:D1:90 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 13BD Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/gdaYRJTDZoV5Ly2TEDIcQAj_0ZA.roa Signing time: Wed 16 Jul 2025 09:05:18 +0000 ROA not before: Wed 16 Jul 2025 09:05:18 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 62387 IP address blocks: 101.232.88.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:40:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5053 (0x13bd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Jul 16 09:05:18 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=81D6984494C36685792F2D9310321C4008FFD190 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:63:40:0e:f0:f6:85:4d:c1:b1:03:d9:17:22: 08:c3:21:92:9f:1d:e0:b8:56:03:23:55:5c:53:95: 8c:25:8c:3f:31:d3:0c:57:92:32:af:8b:2e:9d:09: ea:06:8c:06:70:d5:bf:1f:9c:c8:5a:89:8a:5a:34: 0f:97:e0:25:1a:84:cf:0b:29:1c:8e:05:63:5c:25: 9c:bd:bc:80:48:3e:31:cd:9e:f5:45:30:95:30:61: 5c:96:fc:16:b2:16:1a:bf:6c:bf:53:61:87:46:c7: 8f:ae:a0:30:9f:d1:cb:b0:de:34:d1:f1:b0:43:1b: 89:12:99:95:46:81:f2:9f:e8:a1:ab:fb:67:33:06: 6f:b2:70:bc:76:82:b0:b3:14:f2:c5:3e:03:23:e0: 0c:5e:43:92:69:89:69:25:e1:fa:51:cd:f6:a7:c4: f7:30:23:90:11:8d:92:9d:b1:7c:81:c3:7f:4d:df: 8d:89:0b:9f:e2:4d:4d:d7:af:82:e1:6f:e9:fe:6e: 07:32:d8:9e:66:e8:a5:a0:15:8a:56:46:02:fc:a6: 82:98:ba:b7:eb:e0:f3:59:49:68:af:85:35:8f:f3: 37:68:44:56:09:e7:7d:3d:fa:f4:0e:ed:db:25:bb: 9c:41:e9:de:b1:59:4c:cc:67:f8:b5:67:ee:10:b5: 07:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:D6:98:44:94:C3:66:85:79:2F:2D:93:10:32:1C:40:08:FF:D1:90 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/gdaYRJTDZoV5Ly2TEDIcQAj_0ZA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.88.0/22 Signature Algorithm: sha256WithRSAEncryption 91:10:fb:8c:0e:4e:86:72:ad:ef:44:9d:bf:d8:d3:ae:49:85: 67:6b:4b:67:6c:b1:58:b4:53:39:55:e0:b4:57:21:cb:72:09: ed:1c:38:71:d5:67:ca:1d:f1:35:ec:49:4e:af:6c:e4:6f:4a: 02:8a:7f:58:55:c5:94:64:64:a4:30:4d:c4:8a:dd:68:70:74: f2:f1:a5:20:a0:05:7d:78:d1:f8:dd:29:6c:77:01:17:f6:c2: 8a:05:c9:aa:23:74:cc:e4:d0:b2:97:7e:a4:90:0a:ea:56:c5: 3d:c5:d4:fa:8f:19:f0:0c:a0:ab:02:85:df:3b:75:50:57:a6: a6:97:d1:29:29:91:ec:dd:af:b9:80:fc:74:5c:c0:f0:60:46: b0:3d:a9:1c:9b:5e:cb:81:ca:43:d5:c2:0f:5f:c0:7d:33:c5: 1a:7d:c8:ed:6a:f3:9b:30:43:dd:a9:ca:35:27:94:6f:36:d4: 43:56:92:97:93:db:93:5f:b1:05:22:99:b4:74:23:60:69:ef: a3:a2:2a:be:c1:71:38:a3:1d:6d:8f:97:63:30:ca:27:2f:74: b3:83:91:df:80:af:3d:82:f6:59:52:cc:88:0a:73:e0:2f:be: fd:03:05:7b:d7:6d:c9:78:d1:ba:dc:e1:83:67:14:1a:34:af: 06:9c:7b:af -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICE70wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA3MTYw OTA1MThaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDgxRDY5ODQ0OTRDMzY2 ODU3OTJGMkQ5MzEwMzIxQzQwMDhGRkQxOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpY0AO8PaFTcGxA9kXIgjDIZKfHeC4VgMjVVxTlYwljD8x0wxX kjKviy6dCeoGjAZw1b8fnMhaiYpaNA+X4CUahM8LKRyOBWNcJZy9vIBIPjHNnvVF MJUwYVyW/BayFhq/bL9TYYdGx4+uoDCf0cuw3jTR8bBDG4kSmZVGgfKf6KGr+2cz Bm+ycLx2grCzFPLFPgMj4AxeQ5JpiWkl4fpRzfanxPcwI5ARjZKdsXyBw39N342J C5/iTU3Xr4Lhb+n+bgcy2J5m6KWgFYpWRgL8poKYurfr4PNZSWivhTWP8zdoRFYJ 5309+vQO7dslu5xB6d6xWUzMZ/i1Z+4QtQf1AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUgdaYRJTDZoV5Ly2TEDIcQAj/0ZAwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2dkYVlSSlREWm9WNUx5 MlRFREljUUFqXzBaQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6FgwDQYJKoZIhvcNAQELBQADggEBAJEQ+4wOToZyre9Enb/Y065JhWdrS2ds sVi0UzlV4LRXIctyCe0cOHHVZ8od8TXsSU6vbORvSgKKf1hVxZRkZKQwTcSK3Whw dPLxpSCgBX140fjdKWx3ARf2wooFyaojdMzk0LKXfqSQCupWxT3F1PqPGfAMoKsC hd87dVBXpqaX0Skpkezdr7mA/HRcwPBgRrA9qRybXsuBykPVwg9fwH0zxRp9yO1q 85swQ92pyjUnlG821ENWkpeT25NfsQUimbR0I2Bp76OiKr7BcTijHW2Pl2Mwyicv dLODkd+Arz2C9llSzIgKc+Avvv0DBXvXbcl40brc4YNnFBo0rwace68= -----END CERTIFICATE-----Generated at Sun Jul 20 12:41:12 2025 by rpki-client