$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/omkufBVMUtmDaqzGiglN9cTt4oI.roa File: omkufBVMUtmDaqzGiglN9cTt4oI.roa (raw, json) Hash identifier: 68yuo6ra+V98XeIILSk2sM25HKszPqlIx/tXOhdrYF4= Subject key identifier: A2:69:2E:7C:15:4C:52:D9:83:6A:AC:C6:8A:09:4D:F5:C4:ED:E2:82 Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Certificate serial: 203E Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/omkufBVMUtmDaqzGiglN9cTt4oI.roa Signing time: Tue 26 Aug 2025 05:15:44 +0000 ROA not before: Tue 26 Aug 2025 05:15:44 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 56282 IP address blocks: 103.235.228.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 05:06:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8254 (0x203e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Validity Not Before: Aug 26 05:15:44 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=A2692E7C154C52D9836AACC68A094DF5C4EDE282 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:71:7a:37:34:6a:88:c7:d3:cc:21:de:04:3a: 61:d5:0e:f5:c7:a4:92:63:9b:af:e5:4b:52:8d:1e: 5a:02:a8:59:4d:2a:4b:c1:f2:8c:3d:84:2c:4f:68: f1:43:fb:db:6c:ca:14:00:a6:8d:99:09:88:e7:f9: 5c:ae:90:2d:83:7d:ac:31:43:58:74:0f:e4:2a:37: 87:7c:07:48:60:81:ca:f7:f3:1d:dc:7c:2c:13:c7: 60:ec:72:03:2d:b6:e7:0b:ad:b8:dd:14:a6:75:73: 93:44:b5:f1:ae:e2:3a:25:45:2d:bc:66:e8:8d:08: 9b:e5:7e:49:6a:5a:c7:d9:b5:66:a7:2d:15:1b:f0: d6:4b:a4:5c:db:4e:c0:d4:e4:c9:49:18:76:73:c5: 5f:aa:1f:c2:06:c7:7b:aa:f9:93:45:77:bb:d5:57: b6:1e:7f:78:a2:49:77:4e:93:b4:23:73:50:f1:68: b5:0d:ab:3c:c2:1d:52:2a:79:d4:db:62:1e:74:e0: 23:e7:87:f2:a5:7b:00:97:61:47:62:52:76:1e:bd: 7a:cc:71:14:5d:cb:a8:29:d9:b6:4f:43:41:8e:4e: 5b:9d:9b:ed:41:25:70:c9:e2:b2:ac:4a:19:4e:cd: 51:31:3b:ca:9c:16:71:44:43:71:ee:5e:a5:e9:40: d7:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:69:2E:7C:15:4C:52:D9:83:6A:AC:C6:8A:09:4D:F5:C4:ED:E2:82 X509v3 Authority Key Identifier: keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/omkufBVMUtmDaqzGiglN9cTt4oI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.235.228.0/22 Signature Algorithm: sha256WithRSAEncryption 3d:09:b4:49:1a:94:3f:e1:90:20:27:af:8d:6b:44:ef:d1:4c: 79:af:b3:e8:ee:b8:19:0c:87:c3:01:b9:c6:84:4e:f2:3c:3a: 70:f9:f8:4b:3a:e1:f7:f2:36:30:d7:a6:d4:53:e7:c9:a4:c4: 74:aa:84:35:b7:6b:c7:ea:28:46:36:f3:bf:c3:aa:04:57:01: d4:d9:10:6b:41:46:f6:2c:12:13:cc:21:67:f1:fe:93:38:b4: cf:02:db:e8:19:4b:17:93:78:e9:e7:20:fa:3a:38:ff:49:76: ba:6e:46:26:6e:0c:f7:70:8e:79:5f:49:d2:d6:ab:d6:8f:f7: 32:0b:4d:24:6d:b5:5c:84:e9:33:71:b3:40:6a:fc:81:92:01: 46:d7:90:fa:1f:8c:e3:c5:98:0e:93:c3:e8:92:64:ca:e8:0d: f4:8c:41:ba:5e:6a:17:41:33:51:48:ed:1e:34:d2:7a:f3:94: ec:f1:a6:3e:4c:3e:04:9f:39:63:7b:b8:77:65:80:02:e3:e5: 05:e4:81:be:96:97:cc:7e:c3:27:2c:74:b1:bc:55:c5:89:43: 2e:2c:1a:3b:c8:f4:a4:af:03:5e:7f:c6:57:e3:9b:19:13:74: 42:85:e8:ca:85:e8:07:cf:ef:6b:05:f9:3f:85:7c:08:4b:ad: 94:e5:2e:01 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICID4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTA4MjYw NTE1NDRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEEyNjkyRTdDMTU0QzUy RDk4MzZBQUNDNjhBMDk0REY1QzRFREUyODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqcXo3NGqIx9PMId4EOmHVDvXHpJJjm6/lS1KNHloCqFlNKkvB 8ow9hCxPaPFD+9tsyhQApo2ZCYjn+VyukC2DfawxQ1h0D+QqN4d8B0hggcr38x3c fCwTx2DscgMttucLrbjdFKZ1c5NEtfGu4jolRS28ZuiNCJvlfklqWsfZtWanLRUb 8NZLpFzbTsDU5MlJGHZzxV+qH8IGx3uq+ZNFd7vVV7Yef3iiSXdOk7Qjc1DxaLUN qzzCHVIqedTbYh504CPnh/KlewCXYUdiUnYevXrMcRRdy6gp2bZPQ0GOTludm+1B JXDJ4rKsShlOzVExO8qcFnFEQ3HuXqXpQNcvAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUomkufBVMUtmDaqzGiglN9cTt4oIwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow 7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL29ta3VmQlZNVXRtRGFx ekdpZ2xOOWNUdDRvSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn6+QwDQYJKoZIhvcNAQELBQADggEBAD0JtEkalD/hkCAnr41rRO/RTHmvs+ju uBkMh8MBucaETvI8OnD5+Es64ffyNjDXptRT58mkxHSqhDW3a8fqKEY287/DqgRX AdTZEGtBRvYsEhPMIWfx/pM4tM8C2+gZSxeTeOnnIPo6OP9JdrpuRiZuDPdwjnlf SdLWq9aP9zILTSRttVyE6TNxs0Bq/IGSAUbXkPofjOPFmA6Tw+iSZMroDfSMQbpe ahdBM1FI7R400nrzlOzxpj5MPgSfOWN7uHdlgALj5QXkgb6Wl8x+wycsdLG8VcWJ Qy4sGjvI9KSvA15/xlfjmxkTdEKF6MqF6AfP72sF+T+FfAhLrZTlLgE= -----END CERTIFICATE-----Generated at Mon Sep 8 02:38:12 2025 by rpki-client