$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/uhVLjdBumsHsv-AeLSnwm1WZYFk.roa File: uhVLjdBumsHsv-AeLSnwm1WZYFk.roa (raw, json) Hash identifier: kT8yn5kK4wLC0c9OnXI388BtQg8faVcD+wdEE57aIXg= Subject key identifier: BA:15:4B:8D:D0:6E:9A:C1:EC:BF:E0:1E:2D:29:F0:9B:55:99:60:59 Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Certificate serial: 201A Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/uhVLjdBumsHsv-AeLSnwm1WZYFk.roa Signing time: Tue 26 Aug 2025 04:55:24 +0000 ROA not before: Tue 26 Aug 2025 04:55:24 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23724 IP address blocks: 103.249.252.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 05:06:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8218 (0x201a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Validity Not Before: Aug 26 04:55:24 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=BA154B8DD06E9AC1ECBFE01E2D29F09B55996059 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:8f:15:ec:2f:ca:f4:54:e6:88:b4:38:0f:09: cf:e6:15:6b:2d:fe:37:24:df:28:9a:fc:ae:20:d5: 86:37:67:f4:50:5d:10:13:62:9a:cd:13:e9:0a:f3: 1c:0c:f2:49:b4:93:58:97:28:f0:e3:70:f8:4c:f8: d6:d8:aa:26:11:26:4d:bb:fa:db:67:37:ee:73:59: 6a:67:b9:ee:fc:99:af:8a:9a:c5:8c:d9:d3:dd:37: 05:64:a4:4f:48:76:dc:74:46:49:1a:b4:57:3f:77: b9:48:4a:c2:2b:26:b7:a5:0c:6b:9c:a6:dd:69:67: 9c:ad:7c:a9:5b:84:f1:79:41:cd:59:13:3f:40:3e: 52:58:df:9d:d0:66:77:43:2d:48:e1:f7:fc:61:74: ea:d3:cd:3d:91:e3:c5:80:fe:8c:66:3a:b0:6f:52: f5:f0:2c:de:13:62:29:77:51:7c:89:b4:31:88:3d: 18:c7:ba:5f:0d:18:f3:b6:cb:91:84:dc:c2:8d:8d: 52:96:67:c2:79:a3:86:21:19:23:a9:cf:15:89:53: 35:30:0a:d6:65:53:2f:dc:dc:66:aa:7f:12:9d:f1: 26:54:03:03:d2:16:30:22:fc:5e:b2:63:62:cd:0d: 58:94:20:62:92:4e:06:bd:ce:78:cf:d4:74:ca:8d: ba:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:15:4B:8D:D0:6E:9A:C1:EC:BF:E0:1E:2D:29:F0:9B:55:99:60:59 X509v3 Authority Key Identifier: keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/uhVLjdBumsHsv-AeLSnwm1WZYFk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.249.252.0/22 Signature Algorithm: sha256WithRSAEncryption 8c:07:3f:5b:09:d2:00:cd:0e:e5:9e:33:4a:df:88:6b:a0:10: 1e:10:b0:cc:6c:ad:9e:80:10:57:93:62:6d:01:52:82:3c:f5: 6f:27:ee:ed:e7:ef:c5:c2:d2:fc:50:cd:25:c0:e4:27:4c:f9: 05:16:1f:36:00:8a:b5:75:b1:a3:b9:9a:ff:33:31:f3:3f:c4: 9e:75:8e:01:c8:70:f7:d9:bb:e0:38:15:ef:25:74:7a:6c:a0: 20:32:46:74:cf:07:0d:95:d6:65:99:99:b3:4e:12:0b:93:bd: 79:ff:87:d6:68:ec:61:31:f9:85:d0:b3:e8:26:55:c5:28:8e: 98:e7:1d:34:b9:34:d9:d5:fa:6d:ed:6e:fa:0d:a3:3e:1f:55: 16:19:ff:fb:a5:90:ce:d8:80:12:56:d2:35:5e:25:e8:86:6f: 49:1f:c7:32:46:ab:f4:04:e0:64:05:e6:c6:43:ac:7c:ca:c1: 09:c2:d9:ab:da:38:39:75:ef:1b:2f:31:e8:cf:1e:71:96:c9: 67:75:80:8b:5f:95:30:a0:5b:10:f4:9b:74:29:87:4d:63:ba: f3:46:38:a4:ad:16:c0:52:15:84:97:5d:a2:10:55:28:66:c0: f6:c6:da:84:3f:d4:53:4d:7d:b6:5a:e3:99:9d:10:6f:07:31: 29:44:c1:9b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIBowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTA4MjYw NDU1MjRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEJBMTU0QjhERDA2RTlB QzFFQ0JGRTAxRTJEMjlGMDlCNTU5OTYwNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4jxXsL8r0VOaItDgPCc/mFWst/jck3yia/K4g1YY3Z/RQXRAT YprNE+kK8xwM8km0k1iXKPDjcPhM+NbYqiYRJk27+ttnN+5zWWpnue78ma+KmsWM 2dPdNwVkpE9Idtx0RkkatFc/d7lISsIrJrelDGucpt1pZ5ytfKlbhPF5Qc1ZEz9A PlJY353QZndDLUjh9/xhdOrTzT2R48WA/oxmOrBvUvXwLN4TYil3UXyJtDGIPRjH ul8NGPO2y5GE3MKNjVKWZ8J5o4YhGSOpzxWJUzUwCtZlUy/c3GaqfxKd8SZUAwPS FjAi/F6yY2LNDViUIGKSTga9znjP1HTKjbrvAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUuhVLjdBumsHsv+AeLSnwm1WZYFkwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow 7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL3VoVkxqZEJ1bXNIc3Yt QWVMU253bTFXWllGay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn+fwwDQYJKoZIhvcNAQELBQADggEBAIwHP1sJ0gDNDuWeM0rfiGugEB4QsMxs rZ6AEFeTYm0BUoI89W8n7u3n78XC0vxQzSXA5CdM+QUWHzYAirV1saO5mv8zMfM/ xJ51jgHIcPfZu+A4Fe8ldHpsoCAyRnTPBw2V1mWZmbNOEguTvXn/h9Zo7GEx+YXQ s+gmVcUojpjnHTS5NNnV+m3tbvoNoz4fVRYZ//ulkM7YgBJW0jVeJeiGb0kfxzJG q/QE4GQF5sZDrHzKwQnC2avaODl17xsvMejPHnGWyWd1gItflTCgWxD0m3Qph01j uvNGOKStFsBSFYSXXaIQVShmwPbG2oQ/1FNNfbZa45mdEG8HMSlEwZs= -----END CERTIFICATE-----Generated at Mon Sep 8 02:35:27 2025 by rpki-client