$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1211/U2QOBEaQUec1w3h9wSk4j8Tovik.roa File: U2QOBEaQUec1w3h9wSk4j8Tovik.roa (raw, json) Hash identifier: mMOmT5FjcUHV/1RPcbxee8+QxJcxqiZeihBjv4zG84s= Subject key identifier: 53:64:0E:04:46:90:51:E7:35:C3:78:7D:C1:29:38:8F:C4:E8:BE:29 Certificate issuer: /CN=183D882201945BE13993B4C6DAC954F8EE426C97 Certificate serial: 1405 Authority key identifier: 18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/U2QOBEaQUec1w3h9wSk4j8Tovik.roa Signing time: Sat 13 Sep 2025 03:06:55 +0000 ROA not before: Sat 13 Sep 2025 03:06:55 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63701 IP address blocks: 45.123.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 13:36:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5125 (0x1405) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=183D882201945BE13993B4C6DAC954F8EE426C97 Validity Not Before: Sep 13 03:06:55 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=53640E04469051E735C3787DC129388FC4E8BE29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:a7:f8:5d:b7:59:0c:6a:7a:56:88:76:18:63: f2:a7:9e:a1:30:44:cc:e1:2b:c2:43:a2:ba:e8:3d: 53:39:ef:61:19:65:74:82:5f:1b:ea:8f:9d:d9:c3: bd:f9:f5:27:f6:ba:df:6f:7b:c8:bc:7d:02:6f:a4: f9:a4:21:52:10:b5:dd:68:10:31:21:64:69:b9:66: 6c:71:3d:a5:64:a8:61:d2:88:ee:35:35:a0:b0:67: 80:2d:6e:5f:46:3e:d9:12:e0:98:18:c0:78:3d:cc: 0d:5b:37:7f:58:f3:f6:1b:65:eb:02:68:50:79:22: 53:95:44:6c:83:11:57:29:6d:02:f4:2a:bd:02:1a: e9:00:2b:48:b8:54:5a:2a:23:9d:48:18:df:82:37: 14:18:f5:04:13:e5:57:9b:fa:ea:31:68:65:99:33: ad:c6:8c:87:5c:60:62:5e:d4:96:3a:04:60:25:e3: ca:5d:11:9c:4c:52:93:e8:83:33:7e:29:af:81:cd: 52:e2:cc:35:7c:81:56:61:4e:d3:cd:e2:af:48:1b: 7d:c8:4c:06:14:5a:58:66:17:3c:cb:f6:21:8a:fc: 5b:14:bb:f3:9d:d9:4d:fd:19:a9:b1:3a:67:35:c5: 9d:55:c2:12:37:33:e8:d3:71:0b:a9:c0:67:aa:9d: 39:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:64:0E:04:46:90:51:E7:35:C3:78:7D:C1:29:38:8F:C4:E8:BE:29 X509v3 Authority Key Identifier: keyid:18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/U2QOBEaQUec1w3h9wSk4j8Tovik.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.123.128.0/22 Signature Algorithm: sha256WithRSAEncryption 2f:2e:eb:ca:e0:45:15:f6:d8:0d:51:c3:6c:1a:99:b5:98:ee: 8a:96:53:e3:51:e4:a8:f4:7d:4c:46:50:29:de:65:27:e9:ba: a4:27:0d:64:d0:05:ff:6f:59:50:c8:59:5c:93:02:8c:9d:ef: e3:75:3a:47:a2:63:52:c1:d7:a3:b6:48:86:b9:25:33:31:ea: 07:62:f1:3f:2d:a3:6d:80:63:42:0a:65:af:1d:ca:f8:5d:c7: 4b:10:94:ff:dd:b1:3b:e8:4e:58:ef:ff:2d:36:13:a9:a0:3d: 94:87:f2:07:b4:89:b2:6d:04:9c:4b:57:ea:af:df:ae:8c:58: ee:e1:e2:7b:2b:74:75:e7:f3:11:43:62:fd:70:18:cc:0e:fa: 58:0e:70:03:12:b4:0e:71:df:82:cb:36:42:f1:6f:56:1d:01: 5c:c6:ed:44:17:67:80:30:10:a1:9a:d5:96:21:0c:95:d4:6e: 83:0d:9e:b6:a9:d3:06:9e:34:bd:6b:5a:84:2a:5f:ec:ab:6e: 16:90:4e:25:db:ae:48:68:dd:7a:21:08:d6:89:81:18:07:ab: a1:bf:6a:51:c7:bf:00:c5:e2:a2:22:1a:c4:7f:17:6c:fa:e6: 90:42:71:38:9b:c7:8a:d5:d8:f7:6f:8b:b8:27:fc:a7:ba:c4: e9:9b:3b:be -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFAUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTgz RDg4MjIwMTk0NUJFMTM5OTNCNEM2REFDOTU0RjhFRTQyNkM5NzAeFw0yNTA5MTMw MzA2NTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDUzNjQwRTA0NDY5MDUx RTczNUMzNzg3REMxMjkzODhGQzRFOEJFMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8p/hdt1kManpWiHYYY/KnnqEwRMzhK8JDorroPVM572EZZXSC Xxvqj53Zw7359Sf2ut9ve8i8fQJvpPmkIVIQtd1oEDEhZGm5ZmxxPaVkqGHSiO41 NaCwZ4Atbl9GPtkS4JgYwHg9zA1bN39Y8/YbZesCaFB5IlOVRGyDEVcpbQL0Kr0C GukAK0i4VFoqI51IGN+CNxQY9QQT5Veb+uoxaGWZM63GjIdcYGJe1JY6BGAl48pd EZxMUpPogzN+Ka+BzVLizDV8gVZhTtPN4q9IG33ITAYUWlhmFzzL9iGK/FsUu/Od 2U39GamxOmc1xZ1VwhI3M+jTcQupwGeqnTnFAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUU2QOBEaQUec1w3h9wSk4j8TovikwHwYDVR0jBBgwFoAUGD2IIgGUW+E5k7TG 2slU+O5CbJcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx MS9HRDJJSWdHVVctRTVrN1RHMnNsVS1PNUNiSmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0dEMklJZ0dVVy1FNWs3VEcyc2xVLU81Q2JKYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTEvVTJRT0JFYVFVZWMx dzNoOXdTazRqOFRvdmlrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAi17gDANBgkqhkiG9w0BAQsFAAOCAQEALy7ryuBFFfbYDVHDbBqZtZjuipZT 41HkqPR9TEZQKd5lJ+m6pCcNZNAF/29ZUMhZXJMCjJ3v43U6R6JjUsHXo7ZIhrkl MzHqB2LxPy2jbYBjQgplrx3K+F3HSxCU/92xO+hOWO//LTYTqaA9lIfyB7SJsm0E nEtX6q/froxY7uHieyt0defzEUNi/XAYzA76WA5wAxK0DnHfgss2QvFvVh0BXMbt RBdngDAQoZrVliEMldRugw2etqnTBp40vWtahCpf7KtuFpBOJduuSGjdeiEI1omB GAerob9qUce/AMXioiIaxH8XbPrmkEJxOJvHitXY92+LuCf8p7rE6Zs7vg== -----END CERTIFICATE-----Generated at Tue Oct 21 11:28:40 2025 by rpki-client