$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1630/d2sYkPTL92v9TaXcJHXLIV8eCaM.roa File: d2sYkPTL92v9TaXcJHXLIV8eCaM.roa (raw, json) Hash identifier: cJEnNuYf/jm+XnYMy8z9oAFzIGlCSCdP5F9vIGVn4P0= Subject key identifier: 77:6B:18:90:F4:CB:F7:6B:FD:4D:A5:DC:24:75:CB:21:5F:1E:09:A3 Certificate issuer: /CN=4C1FB553FF23312CD9C25DE1DA72048F06483C5A Certificate serial: 206B Authority key identifier: 4C:1F:B5:53:FF:23:31:2C:D9:C2:5D:E1:DA:72:04:8F:06:48:3C:5A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/d2sYkPTL92v9TaXcJHXLIV8eCaM.roa Signing time: Sat 13 Sep 2025 03:07:31 +0000 ROA not before: Sat 13 Sep 2025 03:07:31 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63677 IP address blocks: 27.0.204.0/22 maxlen: 24 27.0.208.0/22 maxlen: 24 27.0.212.0/22 maxlen: 24 103.208.48.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/TB-1U_8jMSzZwl3h2nIEjwZIPFo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/TB-1U_8jMSzZwl3h2nIEjwZIPFo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:06:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8299 (0x206b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4C1FB553FF23312CD9C25DE1DA72048F06483C5A Validity Not Before: Sep 13 03:07:31 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=776B1890F4CBF76BFD4DA5DC2475CB215F1E09A3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:4e:62:d6:db:42:f9:28:46:6c:88:43:af:97: 8d:9a:2c:f3:58:53:ba:62:d6:f6:76:77:f3:bc:e9: cd:0e:c9:fa:d0:ed:79:ae:fd:30:50:b5:49:ab:50: 11:6f:34:b9:3c:80:64:4f:08:31:c9:29:15:a6:f7: 05:70:a9:7a:7f:23:fa:aa:eb:2e:bd:a3:fa:0c:7d: c5:d2:9c:48:5a:3a:72:3d:ae:95:d6:74:46:60:29: 08:45:ea:0d:5e:e7:40:4b:36:db:30:18:6d:e7:bc: 12:d6:ca:6c:97:59:0b:6b:ca:0a:80:8a:08:90:85: fc:10:38:9e:d3:62:01:04:70:62:57:77:58:54:53: c3:76:1d:63:53:ca:08:14:9a:df:6f:51:1c:5c:56: 53:e1:29:b8:c5:e5:20:77:5b:3a:86:f1:7a:45:b7: 57:8d:93:64:06:a7:6e:ce:7f:7c:b9:8f:64:a3:b8: 2f:5d:3a:a6:cb:e7:7b:16:c3:35:b6:6b:e2:3c:5e: fd:98:0b:34:a2:ce:56:16:3b:f6:b6:d4:70:9d:87: 7b:9f:aa:e0:21:7d:85:23:ae:72:ad:51:67:03:ce: 19:78:a7:40:25:29:4b:b2:08:07:f3:44:15:89:72: e7:cf:a6:43:65:06:b1:1c:a1:b7:85:4b:7c:31:17: 8f:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:6B:18:90:F4:CB:F7:6B:FD:4D:A5:DC:24:75:CB:21:5F:1E:09:A3 X509v3 Authority Key Identifier: keyid:4C:1F:B5:53:FF:23:31:2C:D9:C2:5D:E1:DA:72:04:8F:06:48:3C:5A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/TB-1U_8jMSzZwl3h2nIEjwZIPFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/d2sYkPTL92v9TaXcJHXLIV8eCaM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 27.0.204.0-27.0.215.255 103.208.48.0/22 Signature Algorithm: sha256WithRSAEncryption 6a:23:8a:7f:e5:be:84:05:ca:ef:16:d8:8e:69:a9:b9:55:5d: 7f:ee:59:6e:16:63:c8:3e:bc:91:f5:aa:e2:15:c0:87:14:10: 7c:38:27:a7:04:29:74:65:72:9b:ca:2d:99:3d:62:0a:89:e5: 25:66:e7:5f:52:52:59:25:77:17:4a:83:0f:4f:a7:37:a8:d7: a2:a5:0e:8d:93:16:08:29:ac:5f:bc:57:27:32:c0:48:c9:1a: f5:79:e5:87:46:ed:85:31:eb:73:6c:f6:28:2c:79:9e:c1:9f: 77:3e:98:d2:22:4a:95:ff:81:ef:79:5e:82:56:10:33:2c:94: e7:e1:49:d9:1d:59:15:80:a1:4d:e2:be:0e:83:42:27:ec:a0: 9a:f7:ae:f5:28:b4:1f:67:87:24:db:55:6a:22:7f:37:1d:14: 98:6b:35:87:aa:de:61:6a:95:7a:70:6b:37:13:0d:84:aa:a4: 41:01:8c:fe:27:ae:f8:25:eb:46:9e:df:93:69:c0:11:7b:71: 30:8e:b9:3b:73:69:db:e1:0a:e5:76:cd:77:4a:9f:7a:1f:4a: cf:24:3b:9f:d5:cf:ae:b0:f4:72:5f:08:4a:36:16:ec:34:e6: 2d:57:4c:6d:08:40:b2:4a:a2:2c:bd:3e:d6:d1:b6:35:76:ea: 85:47:e5:9f -----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgICIGswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEMx RkI1NTNGRjIzMzEyQ0Q5QzI1REUxREE3MjA0OEYwNjQ4M0M1QTAeFw0yNTA5MTMw MzA3MzFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDc3NkIxODkwRjRDQkY3 NkJGRDREQTVEQzI0NzVDQjIxNUYxRTA5QTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDiTmLW20L5KEZsiEOvl42aLPNYU7pi1vZ2d/O86c0OyfrQ7Xmu /TBQtUmrUBFvNLk8gGRPCDHJKRWm9wVwqXp/I/qq6y69o/oMfcXSnEhaOnI9rpXW dEZgKQhF6g1e50BLNtswGG3nvBLWymyXWQtrygqAigiQhfwQOJ7TYgEEcGJXd1hU U8N2HWNTyggUmt9vURxcVlPhKbjF5SB3WzqG8XpFt1eNk2QGp27Of3y5j2SjuC9d OqbL53sWwzW2a+I8Xv2YCzSizlYWO/a21HCdh3ufquAhfYUjrnKtUWcDzhl4p0Al KUuyCAfzRBWJcufPpkNlBrEcobeFS3wxF49LAgMBAAGjggIBMIIB/TAdBgNVHQ4E FgQUd2sYkPTL92v9TaXcJHXLIV8eCaMwHwYDVR0jBBgwFoAUTB+1U/8jMSzZwl3h 2nIEjwZIPFowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTYz MC9UQi0xVV84ak1Telp3bDNoMm5JRWp3WklQRm8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1RCLTFVXzhqTVN6WndsM2gybklFandaSVBGby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2MzAvZDJzWWtQVEw5MnY5 VGFYY0pIWExJVjhlQ2FNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEw FDAMAwQCGwDMAwQDGwDQAwQCZ9AwMA0GCSqGSIb3DQEBCwUAA4IBAQBqI4p/5b6E BcrvFtiOaam5VV1/7lluFmPIPryR9ariFcCHFBB8OCenBCl0ZXKbyi2ZPWIKieUl ZudfUlJZJXcXSoMPT6c3qNeipQ6NkxYIKaxfvFcnMsBIyRr1eeWHRu2FMetzbPYo LHmewZ93PpjSIkqV/4HveV6CVhAzLJTn4UnZHVkVgKFN4r4Og0In7KCa9671KLQf Z4ck21VqIn83HRSYazWHqt5hapV6cGs3Ew2EqqRBAYz+J674JetGnt+TacARe3Ew jrk7c2nb4Qrlds13Sp96H0rPJDuf1c+usPRyXwhKNhbsNOYtV0xtCECySqIsvT7W 0bY1duqFR+Wf -----END CERTIFICATE-----Generated at Mon Oct 20 15:35:46 2025 by rpki-client