$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/187/lwkVdD9XADeiD0DPl7lvqM4ItpQ.roa File: lwkVdD9XADeiD0DPl7lvqM4ItpQ.roa (raw, json) Hash identifier: YYmUXAYWXwrCBJM5y0kPQOh2qDNOuJxksVsvgzTPY7s= Subject key identifier: 97:09:15:74:3F:57:00:37:A2:0F:40:CF:97:B9:6F:A8:CE:08:B6:94 Certificate issuer: /CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361 Certificate serial: 1D00 Authority key identifier: 2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/lwkVdD9XADeiD0DPl7lvqM4ItpQ.roa Signing time: Sat 13 Sep 2025 03:03:54 +0000 ROA not before: Sat 13 Sep 2025 03:03:54 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 18118 IP address blocks: 219.72.160.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 04:05:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7424 (0x1d00) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361 Validity Not Before: Sep 13 03:03:54 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=970915743F570037A20F40CF97B96FA8CE08B694 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:31:da:e6:62:41:5d:9f:a5:da:78:f5:6c:3d: 58:18:d0:99:29:5d:8f:80:6d:ca:11:40:4c:c3:73: 23:3e:52:36:d0:cc:75:d3:84:67:0e:03:01:22:5d: 7f:8d:2a:63:ed:05:a0:c7:0e:07:7c:ec:4f:01:4e: db:1e:32:1d:72:ed:83:2a:89:68:d2:81:12:e0:ed: 28:64:26:2d:ac:ab:38:09:3e:04:ab:5e:da:6e:ca: 6b:be:fe:e8:98:b1:85:d3:1d:ed:62:a8:8e:0b:18: 77:e5:41:14:55:53:0c:8c:86:ac:05:2a:9e:ed:14: 42:f5:dd:53:85:1e:5d:c1:1d:84:bb:c1:3a:16:5d: af:6c:7c:0b:ef:d4:36:7b:98:92:db:49:10:e9:7c: 0e:80:6b:5e:53:9a:0d:ee:5d:59:a3:71:50:04:dd: f2:8e:3b:69:d5:26:0a:65:e8:bd:4e:1c:d6:7e:23: b8:35:70:c1:51:29:92:11:4c:e2:4b:e9:6a:fe:16: a1:28:a1:46:1d:ec:7a:d8:82:be:ec:ce:5c:e0:10: 3c:38:3b:ff:fe:4e:e0:2d:60:ef:2f:18:04:f7:75: 68:97:f6:d2:5d:97:d7:0d:93:29:26:66:96:19:64: 94:9c:02:ea:ab:0d:d2:4e:af:58:86:d2:f5:61:ef: 8c:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:09:15:74:3F:57:00:37:A2:0F:40:CF:97:B9:6F:A8:CE:08:B6:94 X509v3 Authority Key Identifier: keyid:2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/lwkVdD9XADeiD0DPl7lvqM4ItpQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 219.72.160.0/24 Signature Algorithm: sha256WithRSAEncryption 74:9c:c2:7c:6c:0a:ae:42:8e:14:a2:c7:df:4f:18:48:f9:ac: 84:a7:04:88:69:c4:56:b0:13:df:a3:f7:0a:08:d5:e1:64:05: 01:60:aa:e1:6a:64:50:2b:c1:51:f9:8b:b5:26:c8:fe:2c:89: 57:45:98:ef:a6:db:8f:61:af:c4:10:af:64:ef:0c:11:c8:22: f3:40:2f:c3:d1:0f:8a:c3:39:82:71:01:83:59:0c:e4:af:db: b3:55:c3:d7:c8:bf:d5:61:0b:b6:80:f0:2c:03:55:99:e9:ed: 18:c9:a7:3a:b6:97:f5:13:05:37:9f:eb:e0:94:1f:51:05:1c: 97:fb:b5:a2:2d:c4:5a:b3:a0:65:ed:cc:f3:78:3d:30:81:34: b6:0d:00:ef:06:e0:18:f0:a0:7c:c2:93:9f:82:7f:a0:f7:d7: b3:fc:c7:27:16:4a:2a:f7:30:cc:0e:4f:46:ab:2a:c2:e4:02: 10:45:64:1d:f3:67:22:8a:1b:a8:61:bb:47:44:7c:a8:69:4e: 5a:10:79:57:4c:d8:bf:b5:4f:c7:15:90:90:0b:7e:c3:a1:28: 4a:3a:fd:7b:b7:68:ca:e7:3e:6e:19:14:88:ae:37:7d:e0:0b: 4c:76:47:7b:ba:03:c5:5d:d5:34:a7:f9:a4:f9:70:0d:0f:da: 89:7b:be:e8 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHQAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 QzFERTE5NDc0MDM1Q0JFQTY3ODA1NEI2RDk0RjVBRkE1MzM2MTAeFw0yNTA5MTMw MzAzNTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDk3MDkxNTc0M0Y1NzAw MzdBMjBGNDBDRjk3Qjk2RkE4Q0UwOEI2OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIMdrmYkFdn6XaePVsPVgY0JkpXY+AbcoRQEzDcyM+UjbQzHXT hGcOAwEiXX+NKmPtBaDHDgd87E8BTtseMh1y7YMqiWjSgRLg7ShkJi2sqzgJPgSr Xtpuymu+/uiYsYXTHe1iqI4LGHflQRRVUwyMhqwFKp7tFEL13VOFHl3BHYS7wToW Xa9sfAvv1DZ7mJLbSRDpfA6Aa15Tmg3uXVmjcVAE3fKOO2nVJgpl6L1OHNZ+I7g1 cMFRKZIRTOJL6Wr+FqEooUYd7HrYgr7szlzgEDw4O//+TuAtYO8vGAT3dWiX9tJd l9cNkykmZpYZZJScAuqrDdJOr1iG0vVh74xvAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUlwkVdD9XADeiD0DPl7lvqM4ItpQwHwYDVR0jBBgwFoAULowd4ZR0A1y+pngF S22U9a+lM2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3 L0xvd2Q0WlIwQTF5LXBuZ0ZTMjJVOWEtbE0yRS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG93ZDRaUjBBMXktcG5nRlMyMlU5YS1sTTJFLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3L2x3a1ZkRDlYQURlaUQw RFBsN2x2cU00SXRwUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADbSKAwDQYJKoZIhvcNAQELBQADggEBAHScwnxsCq5CjhSix99PGEj5rISnBIhp xFawE9+j9woI1eFkBQFgquFqZFArwVH5i7UmyP4siVdFmO+m249hr8QQr2TvDBHI IvNAL8PRD4rDOYJxAYNZDOSv27NVw9fIv9VhC7aA8CwDVZnp7RjJpzq2l/UTBTef 6+CUH1EFHJf7taItxFqzoGXtzPN4PTCBNLYNAO8G4BjwoHzCk5+Cf6D317P8xycW Sir3MMwOT0arKsLkAhBFZB3zZyKKG6hhu0dEfKhpTloQeVdM2L+1T8cVkJALfsOh KEo6/Xu3aMrnPm4ZFIiuN33gC0x2R3u6A8Vd1TSn+aT5cA0P2ol7vug= -----END CERTIFICATE-----Generated at Tue Oct 21 02:18:41 2025 by rpki-client