$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/bW5rMLXduH5OFdlVls1j6F0L0EY.roa File: bW5rMLXduH5OFdlVls1j6F0L0EY.roa (raw, json) Hash identifier: cJLjUox3CWvg1tkVaA91G5br3K2WLeJmAK8y8DFXBn8= Subject key identifier: 6D:6E:6B:30:B5:DD:B8:7E:4E:15:D9:55:96:CD:63:E8:5D:0B:D0:46 Certificate issuer: /CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Certificate serial: 20AB Authority key identifier: 88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/bW5rMLXduH5OFdlVls1j6F0L0EY.roa Signing time: Sat 13 Sep 2025 03:05:49 +0000 ROA not before: Sat 13 Sep 2025 03:05:49 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63641 IP address blocks: 123.49.237.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 03:36:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8363 (0x20ab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Validity Not Before: Sep 13 03:05:49 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=6D6E6B30B5DDB87E4E15D95596CD63E85D0BD046 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:52:e0:bc:e0:3d:6f:eb:a6:5a:ed:0d:0c:c8: be:52:a6:34:18:33:b9:df:ea:39:ed:72:31:84:1f: b5:f7:94:e0:b7:ff:6c:f6:08:ca:65:9d:1d:6e:85: 6d:84:9b:53:67:20:62:e7:4b:10:58:30:e2:4e:f9: 94:87:dd:90:f6:d3:cc:fd:60:e0:a9:7c:e2:80:fa: 4d:aa:20:6d:fb:cf:28:bf:fb:31:54:94:7d:69:4d: 74:52:68:b2:84:2f:af:77:d2:28:cc:4d:5c:c1:41: 72:f8:b4:d4:30:f7:fe:d8:bf:c2:64:c7:e9:86:c4: a8:fd:21:56:17:7f:76:ef:4e:b4:7a:9d:d8:48:f2: 77:29:1a:08:26:8e:99:f9:4a:a2:ff:0d:66:b4:b6: 09:2d:36:f1:d9:d9:3e:26:aa:5f:9d:50:8b:fd:97: 2d:47:26:85:e5:bf:b6:a6:65:3c:b2:42:c8:b7:97: b2:d4:bc:4e:76:d6:f4:10:37:b5:22:b8:af:ce:d5: 54:56:38:a8:67:a0:53:19:bb:98:bf:3d:1c:76:42: f2:d2:af:f9:bc:20:a0:a4:92:c2:30:16:c3:05:fc: 14:43:43:69:28:32:fd:4c:d9:b7:e8:7b:d4:09:ca: ec:d4:91:8f:01:65:34:5c:f1:6a:85:76:35:62:95: b3:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:6E:6B:30:B5:DD:B8:7E:4E:15:D9:55:96:CD:63:E8:5D:0B:D0:46 X509v3 Authority Key Identifier: keyid:88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/bW5rMLXduH5OFdlVls1j6F0L0EY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.49.237.0/24 Signature Algorithm: sha256WithRSAEncryption 1c:00:77:69:5e:0d:d5:aa:39:03:2a:fd:08:a7:48:82:51:16: d2:8e:99:29:61:21:2d:26:a5:5f:e8:19:e5:7a:6a:49:ca:26: 47:2b:d9:c0:79:d1:22:7e:b0:89:db:26:40:fa:40:5b:a5:09: 2e:78:c8:c0:bf:32:14:9a:7d:b6:92:db:3f:2b:9f:c4:3c:3d: ae:e2:2e:31:74:92:75:fc:82:ee:6a:e9:fe:0e:f4:a2:69:af: d6:c6:a7:96:18:65:42:6a:3a:c1:6a:73:a0:44:a3:39:4e:7c: 9b:ae:7c:58:b9:76:d8:ba:56:59:50:27:41:a4:74:dd:ed:c9: 0a:2c:46:68:e9:10:9f:e5:22:4c:a4:e7:24:4e:26:8d:3a:31: 78:52:fa:96:7d:00:34:71:b1:70:25:a1:a0:a8:ec:5b:b3:6d: 02:90:bd:aa:fb:11:1e:1c:38:1e:1c:eb:19:0f:3b:77:01:d9: ef:c8:be:1c:71:79:b5:ca:c4:fb:f7:01:6e:97:63:6d:c2:15: 9e:f5:72:54:8a:3f:d1:85:45:97:a3:0c:17:15:3f:79:64:93: c4:37:ed:b4:b6:b8:10:47:e9:b3:04:6a:c9:9b:d1:9c:28:5a: 21:88:d8:10:e4:97:fc:75:8b:8e:69:7f:29:3f:82:47:32:60: 58:a8:36:56 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIKswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg4 ODRENEQ0QTc1RjE3RjA4REQ0NENCQTk1OTJGRTcwRjUzOUQ5NzAeFw0yNTA5MTMw MzA1NDlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDZENkU2QjMwQjVEREI4 N0U0RTE1RDk1NTk2Q0Q2M0U4NUQwQkQwNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7UuC84D1v66Za7Q0MyL5SpjQYM7nf6jntcjGEH7X3lOC3/2z2 CMplnR1uhW2Em1NnIGLnSxBYMOJO+ZSH3ZD208z9YOCpfOKA+k2qIG37zyi/+zFU lH1pTXRSaLKEL6930ijMTVzBQXL4tNQw9/7Yv8Jkx+mGxKj9IVYXf3bvTrR6ndhI 8ncpGggmjpn5SqL/DWa0tgktNvHZ2T4mql+dUIv9ly1HJoXlv7amZTyyQsi3l7LU vE521vQQN7UiuK/O1VRWOKhnoFMZu5i/PRx2QvLSr/m8IKCkksIwFsMF/BRDQ2ko Mv1M2bfoe9QJyuzUkY8BZTRc8WqFdjVilbNxAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUbW5rMLXduH5OFdlVls1j6F0L0EYwHwYDVR0jBBgwFoAUiIhNTUp18X8I3UTL qVkv5w9TnZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy Mi9pSWhOVFVwMThYOEkzVVRMcVZrdjV3OVRuWmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2lJaE5UVXAxOFg4STNVVExxVmt2NXc5VG5aYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIvYlc1ck1MWGR1SDVP RmRsVmxzMWo2RjBMMEVZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHsx7TANBgkqhkiG9w0BAQsFAAOCAQEAHAB3aV4N1ao5Ayr9CKdIglEW0o6Z KWEhLSalX+gZ5XpqScomRyvZwHnRIn6widsmQPpAW6UJLnjIwL8yFJp9tpLbPyuf xDw9ruIuMXSSdfyC7mrp/g70ommv1sanlhhlQmo6wWpzoESjOU58m658WLl22LpW WVAnQaR03e3JCixGaOkQn+UiTKTnJE4mjToxeFL6ln0ANHGxcCWhoKjsW7NtApC9 qvsRHhw4HhzrGQ87dwHZ78i+HHF5tcrE+/cBbpdjbcIVnvVyVIo/0YVFl6MMFxU/ eWSTxDfttLa4EEfpswRqyZvRnChaIYjYEOSX/HWLjml/KT+CRzJgWKg2Vg== -----END CERTIFICATE-----Generated at Tue Oct 21 01:09:30 2025 by rpki-client