$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/f2PyQIUt5zhPg4_8WbgZOHsPaqE.roa File: f2PyQIUt5zhPg4_8WbgZOHsPaqE.roa (raw, json) Hash identifier: U5hkuIa2+k+jjEpyNr5st4B7srXN5TgKvIY2LtGqrhQ= Subject key identifier: 7F:63:F2:40:85:2D:E7:38:4F:83:8F:FC:59:B8:19:38:7B:0F:6A:A1 Certificate issuer: /CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Certificate serial: 20B0 Authority key identifier: 88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/f2PyQIUt5zhPg4_8WbgZOHsPaqE.roa Signing time: Sat 13 Sep 2025 03:05:50 +0000 ROA not before: Sat 13 Sep 2025 03:05:50 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63641 IP address blocks: 123.49.245.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8368 (0x20b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Validity Not Before: Sep 13 03:05:50 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=7F63F240852DE7384F838FFC59B819387B0F6AA1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:b3:b6:d8:b5:e9:63:3f:8f:b3:56:45:8f:e5: 94:15:6b:8a:a1:94:d4:8f:ce:69:7f:25:04:b1:2e: 71:50:4e:82:9d:02:d9:50:7f:38:5f:78:a4:38:9a: 7c:1b:aa:3b:37:65:ce:64:5c:f1:30:e8:94:1d:32: 97:52:d1:b5:3d:41:46:a5:24:04:a4:3c:6a:fd:db: 6c:a8:b0:65:ab:5b:95:e9:8d:8b:5a:0b:97:2e:8c: 06:d5:ca:4f:ae:90:d6:73:c8:91:89:c2:8f:29:2c: 62:0d:15:05:a1:6b:7f:8d:b3:56:c4:39:43:92:a8: fd:3e:9e:f4:9c:83:d3:65:72:51:22:ab:99:44:b1: 14:67:a5:c8:10:b4:de:98:8c:f8:03:b8:bf:9e:4e: 9a:9e:ab:47:20:a1:01:3d:8e:73:a8:57:e6:f9:ad: 98:b9:7e:09:33:48:1e:bd:e1:21:1a:94:b1:c3:8f: bf:7c:2c:e5:e0:51:46:c5:0a:9d:20:3b:85:99:11: f9:12:c7:90:9d:bc:e0:26:63:fc:70:e4:d3:da:66: 6f:77:35:5a:1d:ce:7d:5b:a7:aa:d7:89:46:80:61: 76:71:94:f7:36:69:7a:fc:37:36:29:b0:3a:29:01: 60:79:9c:11:d6:0d:5c:d9:f8:5d:8c:45:ab:db:d3: 29:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:63:F2:40:85:2D:E7:38:4F:83:8F:FC:59:B8:19:38:7B:0F:6A:A1 X509v3 Authority Key Identifier: keyid:88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/f2PyQIUt5zhPg4_8WbgZOHsPaqE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.49.245.0/24 Signature Algorithm: sha256WithRSAEncryption 9d:83:59:3d:40:96:1e:ca:9b:08:9f:50:47:3d:70:af:02:cd: 6e:10:a5:a5:75:68:2e:8e:6a:e6:c5:7c:c6:f9:e6:b9:48:2b: 61:21:87:01:3f:98:c1:76:a2:24:32:3c:4d:02:c1:9d:4a:cb: 27:2a:ff:78:9a:e2:de:2e:0a:16:19:d0:22:a8:5a:72:fb:72: 45:02:25:b5:1b:9a:ff:0d:a5:98:63:bd:2e:d1:b6:28:f9:62: 8c:e2:74:54:76:40:8b:23:af:13:e2:aa:49:d3:c1:f4:40:95: df:5e:59:b6:16:a7:d7:63:b3:c1:6c:b7:c4:e5:18:06:dc:60: 08:5f:23:16:f1:29:9b:f5:0d:3d:70:d2:7a:71:66:aa:ce:d0: c5:7f:31:c9:13:f3:54:a3:dc:b7:75:96:e1:0c:ec:04:43:eb: 8f:fb:91:3a:30:94:e8:a7:9d:10:8f:79:04:30:6c:ab:b6:66: 8c:3d:3c:b7:05:52:04:a7:60:28:e0:57:a9:a7:5d:a6:22:ac: 5c:a5:85:da:aa:93:75:e1:a1:05:fd:0c:87:37:20:e5:34:71: 12:30:05:67:d6:d0:71:15:cf:b3:e8:db:48:89:b5:1f:6b:fd: a2:d4:5d:cb:aa:28:37:40:51:4c:9d:21:8c:4a:5a:be:33:bc: 02:89:97:28 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICILAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg4 ODRENEQ0QTc1RjE3RjA4REQ0NENCQTk1OTJGRTcwRjUzOUQ5NzAeFw0yNTA5MTMw MzA1NTBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDdGNjNGMjQwODUyREU3 Mzg0RjgzOEZGQzU5QjgxOTM4N0IwRjZBQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCws7bYteljP4+zVkWP5ZQVa4qhlNSPzml/JQSxLnFQToKdAtlQ fzhfeKQ4mnwbqjs3Zc5kXPEw6JQdMpdS0bU9QUalJASkPGr922yosGWrW5XpjYta C5cujAbVyk+ukNZzyJGJwo8pLGINFQWha3+Ns1bEOUOSqP0+nvScg9NlclEiq5lE sRRnpcgQtN6YjPgDuL+eTpqeq0cgoQE9jnOoV+b5rZi5fgkzSB694SEalLHDj798 LOXgUUbFCp0gO4WZEfkSx5CdvOAmY/xw5NPaZm93NVodzn1bp6rXiUaAYXZxlPc2 aXr8NzYpsDopAWB5nBHWDVzZ+F2MRavb0ym9AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUf2PyQIUt5zhPg4/8WbgZOHsPaqEwHwYDVR0jBBgwFoAUiIhNTUp18X8I3UTL qVkv5w9TnZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy Mi9pSWhOVFVwMThYOEkzVVRMcVZrdjV3OVRuWmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2lJaE5UVXAxOFg4STNVVExxVmt2NXc5VG5aYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIvZjJQeVFJVXQ1emhQ ZzRfOFdiZ1pPSHNQYXFFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHsx9TANBgkqhkiG9w0BAQsFAAOCAQEAnYNZPUCWHsqbCJ9QRz1wrwLNbhCl pXVoLo5q5sV8xvnmuUgrYSGHAT+YwXaiJDI8TQLBnUrLJyr/eJri3i4KFhnQIqha cvtyRQIltRua/w2lmGO9LtG2KPlijOJ0VHZAiyOvE+KqSdPB9ECV315Zthan12Oz wWy3xOUYBtxgCF8jFvEpm/UNPXDSenFmqs7QxX8xyRPzVKPct3WW4QzsBEPrj/uR OjCU6KedEI95BDBsq7ZmjD08twVSBKdgKOBXqaddpiKsXKWF2qqTdeGhBf0Mhzcg 5TRxEjAFZ9bQcRXPs+jbSIm1H2v9otRdy6ooN0BRTJ0hjEpavjO8AomXKA== -----END CERTIFICATE-----Generated at Mon Oct 20 22:35:33 2025 by rpki-client