$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2154/OtIpZlJVrqBZv4DYm3n7oxicAeY.roa File: OtIpZlJVrqBZv4DYm3n7oxicAeY.roa (raw, json) Hash identifier: u0jmtvmR60BP6iQLbAOxNAJQM+4qmDDOk9QC2DnMX5U= Subject key identifier: 3A:D2:29:66:52:55:AE:A0:59:BF:80:D8:9B:79:FB:A3:18:9C:01:E6 Certificate issuer: /CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2 Certificate serial: 0824 Authority key identifier: E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/OtIpZlJVrqBZv4DYm3n7oxicAeY.roa Signing time: Sat 13 Sep 2025 03:04:08 +0000 ROA not before: Sat 13 Sep 2025 03:04:08 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63631 IP address blocks: 119.161.138.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2084 (0x824) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2 Validity Not Before: Sep 13 03:04:08 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3AD229665255AEA059BF80D89B79FBA3189C01E6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:d8:a4:6f:c3:1f:27:75:1c:7a:a4:a5:4b:54: 70:c8:11:3e:a3:a1:36:54:34:3c:f3:54:e5:dd:6d: 1a:81:33:65:f9:5a:19:ad:49:3b:e5:67:25:46:63: 0a:5c:0c:fe:d4:99:54:48:74:cb:97:c3:eb:9d:51: 58:70:4f:c0:ce:9d:92:6c:cd:a2:85:91:8a:cd:1e: 4b:a8:9d:15:9b:5b:2f:b6:24:39:10:29:94:50:b1: 2f:f7:41:6d:e7:e7:17:80:41:e3:d4:42:19:5f:ab: 8c:1d:0a:76:84:d1:6b:98:d8:83:ae:ef:ff:00:1f: 87:56:01:1a:eb:25:0a:0a:3d:49:85:83:b5:eb:c6: fe:5d:ff:e6:b5:43:af:7a:9b:51:b1:61:ba:2d:f8: a0:7e:1f:86:06:44:dc:ee:7c:74:3a:4f:e2:fa:f5: 33:b2:20:be:0e:d4:8c:59:3f:15:e3:5e:63:5f:eb: 2f:f5:1d:a4:e0:f2:60:a5:c6:cf:08:0f:13:b3:6a: 3a:43:36:d6:06:28:52:f0:a2:68:d2:91:8f:c2:3c: 36:c7:52:81:aa:e9:86:10:6b:43:08:ff:f1:25:71: 41:09:9b:f0:7c:52:1d:90:30:f6:0c:3c:9b:f6:db: 19:76:3d:be:30:e2:bc:cc:82:40:06:06:b5:b0:5e: c0:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:D2:29:66:52:55:AE:A0:59:BF:80:D8:9B:79:FB:A3:18:9C:01:E6 X509v3 Authority Key Identifier: keyid:E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/OtIpZlJVrqBZv4DYm3n7oxicAeY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.161.138.0/24 Signature Algorithm: sha256WithRSAEncryption 5b:42:46:de:8b:b3:37:a1:0b:d6:08:5d:2f:f4:48:2a:fc:4e: d3:87:f1:e4:a1:3e:ea:af:9e:18:07:e6:a9:31:a7:11:bd:8e: d4:a6:6a:7a:c2:46:42:25:7a:48:87:93:79:7b:66:62:61:e5: 7d:53:8e:19:d0:31:fc:5e:5d:84:60:4e:c9:5f:90:ff:7f:48: da:c9:84:99:14:92:ef:69:b6:96:78:66:b2:1e:95:51:1b:f2: 52:96:5c:8f:df:e5:d3:6d:2a:fe:0d:d9:86:8e:df:58:c7:62: ca:d1:b9:54:4c:87:f1:27:36:2f:03:8a:b9:33:a6:05:a5:a9: 42:85:45:de:87:48:03:0a:12:0f:d0:5e:a5:6d:c7:9f:18:24: 08:45:91:3e:f0:e3:34:fa:f1:e3:ed:97:47:4e:26:d8:df:e2: 83:5f:97:39:15:01:f9:1f:71:63:d1:54:e4:85:cb:7d:e6:97: 52:05:ee:96:53:d5:5b:9b:3a:fb:78:c8:f1:77:1b:df:3a:b7: 9c:3b:0a:ba:16:1b:cc:d2:85:fc:0a:ce:50:33:ae:44:22:e4: da:30:22:c5:bc:c4:ac:59:58:69:ee:4a:25:b7:7a:2b:46:d9: 39:83:b0:4f:eb:c6:40:b1:d1:9f:49:dd:02:a3:40:58:8e:74: f1:01:76:11 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICCCQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTUw MkRFMkM2MDg2QTY2Mjg0QjgwQ0RCN0I1QUMwQzEyQ0MzRjNDMjAeFw0yNTA5MTMw MzA0MDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDNBRDIyOTY2NTI1NUFF QTA1OUJGODBEODlCNzlGQkEzMTg5QzAxRTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCt2KRvwx8ndRx6pKVLVHDIET6joTZUNDzzVOXdbRqBM2X5Whmt STvlZyVGYwpcDP7UmVRIdMuXw+udUVhwT8DOnZJszaKFkYrNHkuonRWbWy+2JDkQ KZRQsS/3QW3n5xeAQePUQhlfq4wdCnaE0WuY2IOu7/8AH4dWARrrJQoKPUmFg7Xr xv5d/+a1Q696m1GxYbot+KB+H4YGRNzufHQ6T+L69TOyIL4O1IxZPxXjXmNf6y/1 HaTg8mClxs8IDxOzajpDNtYGKFLwomjSkY/CPDbHUoGq6YYQa0MI//ElcUEJm/B8 Uh2QMPYMPJv22xl2Pb4w4rzMgkAGBrWwXsCPAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUOtIpZlJVrqBZv4DYm3n7oxicAeYwHwYDVR0jBBgwFoAU5QLeLGCGpmKEuAzb e1rAwSzD88IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjE1 NC81UUxlTEdDR3BtS0V1QXpiZTFyQXdTekQ4OEkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzVRTGVMR0NHcG1LRXVBemJlMXJBd1N6RDg4SS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxNTQvT3RJcFpsSlZycUJa djREWW0zbjdveGljQWVZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHehijANBgkqhkiG9w0BAQsFAAOCAQEAW0JG3ouzN6EL1ghdL/RIKvxO04fx 5KE+6q+eGAfmqTGnEb2O1KZqesJGQiV6SIeTeXtmYmHlfVOOGdAx/F5dhGBOyV+Q /39I2smEmRSS72m2lnhmsh6VURvyUpZcj9/l020q/g3Zho7fWMdiytG5VEyH8Sc2 LwOKuTOmBaWpQoVF3odIAwoSD9BepW3HnxgkCEWRPvDjNPrx4+2XR04m2N/ig1+X ORUB+R9xY9FU5IXLfeaXUgXullPVW5s6+3jI8Xcb3zq3nDsKuhYbzNKF/ArOUDOu RCLk2jAixbzErFlYae5KJbd6K0bZOYOwT+vGQLHRn0ndAqNAWI508QF2EQ== -----END CERTIFICATE-----Generated at Mon Oct 20 20:53:15 2025 by rpki-client