$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/lwugNpl7ON15Py-fGSFHCJofW5s.roa File: lwugNpl7ON15Py-fGSFHCJofW5s.roa (raw, json) Hash identifier: r0cYOwFvNoFE4I7bgdVGf5MmRu0wsVXSvz23VO8XWmk= Subject key identifier: 97:0B:A0:36:99:7B:38:DD:79:3F:2F:9F:19:21:47:08:9A:1F:5B:9B Certificate issuer: /CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Certificate serial: 209A Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/lwugNpl7ON15Py-fGSFHCJofW5s.roa Signing time: Sat 13 Sep 2025 03:10:31 +0000 ROA not before: Sat 13 Sep 2025 03:10:31 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 18257 IP address blocks: 118.184.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8346 (0x209a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Validity Not Before: Sep 13 03:10:31 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=970BA036997B38DD793F2F9F192147089A1F5B9B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:5c:56:dd:fe:64:8c:49:ec:07:3f:56:d1:37: 68:73:2e:fb:a2:b5:d8:c9:82:be:97:c2:4d:9b:61: ae:08:af:b4:44:a2:d1:28:72:4c:2f:bc:72:09:47: 05:70:be:30:4d:55:54:81:59:9f:cd:c8:61:8b:85: bc:b1:f3:63:53:13:51:8d:9c:b8:6b:cc:3e:b1:25: 50:d1:89:a9:a3:a1:56:92:29:a7:23:a2:d3:fc:aa: f3:dd:c0:26:99:ba:80:2b:36:d2:19:eb:ef:83:d9: 16:ab:6a:b9:d6:e3:90:fb:90:d6:15:16:40:fb:a7: b0:42:d6:d5:fd:20:f4:2c:fb:5e:85:9a:06:c5:b3: b0:6a:f0:de:2f:2d:19:4a:20:c2:bc:06:b9:4f:fc: 92:af:d9:95:2a:b6:f0:87:54:f0:d8:26:1d:e3:f5: 55:6d:9c:50:02:cc:83:9a:6e:dd:a7:71:1a:64:2d: c3:85:b9:6b:03:f6:a0:cc:e0:6d:92:a6:2e:6c:6d: ee:f9:b7:70:b3:79:27:7d:a4:44:58:7c:ca:cd:98: ae:ed:79:36:78:2e:c8:45:54:df:01:dd:f6:4f:74: d6:dc:35:20:57:f3:5d:99:fe:91:dd:06:ec:b6:cc: f2:ba:5c:5c:cc:33:b4:27:f4:43:6c:d1:e8:c5:ee: 35:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:0B:A0:36:99:7B:38:DD:79:3F:2F:9F:19:21:47:08:9A:1F:5B:9B X509v3 Authority Key Identifier: keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/lwugNpl7ON15Py-fGSFHCJofW5s.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.184.128.0/17 Signature Algorithm: sha256WithRSAEncryption 38:12:e0:db:13:27:73:73:7b:0f:23:58:1c:25:80:86:bb:67: 11:b0:53:ce:b8:cf:60:e8:3b:5e:e5:63:91:7d:f8:74:c9:3e: 78:10:7d:ce:b4:d4:35:9a:f2:b0:d4:f8:60:2a:da:03:24:d6: a6:35:69:f0:7f:a7:11:d4:84:61:1d:59:2f:e3:14:ac:df:70: 5f:0b:57:54:fe:a2:b5:43:50:0f:c6:de:f2:78:35:ff:3f:b3: a4:8e:e9:8b:54:9c:45:5c:36:b7:f8:9f:30:22:27:22:5c:11: 87:15:30:6e:15:af:f4:9a:a3:23:54:c8:3d:c7:8d:4c:3c:86: 93:56:91:ac:33:80:32:8c:f4:35:d3:c2:af:de:b4:a7:be:89: 33:0e:41:a7:1c:6b:94:89:1d:19:f2:f4:51:ae:f0:69:7c:dd: 4f:4d:e2:41:b8:a0:0f:24:e3:fd:bb:8e:47:1e:11:9d:9e:60: 20:17:2e:db:45:6c:78:a4:d6:b5:94:f9:4b:2a:7c:07:c1:1f: 14:94:93:dd:89:06:d6:96:99:17:3b:93:47:19:0d:d5:3f:ba: 1e:0b:a5:9f:ac:d6:87:ed:18:a4:b9:9c:f3:d1:a1:b7:8f:1a: 64:f1:a2:95:5e:bb:28:24:5d:dd:3a:aa:5f:46:49:f1:a2:45: 68:87:1f:0e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIJowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNTA5MTMw MzEwMzFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDk3MEJBMDM2OTk3QjM4 REQ3OTNGMkY5RjE5MjE0NzA4OUExRjVCOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtXFbd/mSMSewHP1bRN2hzLvuitdjJgr6Xwk2bYa4Ir7REotEo ckwvvHIJRwVwvjBNVVSBWZ/NyGGLhbyx82NTE1GNnLhrzD6xJVDRiamjoVaSKacj otP8qvPdwCaZuoArNtIZ6++D2RararnW45D7kNYVFkD7p7BC1tX9IPQs+16FmgbF s7Bq8N4vLRlKIMK8BrlP/JKv2ZUqtvCHVPDYJh3j9VVtnFACzIOabt2ncRpkLcOF uWsD9qDM4G2Spi5sbe75t3CzeSd9pERYfMrNmK7teTZ4LshFVN8B3fZPdNbcNSBX 812Z/pHdBuy2zPK6XFzMM7Qn9ENs0ejF7jUDAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUlwugNpl7ON15Py+fGSFHCJofW5swHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ +wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvbHd1Z05wbDdPTjE1 UHktZkdTRkhDSm9mVzVzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEB3a4gDANBgkqhkiG9w0BAQsFAAOCAQEAOBLg2xMnc3N7DyNYHCWAhrtnEbBT zrjPYOg7XuVjkX34dMk+eBB9zrTUNZrysNT4YCraAyTWpjVp8H+nEdSEYR1ZL+MU rN9wXwtXVP6itUNQD8be8ng1/z+zpI7pi1ScRVw2t/ifMCInIlwRhxUwbhWv9Jqj I1TIPceNTDyGk1aRrDOAMoz0NdPCr960p76JMw5BpxxrlIkdGfL0Ua7waXzdT03i QbigDyTj/buORx4RnZ5gIBcu20VseKTWtZT5Syp8B8EfFJST3YkG1paZFzuTRxkN 1T+6Hguln6zWh+0YpLmc89Ght48aZPGilV67KCRd3TqqX0ZJ8aJFaIcfDg== -----END CERTIFICATE-----Generated at Mon Oct 20 08:42:42 2025 by rpki-client