$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2411/3brUlupLFNOJTrxKML94I8BrEHQ.roa File: 3brUlupLFNOJTrxKML94I8BrEHQ.roa (raw, json) Hash identifier: Rz7xzH0RnlhaMB3xgZiF+Dwazd6Z1dnQJ+fN8v1gBhI= Subject key identifier: DD:BA:D4:96:EA:4B:14:D3:89:4E:BC:4A:30:BF:78:23:C0:6B:10:74 Certificate issuer: /CN=1F552F6E8AC2F97E1447BFAC810059695E2B32A9 Certificate serial: 2B Authority key identifier: 1F:55:2F:6E:8A:C2:F9:7E:14:47:BF:AC:81:00:59:69:5E:2B:32:A9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H1UvborC-X4UR7-sgQBZaV4rMqk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/3brUlupLFNOJTrxKML94I8BrEHQ.roa Signing time: Mon 18 Aug 2025 01:57:56 +0000 ROA not before: Mon 18 Aug 2025 01:57:56 +0000 ROA not after: Sun 16 Aug 2026 01:52:01 +0000 asID: 137690 IP address blocks: 202.189.48.0/22 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/H1UvborC-X4UR7-sgQBZaV4rMqk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/H1UvborC-X4UR7-sgQBZaV4rMqk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H1UvborC-X4UR7-sgQBZaV4rMqk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 02:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43 (0x2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1F552F6E8AC2F97E1447BFAC810059695E2B32A9 Validity Not Before: Aug 18 01:57:56 2025 GMT Not After : Aug 16 01:52:01 2026 GMT Subject: CN=DDBAD496EA4B14D3894EBC4A30BF7823C06B1074 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:5f:8f:14:4e:c7:b9:35:14:bc:a8:2f:74:f1: a5:44:d8:2e:59:26:2b:ef:bf:bf:ba:4b:61:ac:3e: 97:48:1e:5b:90:a9:05:33:21:10:37:bd:cb:e7:42: eb:55:a3:b0:34:cc:bf:8a:97:0e:9e:a2:11:d1:79: bd:56:2a:c4:0a:f8:59:f2:ad:42:01:a7:63:62:70: 4d:06:f3:72:ad:5b:7c:ca:e9:d9:84:f0:7a:b8:90: 84:3f:ba:75:90:f1:5e:78:e6:39:3a:69:9a:e3:93: 4e:45:91:1d:05:7e:73:2e:60:04:c6:1c:10:89:b4: d1:4f:00:66:08:a6:f8:b3:a6:67:12:12:dc:bf:a9: c3:ba:4b:64:c3:e6:03:13:7f:87:71:5d:44:a9:0d: 37:3f:58:81:d1:3d:32:26:a9:11:29:28:ad:fb:b3: 2f:59:32:1c:a0:9d:4b:41:57:a5:86:ad:5e:4c:bb: b1:4d:61:9b:4f:0f:d2:6c:6a:19:93:64:42:05:56: 58:fb:46:ee:c4:3a:6f:55:a4:77:e8:ce:c0:70:b3: 5c:a4:95:bd:58:0b:fe:f0:18:bb:8b:4c:64:9f:8f: ec:e2:fe:a3:ab:76:bd:a1:1a:ad:f9:29:66:14:13: 91:bf:e1:a3:be:04:7f:4d:25:f4:b1:b1:4e:00:13: f9:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:BA:D4:96:EA:4B:14:D3:89:4E:BC:4A:30:BF:78:23:C0:6B:10:74 X509v3 Authority Key Identifier: keyid:1F:55:2F:6E:8A:C2:F9:7E:14:47:BF:AC:81:00:59:69:5E:2B:32:A9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/H1UvborC-X4UR7-sgQBZaV4rMqk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H1UvborC-X4UR7-sgQBZaV4rMqk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/3brUlupLFNOJTrxKML94I8BrEHQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.189.48.0/22 Signature Algorithm: sha256WithRSAEncryption 95:9e:eb:8b:54:8e:02:a7:4e:e6:6e:cc:ce:84:8a:27:82:f3: 67:cd:07:cd:a5:ea:1d:97:d5:c0:a4:ef:23:59:6c:82:f2:99: 51:40:25:82:82:82:d7:06:48:c5:70:e9:a1:40:f7:e3:94:9d: d4:3a:b5:cf:f7:86:88:db:a8:e9:12:69:d1:f5:69:ca:ca:d2: c4:3c:25:4e:fa:01:84:4a:84:ce:1a:f8:cd:80:c2:a6:0e:e5: 2a:ad:2a:fb:9c:b3:21:f0:b5:bb:b3:00:66:33:8e:c2:0b:4f: b4:4b:73:0e:fb:83:ef:77:24:27:a1:4e:13:36:09:c8:1a:53: aa:59:70:b0:d2:37:83:04:e2:07:0f:80:82:ee:2c:5c:82:23: 58:86:c5:0e:16:6b:23:f6:53:d5:04:e4:00:f6:9f:eb:a4:c4: 33:fd:2f:7b:28:24:49:45:bb:a9:f2:ed:ac:b4:30:e4:55:29: 17:cc:7c:89:02:c3:c6:28:d2:9a:4d:56:95:31:31:12:da:49: de:89:6b:6a:7c:c3:98:66:80:24:0f:7e:39:4f:53:03:f8:ff: b1:f0:b5:1a:10:7f:71:df:ea:cb:3a:fb:d2:d9:22:2e:e9:9d: fd:07:85:d4:64:7f:fe:ec:95:4f:04:55:f3:62:f3:0e:b6:42: 7b:74:51:52 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxRjU1 MkY2RThBQzJGOTdFMTQ0N0JGQUM4MTAwNTk2OTVFMkIzMkE5MB4XDTI1MDgxODAx NTc1NloXDTI2MDgxNjAxNTIwMVowMzExMC8GA1UEAxMoRERCQUQ0OTZFQTRCMTRE Mzg5NEVCQzRBMzBCRjc4MjNDMDZCMTA3NDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAK1fjxROx7k1FLyoL3TxpUTYLlkmK++/v7pLYaw+l0geW5CpBTMh EDe9y+dC61WjsDTMv4qXDp6iEdF5vVYqxAr4WfKtQgGnY2JwTQbzcq1bfMrp2YTw eriQhD+6dZDxXnjmOTppmuOTTkWRHQV+cy5gBMYcEIm00U8AZgim+LOmZxIS3L+p w7pLZMPmAxN/h3FdRKkNNz9YgdE9MiapESkorfuzL1kyHKCdS0FXpYatXky7sU1h m08P0mxqGZNkQgVWWPtG7sQ6b1Wkd+jOwHCzXKSVvVgL/vAYu4tMZJ+P7OL+o6t2 vaEarfkpZhQTkb/ho74Ef00l9LGxTgAT+XsCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBTdutSW6ksU04lOvEowv3gjwGsQdDAfBgNVHSMEGDAWgBQfVS9uisL5fhRHv6yB AFlpXisyqTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNDEx L0gxVXZib3JDLVg0VVI3LXNnUUJaYVY0ck1xay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvSDFVdmJvckMtWDRVUjctc2dRQlphVjRyTXFrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQxMS8zYnJVbHVwTEZOT0pU cnhLTUw5NEk4QnJFSFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCyr0wMA0GCSqGSIb3DQEBCwUAA4IBAQCVnuuLVI4Cp07mbszOhIongvNnzQfN peodl9XApO8jWWyC8plRQCWCgoLXBkjFcOmhQPfjlJ3UOrXP94aI26jpEmnR9WnK ytLEPCVO+gGESoTOGvjNgMKmDuUqrSr7nLMh8LW7swBmM47CC0+0S3MO+4PvdyQn oU4TNgnIGlOqWXCw0jeDBOIHD4CC7ixcgiNYhsUOFmsj9lPVBOQA9p/rpMQz/S97 KCRJRbup8u2stDDkVSkXzHyJAsPGKNKaTVaVMTES2kneiWtqfMOYZoAkD345T1MD +P+x8LUaEH9x3+rLOvvS2SIu6Z39B4XUZH/+7JVPBFXzYvMOtkJ7dFFS -----END CERTIFICATE-----Generated at Sun Aug 24 00:54:33 2025 by rpki-client