$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2411/3kux-K6eUv7YAIUgje7JO7SopDM.roa File: 3kux-K6eUv7YAIUgje7JO7SopDM.roa (raw, json) Hash identifier: jhS1alVkDqD1AWD2PpZ4vAb8U/e4KUb5DEUiw2f/Bec= Subject key identifier: DE:4B:B1:F8:AE:9E:52:FE:D8:00:85:20:8D:EE:C9:3B:B4:A8:A4:33 Certificate issuer: /CN=1F552F6E8AC2F97E1447BFAC810059695E2B32A9 Certificate serial: 31 Authority key identifier: 1F:55:2F:6E:8A:C2:F9:7E:14:47:BF:AC:81:00:59:69:5E:2B:32:A9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H1UvborC-X4UR7-sgQBZaV4rMqk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/3kux-K6eUv7YAIUgje7JO7SopDM.roa Signing time: Mon 18 Aug 2025 01:57:57 +0000 ROA not before: Mon 18 Aug 2025 01:57:57 +0000 ROA not after: Sun 16 Aug 2026 01:52:01 +0000 asID: 137690 IP address blocks: 202.189.28.0/22 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/H1UvborC-X4UR7-sgQBZaV4rMqk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/H1UvborC-X4UR7-sgQBZaV4rMqk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H1UvborC-X4UR7-sgQBZaV4rMqk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 11:04:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49 (0x31) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1F552F6E8AC2F97E1447BFAC810059695E2B32A9 Validity Not Before: Aug 18 01:57:57 2025 GMT Not After : Aug 16 01:52:01 2026 GMT Subject: CN=DE4BB1F8AE9E52FED80085208DEEC93BB4A8A433 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:05:b3:36:b9:96:6b:ac:dd:81:28:4b:da:17: ae:12:5b:92:b0:e9:f4:88:94:0b:f4:a3:6a:94:db: 0e:7f:13:e0:04:20:5f:0e:36:95:02:78:0f:7f:cd: 7f:c0:6c:39:dd:10:c7:fb:cd:15:20:3c:b6:87:6f: 60:b7:7f:32:1b:68:c7:fa:53:d7:96:71:d6:50:4c: be:e0:3c:97:b0:b7:cb:03:3a:6e:a8:86:ab:a6:ca: 2f:9a:d2:96:a4:47:93:36:aa:a1:66:c4:19:74:dd: 7b:1d:9d:53:04:93:22:a1:e6:1f:d4:1f:b7:a6:52: 81:10:49:bc:c0:3a:51:5c:6d:4b:cf:c7:40:b2:ad: 17:f9:9a:63:af:89:03:ec:d0:27:e4:39:7b:2a:ac: 79:a0:49:85:ad:dc:38:55:2b:c5:67:33:ac:cd:1d: 37:74:2d:4b:d2:e0:71:c2:82:19:f1:0e:cc:7d:e2: a7:2d:62:6b:94:e2:a6:7d:50:ef:aa:db:34:07:71: e0:a2:18:b2:04:49:11:15:da:dd:43:f8:83:09:e2: ac:57:8b:6e:bc:4d:7c:20:27:8a:54:aa:e4:a7:fc: b6:f4:30:ba:57:63:92:38:0f:ee:90:57:7b:42:aa: 29:3c:75:1a:da:4c:b7:6c:e8:26:cd:bf:8d:81:62: 1e:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:4B:B1:F8:AE:9E:52:FE:D8:00:85:20:8D:EE:C9:3B:B4:A8:A4:33 X509v3 Authority Key Identifier: keyid:1F:55:2F:6E:8A:C2:F9:7E:14:47:BF:AC:81:00:59:69:5E:2B:32:A9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/H1UvborC-X4UR7-sgQBZaV4rMqk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H1UvborC-X4UR7-sgQBZaV4rMqk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/3kux-K6eUv7YAIUgje7JO7SopDM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.189.28.0/22 Signature Algorithm: sha256WithRSAEncryption 34:59:b9:86:52:c1:e1:ca:eb:e7:4a:38:ad:b5:9d:7b:45:12: e8:62:2d:ac:b6:fe:12:c5:58:19:41:f9:6c:47:8f:89:f9:f1: e8:7d:38:d2:7d:e7:03:cb:f1:7b:22:26:72:1d:d2:a8:df:89: 47:70:12:3b:51:2c:1d:e1:66:f7:52:8e:02:7c:13:6b:65:5f: 24:44:6e:9c:d1:eb:57:b9:4e:35:47:21:c9:10:9f:2f:69:ef: 2a:05:55:1b:5f:68:b4:66:34:e6:c8:80:bb:81:0a:60:b3:fa: 34:42:62:5f:4f:71:2b:50:ee:fd:aa:f4:6a:6b:72:f0:62:66: 3c:bd:a4:53:e7:c3:a1:2a:da:6b:4b:1f:10:d0:04:3b:d8:0a: f1:a0:59:eb:d1:83:b7:89:6d:34:3c:72:3e:14:1e:73:6b:7a: 0a:60:00:81:01:30:7a:e9:89:8b:96:85:d3:3b:d7:98:1b:b0: 10:64:30:51:9c:4f:93:30:3c:18:fd:65:94:ec:57:ff:d0:4d: f3:75:d8:64:50:9d:d2:9d:fc:28:07:3a:a1:6d:5e:9f:b2:58: 7b:e2:50:85:79:d7:13:b8:aa:bc:33:d5:ec:6d:7e:7b:fe:3b: be:27:7f:f3:74:49:9b:2b:09:01:26:51:e0:1e:29:96:b7:56: 0a:e4:14:5d -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxRjU1 MkY2RThBQzJGOTdFMTQ0N0JGQUM4MTAwNTk2OTVFMkIzMkE5MB4XDTI1MDgxODAx NTc1N1oXDTI2MDgxNjAxNTIwMVowMzExMC8GA1UEAxMoREU0QkIxRjhBRTlFNTJG RUQ4MDA4NTIwOERFRUM5M0JCNEE4QTQzMzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAOIFsza5lmus3YEoS9oXrhJbkrDp9IiUC/SjapTbDn8T4AQgXw42 lQJ4D3/Nf8BsOd0Qx/vNFSA8todvYLd/Mhtox/pT15Zx1lBMvuA8l7C3ywM6bqiG q6bKL5rSlqRHkzaqoWbEGXTdex2dUwSTIqHmH9Qft6ZSgRBJvMA6UVxtS8/HQLKt F/maY6+JA+zQJ+Q5eyqseaBJha3cOFUrxWczrM0dN3QtS9LgccKCGfEOzH3ipy1i a5Tipn1Q76rbNAdx4KIYsgRJERXa3UP4gwnirFeLbrxNfCAnilSq5Kf8tvQwuldj kjgP7pBXe0KqKTx1GtpMt2zoJs2/jYFiHl8CAwEAAaOCAfMwggHvMB0GA1UdDgQW BBTeS7H4rp5S/tgAhSCN7sk7tKikMzAfBgNVHSMEGDAWgBQfVS9uisL5fhRHv6yB AFlpXisyqTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNDEx L0gxVXZib3JDLVg0VVI3LXNnUUJaYVY0ck1xay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvSDFVdmJvckMtWDRVUjctc2dRQlphVjRyTXFrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQxMS8za3V4LUs2ZVV2N1lB SVVnamU3Sk83U29wRE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCyr0cMA0GCSqGSIb3DQEBCwUAA4IBAQA0WbmGUsHhyuvnSjittZ17RRLoYi2s tv4SxVgZQflsR4+J+fHofTjSfecDy/F7IiZyHdKo34lHcBI7USwd4Wb3Uo4CfBNr ZV8kRG6c0etXuU41RyHJEJ8vae8qBVUbX2i0ZjTmyIC7gQpgs/o0QmJfT3ErUO79 qvRqa3LwYmY8vaRT58OhKtprSx8Q0AQ72ArxoFnr0YO3iW00PHI+FB5za3oKYACB ATB66YmLloXTO9eYG7AQZDBRnE+TMDwY/WWU7Ff/0E3zddhkUJ3SnfwoBzqhbV6f slh74lCFedcTuKq8M9XsbX57/ju+J3/zdEmbKwkBJlHgHimWt1YK5BRd -----END CERTIFICATE-----Generated at Sun Aug 24 11:03:03 2025 by rpki-client