$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2411/jyJ7GXgOh5wk2yQ1QkK5PDpY260.roa File: jyJ7GXgOh5wk2yQ1QkK5PDpY260.roa (raw, json) Hash identifier: xyEZXhnkY9hCIenZfbzG/0yw5LXZElAJDqguy6tatAc= Subject key identifier: 8F:22:7B:19:78:0E:87:9C:24:DB:24:35:42:42:B9:3C:3A:58:DB:AD Certificate issuer: /CN=1F552F6E8AC2F97E1447BFAC810059695E2B32A9 Certificate serial: 2A Authority key identifier: 1F:55:2F:6E:8A:C2:F9:7E:14:47:BF:AC:81:00:59:69:5E:2B:32:A9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H1UvborC-X4UR7-sgQBZaV4rMqk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/jyJ7GXgOh5wk2yQ1QkK5PDpY260.roa Signing time: Mon 18 Aug 2025 01:57:56 +0000 ROA not before: Mon 18 Aug 2025 01:57:56 +0000 ROA not after: Sun 16 Aug 2026 01:52:01 +0000 asID: 137690 IP address blocks: 202.189.36.0/22 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/H1UvborC-X4UR7-sgQBZaV4rMqk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/H1UvborC-X4UR7-sgQBZaV4rMqk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H1UvborC-X4UR7-sgQBZaV4rMqk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 02:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42 (0x2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1F552F6E8AC2F97E1447BFAC810059695E2B32A9 Validity Not Before: Aug 18 01:57:56 2025 GMT Not After : Aug 16 01:52:01 2026 GMT Subject: CN=8F227B19780E879C24DB24354242B93C3A58DBAD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:69:dd:b8:fa:1c:46:a6:82:85:48:0e:70:38: 21:ef:69:00:90:cf:c7:b9:6d:a0:60:54:13:31:71: 92:fc:b1:79:77:34:35:d7:b3:c5:1b:40:6a:7c:43: e0:fb:c2:c2:d2:b3:87:06:2a:00:a8:f0:dd:d3:52: 6f:b5:fa:88:4f:d3:a4:bb:eb:49:7c:98:68:c4:4f: 5e:b1:bd:c1:dc:7a:37:f7:a8:93:99:20:db:47:1c: 0f:90:34:75:aa:81:87:fb:e0:70:79:5a:35:0e:b0: 9b:21:72:33:82:a1:ea:64:47:fe:b6:cb:59:3d:78: bb:9b:7b:5d:0d:21:28:5f:fd:b7:83:2a:5a:f7:08: 55:e8:08:ab:4b:36:a3:c6:24:b0:54:1a:bf:c1:64: 18:4f:23:8c:ca:70:82:0d:58:00:91:cc:b3:99:50: 3b:48:11:ea:89:20:33:11:fe:c6:8a:7a:44:ca:87: 72:5c:01:10:76:d4:94:b3:97:66:bb:c5:36:ec:3c: 05:4c:28:a2:0b:c2:a5:45:99:15:17:27:72:32:3c: fb:57:36:43:74:29:9d:23:fe:82:eb:5c:59:9a:48: 93:e9:a7:16:06:3b:0a:83:8b:d5:ef:b1:f2:a6:db: 42:98:d3:99:23:e4:26:57:16:d9:ac:c4:9f:d0:27: 32:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:22:7B:19:78:0E:87:9C:24:DB:24:35:42:42:B9:3C:3A:58:DB:AD X509v3 Authority Key Identifier: keyid:1F:55:2F:6E:8A:C2:F9:7E:14:47:BF:AC:81:00:59:69:5E:2B:32:A9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/H1UvborC-X4UR7-sgQBZaV4rMqk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H1UvborC-X4UR7-sgQBZaV4rMqk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/jyJ7GXgOh5wk2yQ1QkK5PDpY260.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.189.36.0/22 Signature Algorithm: sha256WithRSAEncryption 01:41:75:58:61:c4:d4:1e:a6:6c:e7:9d:5b:a7:67:23:c7:5e: a4:6c:c7:7e:2e:d2:31:39:dd:f2:08:f2:e4:11:c2:f8:6e:9d: 58:75:7f:bf:ca:fa:ff:b2:6e:13:a9:7d:2e:fd:5b:f3:9b:82: 3d:cf:a2:5a:10:9e:ac:ef:09:84:8e:cc:a9:43:f5:76:76:e7: bd:66:15:34:23:36:59:a6:e9:2c:78:bb:57:9f:f3:8a:06:0e: 7d:81:71:9d:52:6c:c2:a4:9f:36:14:de:ed:d0:08:91:28:2c: 4f:c6:0d:8b:d0:7d:73:17:5c:37:b6:89:8d:39:c6:92:36:6e: 70:57:7c:4c:b2:c1:a0:52:2b:7b:13:03:66:f1:e4:6c:e9:11: e1:61:55:b8:a7:ba:07:e8:55:34:ab:f4:78:a0:86:79:73:ad: a4:b7:f3:e8:cb:85:31:f1:7d:5c:38:a3:cf:0d:22:b6:ae:42: a1:9e:2b:c9:9e:d8:0e:71:e8:7a:ba:cb:6b:a0:97:20:12:46: 32:9f:ba:95:51:b2:8f:c2:a0:52:91:b9:79:2d:8c:cc:9d:14: e5:be:17:b2:76:4c:a9:3d:bc:cf:32:08:cd:b1:26:97:9b:81: 1e:4c:dd:65:30:d8:5d:17:c4:04:dc:a7:b9:b0:e9:21:4c:64: 65:0d:2b:f0 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxRjU1 MkY2RThBQzJGOTdFMTQ0N0JGQUM4MTAwNTk2OTVFMkIzMkE5MB4XDTI1MDgxODAx NTc1NloXDTI2MDgxNjAxNTIwMVowMzExMC8GA1UEAxMoOEYyMjdCMTk3ODBFODc5 QzI0REIyNDM1NDI0MkI5M0MzQTU4REJBRDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMBp3bj6HEamgoVIDnA4Ie9pAJDPx7ltoGBUEzFxkvyxeXc0Ndez xRtAanxD4PvCwtKzhwYqAKjw3dNSb7X6iE/TpLvrSXyYaMRPXrG9wdx6N/eok5kg 20ccD5A0daqBh/vgcHlaNQ6wmyFyM4Kh6mRH/rbLWT14u5t7XQ0hKF/9t4MqWvcI VegIq0s2o8YksFQav8FkGE8jjMpwgg1YAJHMs5lQO0gR6okgMxH+xop6RMqHclwB EHbUlLOXZrvFNuw8BUwoogvCpUWZFRcncjI8+1c2Q3QpnSP+gutcWZpIk+mnFgY7 CoOL1e+x8qbbQpjTmSPkJlcW2azEn9AnMvkCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBSPInsZeA6HnCTbJDVCQrk8OljbrTAfBgNVHSMEGDAWgBQfVS9uisL5fhRHv6yB AFlpXisyqTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNDEx L0gxVXZib3JDLVg0VVI3LXNnUUJaYVY0ck1xay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvSDFVdmJvckMtWDRVUjctc2dRQlphVjRyTXFrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQxMS9qeUo3R1hnT2g1d2sy eVExUWtLNVBEcFkyNjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCyr0kMA0GCSqGSIb3DQEBCwUAA4IBAQABQXVYYcTUHqZs551bp2cjx16kbMd+ LtIxOd3yCPLkEcL4bp1YdX+/yvr/sm4TqX0u/Vvzm4I9z6JaEJ6s7wmEjsypQ/V2 due9ZhU0IzZZpukseLtXn/OKBg59gXGdUmzCpJ82FN7t0AiRKCxPxg2L0H1zF1w3 tomNOcaSNm5wV3xMssGgUit7EwNm8eRs6RHhYVW4p7oH6FU0q/R4oIZ5c62kt/Po y4Ux8X1cOKPPDSK2rkKhnivJntgOceh6ustroJcgEkYyn7qVUbKPwqBSkbl5LYzM nRTlvheydkypPbzPMgjNsSaXm4EeTN1lMNhdF8QE3Ke5sOkhTGRlDSvw -----END CERTIFICATE-----Generated at Sun Aug 24 00:54:42 2025 by rpki-client