$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2411/uGhFTx1EVVAv4s_MVcvYBHC128I.roa File: uGhFTx1EVVAv4s_MVcvYBHC128I.roa (raw, json) Hash identifier: I8iCxg/YMOwkUdcHw0EJGtWVX+MO2uPy0xA5/B8DU7c= Subject key identifier: B8:68:45:4F:1D:44:55:50:2F:E2:CF:CC:55:CB:D8:04:70:B5:DB:C2 Certificate issuer: /CN=1F552F6E8AC2F97E1447BFAC810059695E2B32A9 Certificate serial: 2F Authority key identifier: 1F:55:2F:6E:8A:C2:F9:7E:14:47:BF:AC:81:00:59:69:5E:2B:32:A9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H1UvborC-X4UR7-sgQBZaV4rMqk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/uGhFTx1EVVAv4s_MVcvYBHC128I.roa Signing time: Mon 18 Aug 2025 01:57:57 +0000 ROA not before: Mon 18 Aug 2025 01:57:57 +0000 ROA not after: Sun 16 Aug 2026 01:52:01 +0000 asID: 137690 IP address blocks: 202.189.24.0/22 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/H1UvborC-X4UR7-sgQBZaV4rMqk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/H1UvborC-X4UR7-sgQBZaV4rMqk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H1UvborC-X4UR7-sgQBZaV4rMqk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 02:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47 (0x2f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1F552F6E8AC2F97E1447BFAC810059695E2B32A9 Validity Not Before: Aug 18 01:57:57 2025 GMT Not After : Aug 16 01:52:01 2026 GMT Subject: CN=B868454F1D4455502FE2CFCC55CBD80470B5DBC2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:06:aa:6f:ee:c4:6d:ce:30:25:5a:6e:9b:94: 5b:1e:8f:65:25:5f:63:d2:55:72:18:be:b6:ac:b1: 88:12:30:54:95:f8:8a:0a:ca:d4:4f:dc:ca:0d:c9: 65:d7:a3:67:9a:68:58:c7:3c:d8:a2:d2:4e:8e:52: ed:ca:8c:dd:2d:d5:a1:00:e7:f2:b3:16:58:3d:ee: b3:c7:2a:a6:fb:b6:a8:54:ec:98:31:fe:bc:e9:d3: a3:27:34:17:83:80:1e:7e:5e:d5:45:f5:07:9e:37: 6c:89:ee:03:49:49:1e:9e:10:fb:f5:35:e7:11:27: 7f:fb:ff:5d:34:43:5b:35:e1:a5:1b:b3:9d:bf:99: 9e:d5:79:85:ce:03:24:0b:b4:49:34:c7:7d:17:2d: 59:f4:4e:b7:e9:32:4b:6d:72:1f:2f:41:a6:6f:77: 34:6b:d8:bd:36:a9:6b:94:48:f0:8c:ba:ba:76:3b: bd:34:42:81:64:70:ed:8b:63:09:db:71:d2:78:a7: ad:8f:ce:2e:65:0b:c3:2d:f3:a4:82:0f:46:7f:d1: 9b:b0:45:d4:3a:b5:77:8c:4c:1d:ab:f9:e6:87:54: 1c:ed:09:ce:dd:2c:ab:16:36:bc:16:b5:14:33:4a: f1:2d:3d:6f:b5:0e:ab:c9:4b:47:3b:00:dd:aa:2c: 88:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:68:45:4F:1D:44:55:50:2F:E2:CF:CC:55:CB:D8:04:70:B5:DB:C2 X509v3 Authority Key Identifier: keyid:1F:55:2F:6E:8A:C2:F9:7E:14:47:BF:AC:81:00:59:69:5E:2B:32:A9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/H1UvborC-X4UR7-sgQBZaV4rMqk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H1UvborC-X4UR7-sgQBZaV4rMqk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2411/uGhFTx1EVVAv4s_MVcvYBHC128I.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.189.24.0/22 Signature Algorithm: sha256WithRSAEncryption 40:55:22:a3:8e:4c:67:51:6a:1f:c7:0b:dd:8f:4f:64:6e:50: f0:34:4a:2d:43:26:8f:48:f7:ba:5f:82:dc:5e:52:34:f4:35: b4:3b:54:da:76:83:3c:22:06:42:bb:bc:43:0e:b5:df:c6:f0: b7:ab:a1:2b:a3:ea:4a:bf:fa:57:55:06:61:a7:b5:01:1a:96: 8e:36:03:0f:ef:85:11:64:ee:5d:06:67:9f:a9:19:8d:37:fb: 25:d1:7b:50:86:c9:fc:80:a3:cf:46:f2:e8:9c:1d:16:00:3e: 28:e0:93:e5:5a:eb:dd:82:4b:d5:81:2b:42:75:55:61:bd:ae: 98:1e:64:fb:fc:c0:a7:d8:cd:9f:f2:4f:bc:17:52:e7:11:2f: a6:fe:d0:7f:97:46:12:d4:1a:d8:bf:89:07:4d:25:92:ea:21: 37:fe:7f:40:e3:50:0e:c0:d0:5c:0d:8b:da:89:7d:d3:40:dc: 7b:63:9a:2c:80:18:40:7d:2b:23:83:14:2e:f8:72:8b:29:63: 69:90:81:63:4b:fb:d0:19:3d:34:3a:6d:f6:2a:2b:1a:3f:2b: 87:c0:f8:05:a8:04:eb:d2:7c:be:c5:4e:b8:de:26:17:03:65: 8b:d7:08:1c:1f:a1:e8:fb:78:02:92:ec:39:33:84:1c:b0:a9: bb:5d:25:8f -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxRjU1 MkY2RThBQzJGOTdFMTQ0N0JGQUM4MTAwNTk2OTVFMkIzMkE5MB4XDTI1MDgxODAx NTc1N1oXDTI2MDgxNjAxNTIwMVowMzExMC8GA1UEAxMoQjg2ODQ1NEYxRDQ0NTU1 MDJGRTJDRkNDNTVDQkQ4MDQ3MEI1REJDMjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANwGqm/uxG3OMCVabpuUWx6PZSVfY9JVchi+tqyxiBIwVJX4igrK 1E/cyg3JZdejZ5poWMc82KLSTo5S7cqM3S3VoQDn8rMWWD3us8cqpvu2qFTsmDH+ vOnToyc0F4OAHn5e1UX1B543bInuA0lJHp4Q+/U15xEnf/v/XTRDWzXhpRuznb+Z ntV5hc4DJAu0STTHfRctWfROt+kyS21yHy9Bpm93NGvYvTapa5RI8Iy6unY7vTRC gWRw7YtjCdtx0ninrY/OLmULwy3zpIIPRn/Rm7BF1Dq1d4xMHav55odUHO0Jzt0s qxY2vBa1FDNK8S09b7UOq8lLRzsA3aosiMkCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBS4aEVPHURVUC/iz8xVy9gEcLXbwjAfBgNVHSMEGDAWgBQfVS9uisL5fhRHv6yB AFlpXisyqTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNDEx L0gxVXZib3JDLVg0VVI3LXNnUUJaYVY0ck1xay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvSDFVdmJvckMtWDRVUjctc2dRQlphVjRyTXFrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQxMS91R2hGVHgxRVZWQXY0 c19NVmN2WUJIQzEyOEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCyr0YMA0GCSqGSIb3DQEBCwUAA4IBAQBAVSKjjkxnUWofxwvdj09kblDwNEot QyaPSPe6X4LcXlI09DW0O1TadoM8IgZCu7xDDrXfxvC3q6Ero+pKv/pXVQZhp7UB GpaONgMP74URZO5dBmefqRmNN/sl0XtQhsn8gKPPRvLonB0WAD4o4JPlWuvdgkvV gStCdVVhva6YHmT7/MCn2M2f8k+8F1LnES+m/tB/l0YS1BrYv4kHTSWS6iE3/n9A 41AOwNBcDYvaiX3TQNx7Y5osgBhAfSsjgxQu+HKLKWNpkIFjS/vQGT00Om32Kisa PyuHwPgFqATr0ny+xU643iYXA2WL1wgcH6Ho+3gCkuw5M4QcsKm7XSWP -----END CERTIFICATE-----Generated at Sun Aug 24 00:58:40 2025 by rpki-client