$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2776/MdRapk3WgYtPpDew7zRI01gV_U0.roa File: MdRapk3WgYtPpDew7zRI01gV_U0.roa (raw, json) Hash identifier: jgcVNykiiTdGm3gLvxeJ7XnhfVBnnblsgA09FtNRzA0= Subject key identifier: 31:D4:5A:A6:4D:D6:81:8B:4F:A4:37:B0:EF:34:48:D3:58:15:FD:4D Certificate issuer: /CN=86DB0D88746FFC0814E589A139240F2F742D0C56 Certificate serial: 1745 Authority key identifier: 86:DB:0D:88:74:6F:FC:08:14:E5:89:A1:39:24:0F:2F:74:2D:0C:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/htsNiHRv_AgU5YmhOSQPL3QtDFY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/MdRapk3WgYtPpDew7zRI01gV_U0.roa Signing time: Sat 13 Sep 2025 03:09:13 +0000 ROA not before: Sat 13 Sep 2025 03:09:13 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63566 IP address blocks: 118.194.59.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/htsNiHRv_AgU5YmhOSQPL3QtDFY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/htsNiHRv_AgU5YmhOSQPL3QtDFY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/htsNiHRv_AgU5YmhOSQPL3QtDFY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5957 (0x1745) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86DB0D88746FFC0814E589A139240F2F742D0C56 Validity Not Before: Sep 13 03:09:13 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=31D45AA64DD6818B4FA437B0EF3448D35815FD4D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:a5:09:5f:6e:6e:b1:1f:ca:25:50:84:3d:40: fd:2c:02:34:35:e7:55:22:e5:23:b9:a1:50:45:32: 3c:4a:91:31:f9:7d:66:a0:c5:0c:36:47:61:b5:dc: 7c:52:e6:ab:1b:1c:e3:ec:d2:e0:61:4e:b3:85:96: f1:a5:e7:be:f1:7d:8e:7f:63:80:d3:ed:e7:71:af: 25:1c:fc:67:c7:66:e2:f7:0d:b6:0a:6b:29:6f:d2: 25:fc:a5:24:70:fb:2f:05:31:5b:c3:20:94:cb:fe: 80:2e:2d:f5:7b:a2:08:5d:29:0c:ca:62:82:e3:4b: b0:d6:a0:d0:e8:c1:e4:12:e9:9d:c2:44:78:5d:7e: f1:21:03:3e:ef:4b:c1:83:b3:a9:74:6f:a4:e6:db: b3:14:f0:ba:b2:cf:5b:52:4d:b0:1e:3c:58:b7:26: ea:c9:97:a8:1a:9c:a3:c9:43:02:7c:ce:f5:c1:29: 8c:5b:46:57:35:bb:d9:55:ed:64:72:0b:82:47:65: 74:e0:99:6a:e6:7d:c7:2d:31:6b:ef:f2:69:e9:0e: 82:5b:7c:e0:d3:89:7f:13:33:4a:29:d8:a4:7a:a1: 39:ed:e0:86:9d:1d:1e:c6:ac:71:f6:49:58:ff:db: 55:01:32:1d:c3:7f:6d:29:d3:04:6d:96:f6:d4:55: 35:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:D4:5A:A6:4D:D6:81:8B:4F:A4:37:B0:EF:34:48:D3:58:15:FD:4D X509v3 Authority Key Identifier: keyid:86:DB:0D:88:74:6F:FC:08:14:E5:89:A1:39:24:0F:2F:74:2D:0C:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/htsNiHRv_AgU5YmhOSQPL3QtDFY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/htsNiHRv_AgU5YmhOSQPL3QtDFY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/MdRapk3WgYtPpDew7zRI01gV_U0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.194.59.0/24 Signature Algorithm: sha256WithRSAEncryption 20:e4:73:fa:c2:a0:0e:d9:46:18:02:a8:77:81:41:96:55:e9: 10:14:30:c6:88:f7:fe:5c:e9:6a:8e:2e:1d:56:06:41:db:32: cb:3b:a5:aa:c3:45:38:03:7c:e6:2e:64:98:af:dc:cf:85:83: 37:9e:96:1c:83:77:22:96:fd:8d:3a:12:17:a9:14:32:2c:3e: 09:4f:7d:0e:19:8b:72:f8:41:bc:a5:7d:35:e7:6c:b3:58:1d: d0:86:4e:8d:12:6c:0e:ed:0e:72:30:28:39:30:bc:fa:f0:6b: 5b:6c:da:41:4d:0e:91:f3:bb:59:97:e0:8e:b7:f7:c1:10:e5: 4b:d3:6c:9f:73:28:87:04:ae:fd:6f:c4:2c:f8:8e:09:f8:32: 3f:44:94:e0:22:cc:60:47:06:c5:d0:70:97:20:46:27:68:4d: 46:70:c2:4f:ad:4d:6b:38:76:68:e7:fa:55:89:30:be:45:f4: 68:2c:b1:c5:9a:71:2f:c2:a9:e2:56:55:0a:ab:76:87:dc:7a: 79:33:f3:dc:88:06:29:2c:76:fb:7d:3f:0b:8b:5f:29:cf:c0: 7d:55:48:f9:81:c8:8c:01:3f:64:33:7a:c0:b9:41:1b:c1:0e: 76:e3:05:de:ec:0e:81:c8:75:cc:31:ba:89:34:27:82:a1:a9: 95:17:24:bf -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICF0UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODZE QjBEODg3NDZGRkMwODE0RTU4OUExMzkyNDBGMkY3NDJEMEM1NjAeFw0yNTA5MTMw MzA5MTNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDMxRDQ1QUE2NERENjgx OEI0RkE0MzdCMEVGMzQ0OEQzNTgxNUZENEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8pQlfbm6xH8olUIQ9QP0sAjQ151Ui5SO5oVBFMjxKkTH5fWag xQw2R2G13HxS5qsbHOPs0uBhTrOFlvGl577xfY5/Y4DT7edxryUc/GfHZuL3DbYK aylv0iX8pSRw+y8FMVvDIJTL/oAuLfV7oghdKQzKYoLjS7DWoNDoweQS6Z3CRHhd fvEhAz7vS8GDs6l0b6Tm27MU8Lqyz1tSTbAePFi3JurJl6ganKPJQwJ8zvXBKYxb Rlc1u9lV7WRyC4JHZXTgmWrmfcctMWvv8mnpDoJbfODTiX8TM0op2KR6oTnt4Iad HR7GrHH2SVj/21UBMh3Df20p0wRtlvbUVTXvAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUMdRapk3WgYtPpDew7zRI01gV/U0wHwYDVR0jBBgwFoAUhtsNiHRv/AgU5Ymh OSQPL3QtDFYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc3 Ni9odHNOaUhSdl9BZ1U1WW1oT1NRUEwzUXRERlkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2h0c05pSFJ2X0FnVTVZbWhPU1FQTDNRdERGWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NzYvTWRSYXBrM1dnWXRQ cERldzd6UkkwMWdWX1UwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHbCOzANBgkqhkiG9w0BAQsFAAOCAQEAIORz+sKgDtlGGAKod4FBllXpEBQw xoj3/lzpao4uHVYGQdsyyzulqsNFOAN85i5kmK/cz4WDN56WHIN3Ipb9jToSF6kU Miw+CU99DhmLcvhBvKV9Nedss1gd0IZOjRJsDu0OcjAoOTC8+vBrW2zaQU0OkfO7 WZfgjrf3wRDlS9Nsn3MohwSu/W/ELPiOCfgyP0SU4CLMYEcGxdBwlyBGJ2hNRnDC T61Nazh2aOf6VYkwvkX0aCyxxZpxL8Kp4lZVCqt2h9x6eTPz3IgGKSx2+30/C4tf Kc/AfVVI+YHIjAE/ZDN6wLlBG8EOduMF3uwOgch1zDG6iTQngqGplRckvw== -----END CERTIFICATE-----Generated at Mon Oct 20 19:53:43 2025 by rpki-client