$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/0LGrkilwGZHCogIafYiS-owxFdI.roa File: 0LGrkilwGZHCogIafYiS-owxFdI.roa (raw, json) Hash identifier: 7cL+Qa2v179R6A5VdhOqwEbeBEGpOcZ24iF6cvobTAQ= Subject key identifier: D0:B1:AB:92:29:70:19:91:C2:A2:02:1A:7D:88:92:FA:8C:31:15:D2 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 15CB Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/0LGrkilwGZHCogIafYiS-owxFdI.roa Signing time: Sat 13 Sep 2025 03:06:48 +0000 ROA not before: Sat 13 Sep 2025 03:06:48 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 124.71.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5579 (0x15cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:48 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D0B1AB9229701991C2A2021A7D8892FA8C3115D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:12:60:4e:b1:d0:e7:6d:c7:c4:fd:8b:6c:cd: f7:f2:fd:89:08:6e:b3:4e:a9:94:6d:75:23:1c:46: 78:2d:69:1e:c8:c7:ae:82:fb:6d:88:32:49:80:98: 16:9a:ba:3f:6e:19:9d:b0:aa:4b:59:49:8a:e9:26: e9:4e:4d:87:67:8b:6d:78:35:15:66:13:b8:75:59: 5b:9d:0c:c3:26:85:ab:ad:cd:59:74:bd:98:5d:13: 05:fc:cb:cf:6f:43:dc:a9:2e:e7:eb:27:0e:d4:20: 4c:23:f7:32:46:3b:e2:4f:33:02:83:fd:d8:95:fb: 80:92:d0:f2:10:81:a3:38:0f:46:07:b3:20:8a:e5: b4:7e:b8:4c:a6:36:b0:1b:18:12:ba:ee:9e:15:ea: 9c:46:cd:25:a6:16:94:51:d4:bd:9d:4b:04:30:f0: 5c:e4:07:17:21:b6:c1:ce:99:c6:11:02:1c:53:10: 73:97:c0:f6:f3:79:ce:b5:63:1e:d3:9c:28:78:9a: 0c:73:bb:b7:ba:bb:18:08:48:76:54:9c:c2:f2:2b: e0:63:f7:6c:e1:e5:2c:ff:72:9d:d2:e3:89:51:82: 18:70:2e:6f:58:ad:1b:c6:09:fd:c8:0f:d0:23:d0: ae:a3:52:70:a8:54:11:db:01:6d:e2:78:5e:2f:e5: 8f:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:B1:AB:92:29:70:19:91:C2:A2:02:1A:7D:88:92:FA:8C:31:15:D2 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/0LGrkilwGZHCogIafYiS-owxFdI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.71.253.0/24 Signature Algorithm: sha256WithRSAEncryption 07:b6:34:51:85:a1:9f:e9:ba:e9:73:23:e2:e1:6b:d5:de:1d: b7:cb:ce:c1:84:a8:00:d6:d1:8e:e8:67:9b:b9:4e:33:f1:db: 78:5f:8c:41:65:03:1b:aa:96:e2:be:31:1e:99:f6:ef:88:81: 19:29:62:dd:12:8c:a4:ca:6b:48:69:d0:1b:17:0e:14:79:55: 6e:ce:41:90:0f:3b:43:ae:41:a1:c4:45:8f:1d:b5:31:78:a0: 3d:fe:76:d5:44:fa:b8:28:18:d2:75:2c:aa:f8:b0:46:d0:55: ca:5b:b1:2f:af:d8:53:95:1c:f8:d4:83:b2:d5:c8:3d:ec:53: b0:57:66:4b:b4:2b:23:62:8a:30:ad:17:d1:ca:b4:ea:58:23: 5e:a2:61:18:64:68:0d:11:cc:d4:7e:3f:40:9a:6f:9d:99:e8: 50:a7:0c:31:2e:67:80:76:ff:39:c5:0c:f3:b9:72:97:9c:e8: 6a:1f:80:6c:a9:c3:dc:b4:05:7a:92:a3:9b:25:05:ea:d6:3f: 16:68:02:b2:09:09:b8:3c:b4:48:0c:81:01:51:1f:ec:09:82: 14:0f:c2:c7:d4:9a:19:a0:11:14:ce:0a:72:40:38:d8:58:92: 72:16:35:30:c5:d7:fc:8d:95:39:9b:b6:b4:c4:e6:18:7f:aa: 4b:53:08:ea -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFcswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2NDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQwQjFBQjkyMjk3MDE5 OTFDMkEyMDIxQTdEODg5MkZBOEMzMTE1RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQChEmBOsdDnbcfE/Ytszffy/YkIbrNOqZRtdSMcRngtaR7Ix66C +22IMkmAmBaauj9uGZ2wqktZSYrpJulOTYdni214NRVmE7h1WVudDMMmhautzVl0 vZhdEwX8y89vQ9ypLufrJw7UIEwj9zJGO+JPMwKD/diV+4CS0PIQgaM4D0YHsyCK 5bR+uEymNrAbGBK67p4V6pxGzSWmFpRR1L2dSwQw8FzkBxchtsHOmcYRAhxTEHOX wPbzec61Yx7TnCh4mgxzu7e6uxgISHZUnMLyK+Bj92zh5Sz/cp3S44lRghhwLm9Y rRvGCf3ID9Aj0K6jUnCoVBHbAW3ieF4v5Y9pAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU0LGrkilwGZHCogIafYiS+owxFdIwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvMExHcmtpbHdHWkhD b2dJYWZZaVMtb3d4RmRJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHxH/TANBgkqhkiG9w0BAQsFAAOCAQEAB7Y0UYWhn+m66XMj4uFr1d4dt8vO wYSoANbRjuhnm7lOM/HbeF+MQWUDG6qW4r4xHpn274iBGSli3RKMpMprSGnQGxcO FHlVbs5BkA87Q65BocRFjx21MXigPf521UT6uCgY0nUsqviwRtBVyluxL6/YU5Uc +NSDstXIPexTsFdmS7QrI2KKMK0X0cq06lgjXqJhGGRoDRHM1H4/QJpvnZnoUKcM MS5ngHb/OcUM87lyl5zoah+AbKnD3LQFepKjmyUF6tY/FmgCsgkJuDy0SAyBAVEf 7AmCFA/Cx9SaGaARFM4KckA42FiSchY1MMXX/I2VOZu2tMTmGH+qS1MI6g== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:04 2025 by rpki-client