$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/S2BA_NI73BbWNPBXGW-_2GZp8gg.roa File: S2BA_NI73BbWNPBXGW-_2GZp8gg.roa (raw, json) Hash identifier: xrHAM2vPR/NC29GP3QKO+M0TqI+uKxOE8olgCxrNNUA= Subject key identifier: 4B:60:40:FC:D2:3B:DC:16:D6:34:F0:57:19:6F:BF:D8:66:69:F2:08 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 14AC Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/S2BA_NI73BbWNPBXGW-_2GZp8gg.roa Signing time: Wed 30 Jul 2025 02:47:59 +0000 ROA not before: Wed 30 Jul 2025 02:47:59 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 55990 IP address blocks: 101.245.8.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 11:04:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5292 (0x14ac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Jul 30 02:47:59 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=4B6040FCD23BDC16D634F057196FBFD86669F208 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:0d:7a:87:f2:93:d3:9c:22:ee:92:37:b9:ea: b9:5d:59:ca:56:ce:e9:6c:cd:02:f9:d5:02:05:0e: 02:a9:16:c7:77:8d:3c:fa:c1:22:4c:0e:ac:49:37: 7e:58:dd:19:ea:48:c7:b2:7c:11:ea:7f:b4:36:b8: 4c:ee:a3:90:ea:ec:75:8f:0f:3e:d6:99:73:63:bb: a9:f4:81:77:59:97:dd:90:e9:16:24:e8:7b:06:f5: c0:fc:61:0b:ee:8c:f0:07:d2:1b:bd:69:d2:77:db: 8c:bb:ea:ba:78:f6:6f:a2:08:7b:90:4a:5e:9f:67: 2d:84:dd:35:4a:f7:d5:12:c6:d8:d8:1c:4d:96:1b: 38:3e:50:72:cc:7c:55:50:f9:dc:e7:17:91:f4:e8: e2:d4:b9:51:16:ec:51:99:fe:93:48:a9:36:b6:fc: dc:dc:ad:67:da:aa:3d:c1:0e:6c:dc:99:a3:4d:51: da:e2:05:f0:a4:0b:af:76:4c:a5:dc:93:f1:73:1c: 58:d5:14:99:e9:f4:56:59:98:41:80:bc:5c:13:68: 43:fe:67:97:8e:22:0f:44:2e:89:6f:b3:bf:13:59: df:40:2b:d9:e4:93:67:cf:f9:06:f3:a7:0b:2e:fc: ca:f5:82:99:d4:80:f0:69:02:cd:ed:d2:c5:9b:94: 3e:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:60:40:FC:D2:3B:DC:16:D6:34:F0:57:19:6F:BF:D8:66:69:F2:08 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/S2BA_NI73BbWNPBXGW-_2GZp8gg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.245.8.0/23 Signature Algorithm: sha256WithRSAEncryption 85:31:60:06:74:0d:b7:16:ff:ad:6c:28:3a:bc:4e:b8:32:a5: bc:51:45:cc:06:35:c3:85:c0:35:a9:d5:5b:46:5d:97:92:bb: b7:29:4e:74:11:c4:f7:2c:1b:50:b9:e2:2c:03:6c:9c:3e:99: 2c:70:d7:9d:ab:cb:73:07:61:be:0c:b3:a1:a5:c3:7d:e9:eb: fa:ae:e9:3e:21:21:f1:3c:86:63:bf:06:e8:aa:d4:96:9d:c1: 7e:68:4c:2c:4f:55:79:02:ad:5b:33:8c:b1:d5:14:a3:80:4b: 2e:35:bd:e0:5c:bc:9e:dc:af:5c:20:27:f2:12:f6:f0:86:1d: 8a:7b:04:86:65:82:34:98:da:b5:52:24:64:47:c6:db:32:a9: 0a:8f:97:4d:df:a1:02:d9:be:3a:4e:bd:68:97:b8:b1:86:a3: cf:12:62:ad:85:04:9a:16:de:64:19:c9:c6:db:15:48:7f:a8: 7e:32:c1:f2:ed:98:76:99:56:25:cf:3d:ad:9d:d3:0e:d4:95: ae:48:69:ab:e8:ed:65:28:b8:9e:86:0a:23:7e:d8:33:22:c1: 12:8a:4e:a3:fb:bf:29:b6:f6:b1:4e:ce:7a:44:f3:4f:92:4f: 6b:fa:cb:8c:d9:83:d3:cd:be:e2:39:3b:29:93:34:6b:55:33: df:0f:4c:ee -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFKwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA3MzAw MjQ3NTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDRCNjA0MEZDRDIzQkRD MTZENjM0RjA1NzE5NkZCRkQ4NjY2OUYyMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDjDXqH8pPTnCLukje56rldWcpWzulszQL51QIFDgKpFsd3jTz6 wSJMDqxJN35Y3RnqSMeyfBHqf7Q2uEzuo5Dq7HWPDz7WmXNju6n0gXdZl92Q6RYk 6HsG9cD8YQvujPAH0hu9adJ324y76rp49m+iCHuQSl6fZy2E3TVK99USxtjYHE2W Gzg+UHLMfFVQ+dznF5H06OLUuVEW7FGZ/pNIqTa2/NzcrWfaqj3BDmzcmaNNUdri BfCkC692TKXck/FzHFjVFJnp9FZZmEGAvFwTaEP+Z5eOIg9ELolvs78TWd9AK9nk k2fP+Qbzpwsu/Mr1gpnUgPBpAs3t0sWblD61AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUS2BA/NI73BbWNPBXGW+/2GZp8ggwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvUzJCQV9OSTczQmJX TlBCWEdXLV8yR1pwOGdnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWX1CDANBgkqhkiG9w0BAQsFAAOCAQEAhTFgBnQNtxb/rWwoOrxOuDKlvFFF zAY1w4XANanVW0Zdl5K7tylOdBHE9ywbULniLANsnD6ZLHDXnavLcwdhvgyzoaXD fenr+q7pPiEh8TyGY78G6KrUlp3BfmhMLE9VeQKtWzOMsdUUo4BLLjW94Fy8ntyv XCAn8hL28IYdinsEhmWCNJjatVIkZEfG2zKpCo+XTd+hAtm+Ok69aJe4sYajzxJi rYUEmhbeZBnJxtsVSH+ofjLB8u2YdplWJc89rZ3TDtSVrkhpq+jtZSi4noYKI37Y MyLBEopOo/u/Kbb2sU7OekTzT5JPa/rLjNmD082+4jk7KZM0a1Uz3w9M7g== -----END CERTIFICATE-----Generated at Sun Aug 24 09:04:57 2025 by rpki-client