$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/bipVMlegpL4wnZeB6H0XoKoHThw.roa File: bipVMlegpL4wnZeB6H0XoKoHThw.roa (raw, json) Hash identifier: tON08ZAzlBLqlYrdb+c6Prs7wRx2umQ8M1EgqgrLPyU= Subject key identifier: 6E:2A:55:32:57:A0:A4:BE:30:9D:97:81:E8:7D:17:A0:AA:07:4E:1C Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 158F Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/bipVMlegpL4wnZeB6H0XoKoHThw.roa Signing time: Sat 13 Sep 2025 03:06:36 +0000 ROA not before: Sat 13 Sep 2025 03:06:36 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55990 IP address blocks: 1.92.160.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5519 (0x158f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Sep 13 03:06:36 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=6E2A553257A0A4BE309D9781E87D17A0AA074E1C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:24:1f:34:41:ec:8c:db:44:5a:7e:89:fd:b6: 45:97:7b:3a:00:cb:9b:de:68:55:63:0f:66:34:b4: 53:d7:a4:e2:8f:6f:b9:7f:3c:50:40:b5:aa:35:1e: 89:2e:70:6e:a7:34:af:ad:c8:c9:7a:95:c3:29:6b: 10:23:7d:31:39:4f:43:da:ba:a6:9c:24:6a:b8:f0: 28:24:84:2d:5b:05:7a:15:73:f5:70:7b:35:fc:f2: 3e:51:51:4e:1d:4b:d1:ce:a0:fb:8a:2f:b4:f7:6e: 09:74:63:fe:7c:7b:3e:7e:5b:65:bc:6e:85:f3:7e: 5b:5a:cc:fb:d6:ef:5b:41:e4:57:60:5e:6f:0c:30: fb:dc:5c:58:12:a1:af:48:08:87:90:ac:4a:4d:34: 71:dd:8b:fe:9f:66:c4:c4:ba:19:56:06:24:1f:7d: 23:0f:45:bf:e4:08:4f:8b:d3:13:26:39:dd:f6:c6: b2:e3:dc:fc:ab:74:5d:28:98:78:25:ce:bb:fd:e9: 89:51:f6:37:3d:75:f0:f9:3d:e8:73:64:61:58:4a: ee:bb:06:c3:87:42:5c:e2:1a:95:a2:62:95:f3:cb: c8:d7:31:f2:9a:dd:a5:a3:4f:4e:da:2f:e7:ad:58: 84:61:8f:3b:84:b7:82:0f:bf:c6:98:bd:77:17:5b: 9d:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:2A:55:32:57:A0:A4:BE:30:9D:97:81:E8:7D:17:A0:AA:07:4E:1C X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/bipVMlegpL4wnZeB6H0XoKoHThw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 1.92.160.0/19 Signature Algorithm: sha256WithRSAEncryption 2d:48:6f:60:05:0a:bf:5e:42:b8:a3:de:90:52:00:d0:6a:48: 22:c5:fb:3c:a4:c5:c2:68:b2:c4:b8:2d:d1:2d:e4:d8:cf:b4: 69:2a:b9:3d:58:2b:11:d7:44:ec:5f:6b:62:e9:22:9e:05:b8: 72:1e:5e:78:4e:e6:83:e5:fd:44:b5:f8:d7:a2:b4:0e:6f:8c: 79:f9:9d:6e:37:50:7d:55:93:6f:cc:60:e8:bb:e2:66:94:06: 58:9b:24:61:b7:c2:cd:37:f3:97:f4:8f:67:13:74:99:3d:08: c9:f6:42:fd:5d:1c:8a:eb:ae:fe:9c:f0:6c:70:df:f7:75:b7: a9:e0:9d:d7:50:db:8d:7b:f6:f7:7d:ec:7b:d3:68:fe:b3:b3: f9:40:5e:c7:2a:6f:8a:cc:ae:a2:a0:84:da:50:a2:21:ef:c7: 00:1f:87:fd:81:92:b5:5c:25:82:9c:6d:37:57:cd:9b:63:f4: 40:ad:b9:b8:53:0c:3f:bf:c2:1e:70:da:2f:10:f2:b0:c2:d7: 2b:7e:f6:46:cf:60:30:01:47:df:69:f3:8d:34:28:fe:f8:71: 98:ba:00:8e:79:a6:a2:b8:6a:e2:6b:fa:e9:f3:51:86:d6:12: 99:86:74:30:8c:c6:36:90:6d:dc:b7:48:a8:7e:a7:f4:8f:85: a3:37:d5:fb -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFY8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA5MTMw MzA2MzZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDZFMkE1NTMyNTdBMEE0 QkUzMDlEOTc4MUU4N0QxN0EwQUEwNzRFMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCkJB80QeyM20Rafon9tkWXezoAy5veaFVjD2Y0tFPXpOKPb7l/ PFBAtao1HokucG6nNK+tyMl6lcMpaxAjfTE5T0PauqacJGq48CgkhC1bBXoVc/Vw ezX88j5RUU4dS9HOoPuKL7T3bgl0Y/58ez5+W2W8boXzfltazPvW71tB5FdgXm8M MPvcXFgSoa9ICIeQrEpNNHHdi/6fZsTEuhlWBiQffSMPRb/kCE+L0xMmOd32xrLj 3PyrdF0omHglzrv96YlR9jc9dfD5PehzZGFYSu67BsOHQlziGpWiYpXzy8jXMfKa 3aWjT07aL+etWIRhjzuEt4IPv8aYvXcXW50BAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUbipVMlegpL4wnZeB6H0XoKoHThwwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvYmlwVk1sZWdwTDR3 blplQjZIMFhvS29IVGh3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBQFcoDANBgkqhkiG9w0BAQsFAAOCAQEALUhvYAUKv15CuKPekFIA0GpIIsX7 PKTFwmiyxLgt0S3k2M+0aSq5PVgrEddE7F9rYukingW4ch5eeE7mg+X9RLX416K0 Dm+MefmdbjdQfVWTb8xg6LviZpQGWJskYbfCzTfzl/SPZxN0mT0IyfZC/V0ciuuu /pzwbHDf93W3qeCd11DbjXv2933se9No/rOz+UBexypvisyuoqCE2lCiIe/HAB+H /YGStVwlgpxtN1fNm2P0QK25uFMMP7/CHnDaLxDysMLXK372Rs9gMAFH32nzjTQo /vhxmLoAjnmmorhq4mv66fNRhtYSmYZ0MIzGNpBt3LdIqH6n9I+FozfV+w== -----END CERTIFICATE-----Generated at Mon Oct 20 19:21:13 2025 by rpki-client