$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/LmRdUOLN-kjeUWjiT9F0EbJPC80.roa File: LmRdUOLN-kjeUWjiT9F0EbJPC80.roa (raw, json) Hash identifier: oUXbwldc730/5lcW1WgbTEDpHpsHjpaUMG8RszcfG/A= Subject key identifier: 2E:64:5D:50:E2:CD:FA:48:DE:51:68:E2:4F:D1:74:11:B2:4F:0B:CD Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21C8 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/LmRdUOLN-kjeUWjiT9F0EbJPC80.roa Signing time: Sat 13 Sep 2025 03:08:59 +0000 ROA not before: Sat 13 Sep 2025 03:08:59 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4811 IP address blocks: 14.103.104.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8648 (0x21c8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:08:59 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2E645D50E2CDFA48DE5168E24FD17411B24F0BCD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:ee:91:8e:16:cf:4e:6e:e3:99:a0:33:74:16: 54:fb:51:f1:d2:dc:8e:d0:55:38:64:72:39:fc:13: 75:2f:87:f3:39:9d:9d:9f:c9:78:a2:db:3b:ec:5a: 0d:65:d1:42:5d:ab:62:b2:a3:bf:77:8d:b9:1b:85: e7:ee:60:72:a0:33:6b:e6:12:29:2f:f7:6f:65:f5: 61:f2:aa:8a:12:27:e7:24:48:19:e4:cd:3d:76:1b: 81:62:84:0d:3c:73:c3:33:b5:9b:fb:b7:ff:44:47: 79:a9:91:c1:f0:30:62:33:02:8d:97:d2:7a:f1:e9: 54:5f:53:4c:87:21:1a:58:37:4c:2d:91:e7:c3:12: 6a:e6:21:b3:47:b1:cd:f7:1b:33:bc:41:73:da:d8: 2b:38:07:0d:25:26:50:be:72:0a:44:e3:f9:b3:fe: e8:7f:87:35:65:59:f7:a7:4c:86:70:3a:c2:83:10: 9b:31:84:f0:c7:60:a5:7d:bc:bb:93:84:4f:69:32: 1b:cb:0a:78:31:73:9e:db:58:62:77:6d:fa:33:74: eb:56:52:df:b2:2e:3e:a1:f4:52:e5:e4:ce:55:e2: 0d:b3:e7:51:61:01:b8:fd:a2:d1:44:4f:d8:65:5c: 50:48:bc:90:b5:19:54:ee:17:43:ef:3f:1e:02:94: fe:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:64:5D:50:E2:CD:FA:48:DE:51:68:E2:4F:D1:74:11:B2:4F:0B:CD X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/LmRdUOLN-kjeUWjiT9F0EbJPC80.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 14.103.104.0/21 Signature Algorithm: sha256WithRSAEncryption 51:83:01:f5:09:de:98:59:8a:67:26:05:d1:a4:1e:cc:bc:4c: 59:04:a1:3b:88:b8:bc:d3:5e:c4:55:08:60:7c:b9:e0:a3:d2: ce:0e:51:09:21:fa:9d:fa:c5:c9:28:a7:aa:4d:a8:91:45:74: cc:9e:68:81:9a:2a:4d:ea:ec:7e:db:f6:da:c5:99:9b:22:d3: a4:1a:69:f3:79:7d:93:0e:db:07:0b:7c:b5:0a:52:dd:ba:f8: d6:e2:7d:d5:e2:fd:24:f3:ea:e0:4c:7e:cb:43:6d:25:d2:80: 0d:6b:40:2a:9e:8d:bf:73:a9:d6:73:77:c0:aa:94:7b:3f:13: df:df:0d:b0:e9:83:92:bb:25:fc:4c:fb:1e:74:77:09:ea:15: ca:a1:63:36:81:20:48:b0:ef:96:55:59:aa:45:18:b7:2d:af: f0:3f:ee:67:56:8c:0f:18:e9:78:fa:e9:10:aa:b4:e4:68:1f: ab:ed:ad:77:a8:88:21:d0:67:dc:67:6e:8b:78:ea:b0:ca:ef: ec:5b:1a:73:35:08:6f:5c:8e:f3:b1:1b:9f:8f:c7:16:d6:bf: 81:c1:99:2c:ef:c0:b6:6e:e0:93:74:6a:74:b1:a5:db:d0:b6: 11:2a:2c:f2:35:ff:70:a9:47:0d:e1:77:dd:0d:3b:ea:06:04: 8d:f9:93:5f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIcgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA4NTlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDJFNjQ1RDUwRTJDREZB NDhERTUxNjhFMjRGRDE3NDExQjI0RjBCQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDB7pGOFs9ObuOZoDN0FlT7UfHS3I7QVThkcjn8E3Uvh/M5nZ2f yXii2zvsWg1l0UJdq2Kyo793jbkbhefuYHKgM2vmEikv929l9WHyqooSJ+ckSBnk zT12G4FihA08c8MztZv7t/9ER3mpkcHwMGIzAo2X0nrx6VRfU0yHIRpYN0wtkefD EmrmIbNHsc33GzO8QXPa2Cs4Bw0lJlC+cgpE4/mz/uh/hzVlWfenTIZwOsKDEJsx hPDHYKV9vLuThE9pMhvLCngxc57bWGJ3bfozdOtWUt+yLj6h9FLl5M5V4g2z51Fh Abj9otFET9hlXFBIvJC1GVTuF0PvPx4ClP6LAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQULmRdUOLN+kjeUWjiT9F0EbJPC80wHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvTG1SZFVPTE4ta2pl VVdqaVQ5RjBFYkpQQzgwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAw5naDANBgkqhkiG9w0BAQsFAAOCAQEAUYMB9QnemFmKZyYF0aQezLxMWQSh O4i4vNNexFUIYHy54KPSzg5RCSH6nfrFySinqk2okUV0zJ5ogZoqTersftv22sWZ myLTpBpp83l9kw7bBwt8tQpS3br41uJ91eL9JPPq4Ex+y0NtJdKADWtAKp6Nv3Op 1nN3wKqUez8T398NsOmDkrsl/Ez7HnR3CeoVyqFjNoEgSLDvllVZqkUYty2v8D/u Z1aMDxjpePrpEKq05Ggfq+2td6iIIdBn3Gdui3jqsMrv7FsaczUIb1yO87Ebn4/H Fta/gcGZLO/Atm7gk3RqdLGl29C2ESos8jX/cKlHDeF33Q076gYEjfmTXw== -----END CERTIFICATE-----Generated at Mon Oct 20 16:22:26 2025 by rpki-client