$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/LzhrLvnoJW0aGCrr2pMpxADC_tM.roa File: LzhrLvnoJW0aGCrr2pMpxADC_tM.roa (raw, json) Hash identifier: rCCsyq7KuWJYrpkviTjmCGtIJdrguYLWsVXmHDwFo2s= Subject key identifier: 2F:38:6B:2E:F9:E8:25:6D:1A:18:2A:EB:DA:93:29:C4:00:C2:FE:D3 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 21EA Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/LzhrLvnoJW0aGCrr2pMpxADC_tM.roa Signing time: Sat 13 Sep 2025 03:09:06 +0000 ROA not before: Sat 13 Sep 2025 03:09:06 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4811 IP address blocks: 14.103.80.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8682 (0x21ea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Sep 13 03:09:06 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2F386B2EF9E8256D1A182AEBDA9329C400C2FED3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:37:79:4a:34:e5:d6:9b:67:3f:b9:5d:99:34: b0:22:e1:0e:7b:00:a1:da:ff:ce:de:d4:30:e4:46: e0:02:95:b0:6d:64:a9:59:87:fa:13:51:9d:50:90: 57:e6:23:17:92:e4:d1:4d:bb:a5:23:06:b0:4c:c3: ba:57:30:fb:c9:89:13:ee:d0:29:88:31:46:a1:df: 21:c5:e0:ab:3c:b5:fa:a4:1d:5e:60:dd:6e:5c:74: c5:87:74:07:6e:92:3a:b8:28:76:8e:c6:44:be:94: 55:89:ce:96:c6:e2:e3:df:9c:3e:1b:1b:e2:c3:01: aa:57:df:99:60:b8:8c:ab:c3:d5:3e:34:5c:de:d7: c2:df:d9:b5:01:91:86:b1:a3:f2:c5:57:50:6a:4d: 32:7c:bd:6b:ce:68:96:0b:15:b1:78:cf:f3:d9:d6: c9:b1:ca:59:e0:43:a5:b6:ae:d8:64:d3:51:e6:39: 68:75:fb:6d:9a:06:08:6e:13:05:e9:8f:ec:65:52: 5c:9f:0c:d6:5b:43:05:9c:21:05:e2:c4:6b:ae:24: 4d:87:ee:75:a3:0c:8a:5b:25:4b:9d:a5:94:a0:54: 50:7c:c7:b5:5c:cb:2c:da:08:1e:b1:80:60:83:f1: 41:8b:af:bf:fc:ec:92:7d:a2:8c:39:ba:33:f5:67: 5c:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:38:6B:2E:F9:E8:25:6D:1A:18:2A:EB:DA:93:29:C4:00:C2:FE:D3 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/LzhrLvnoJW0aGCrr2pMpxADC_tM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 14.103.80.0/21 Signature Algorithm: sha256WithRSAEncryption 20:15:f1:65:0c:9a:29:31:c7:99:a6:33:58:ab:e5:0b:8c:8e: 43:88:79:bd:91:1b:bf:a1:e2:e2:ef:39:51:72:f6:48:42:d8: cb:8f:c9:65:0f:f5:8b:b7:56:82:e4:13:11:9a:cc:1e:01:cf: ce:9a:1b:a3:90:f9:70:ef:98:11:d0:d7:13:39:2d:5d:78:4a: e0:5e:8c:72:b6:d0:37:f6:ca:a1:25:9a:b2:6f:e3:20:ca:fc: 35:ff:ad:42:1c:90:a7:91:0d:8b:e1:bf:25:cc:f9:f7:88:b0: ec:76:2a:ca:d5:0b:99:c4:8b:05:d6:a3:50:3f:d3:19:e8:76: b4:57:41:7e:13:00:08:34:fa:28:e1:f0:4a:62:01:8d:3d:8d: 04:4f:ec:36:79:3c:07:b5:81:9c:89:33:60:0e:81:10:fc:5e: 38:02:1d:dc:12:27:fd:f6:92:19:40:ca:21:25:b7:64:5b:d1: 1c:0e:43:fe:4e:69:af:ed:4a:96:88:1f:66:71:2f:e6:df:38: 61:c5:30:58:7d:62:37:ca:0c:e7:67:f1:6b:19:f0:0c:48:e9: 72:cb:74:86:f5:7e:b6:00:cb:1e:44:ce:d1:59:f8:c9:a4:9c: de:dc:88:b5:8f:15:40:a2:cc:88:4d:83:cf:ee:f9:c5:ef:62: cd:b5:f7:f6 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIeowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTA5MTMw MzA5MDZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDJGMzg2QjJFRjlFODI1 NkQxQTE4MkFFQkRBOTMyOUM0MDBDMkZFRDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCN3lKNOXWm2c/uV2ZNLAi4Q57AKHa/87e1DDkRuAClbBtZKlZ h/oTUZ1QkFfmIxeS5NFNu6UjBrBMw7pXMPvJiRPu0CmIMUah3yHF4Ks8tfqkHV5g 3W5cdMWHdAdukjq4KHaOxkS+lFWJzpbG4uPfnD4bG+LDAapX35lguIyrw9U+NFze 18Lf2bUBkYaxo/LFV1BqTTJ8vWvOaJYLFbF4z/PZ1smxylngQ6W2rthk01HmOWh1 +22aBghuEwXpj+xlUlyfDNZbQwWcIQXixGuuJE2H7nWjDIpbJUudpZSgVFB8x7Vc yyzaCB6xgGCD8UGLr7/87JJ9oow5ujP1Z1xtAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQULzhrLvnoJW0aGCrr2pMpxADC/tMwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvTHpockx2bm9KVzBh R0NycjJwTXB4QURDX3RNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAw5nUDANBgkqhkiG9w0BAQsFAAOCAQEAIBXxZQyaKTHHmaYzWKvlC4yOQ4h5 vZEbv6Hi4u85UXL2SELYy4/JZQ/1i7dWguQTEZrMHgHPzpobo5D5cO+YEdDXEzkt XXhK4F6McrbQN/bKoSWasm/jIMr8Nf+tQhyQp5ENi+G/Jcz594iw7HYqytULmcSL BdajUD/TGeh2tFdBfhMACDT6KOHwSmIBjT2NBE/sNnk8B7WBnIkzYA6BEPxeOAId 3BIn/faSGUDKISW3ZFvRHA5D/k5pr+1KlogfZnEv5t84YcUwWH1iN8oM52fxaxnw DEjpcst0hvV+tgDLHkTO0Vn4yaSc3tyItY8VQKLMiE2Dz+75xe9izbX39g== -----END CERTIFICATE-----Generated at Mon Oct 20 16:22:28 2025 by rpki-client