$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/2hndVDKZblihMjbWZsVvJWRWUqA.roa File: 2hndVDKZblihMjbWZsVvJWRWUqA.roa (raw, json) Hash identifier: ftSv2R/5xM6Q8Rut3Yim1BtFZfF5axYFZtSp7+GfctI= Subject key identifier: DA:19:DD:54:32:99:6E:58:A1:32:36:D6:66:C5:6F:25:64:56:52:A0 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A73 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/2hndVDKZblihMjbWZsVvJWRWUqA.roa Signing time: Sat 13 Sep 2025 03:07:16 +0000 ROA not before: Sat 13 Sep 2025 03:07:16 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 18811 IP address blocks: 180.223.120.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 04:06:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6771 (0x1a73) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:16 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=DA19DD5432996E58A13236D666C56F25645652A0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:d7:27:a7:5b:30:1e:ff:66:38:94:ad:f1:f2: 0d:f5:b2:62:7d:6a:bb:d1:21:a5:c1:d4:93:26:16: 6b:f5:c2:f3:76:2c:34:98:4f:d8:fc:ce:b2:ee:53: a4:7f:94:0f:ad:b2:ba:8d:4c:61:6b:07:00:6d:1b: 52:a0:59:51:c4:56:4c:8d:ba:20:dd:6c:06:67:ff: f7:13:c1:ec:db:ee:ab:77:8f:31:48:b5:cf:e4:88: 20:06:84:b9:61:25:e1:24:33:c4:a3:83:8d:e7:ee: ec:60:5b:f2:94:53:89:b6:a6:1b:bd:ab:f5:92:5f: a8:03:0e:20:4e:9c:cc:1f:2f:02:72:8a:87:a8:9d: db:10:3e:32:25:ec:4b:b0:8b:53:88:df:82:d7:68: 72:33:1a:fd:1d:0a:3f:46:0b:af:39:2d:d5:b2:38: d2:a7:c9:b4:6a:cf:30:ea:d5:73:06:01:ca:26:2a: 5f:b8:24:57:30:d1:99:4f:c5:e6:5f:37:3c:2b:3c: ab:d2:af:ec:e5:df:c5:b6:ba:37:85:6d:d5:0c:d6: b4:57:42:59:83:f1:92:ce:99:aa:2a:75:36:29:23: 4d:fc:75:76:7c:ce:65:61:c5:08:c8:04:92:8a:25: 72:52:f0:f6:d7:1a:0a:c2:bc:bc:d1:91:f7:1c:75: 6b:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:19:DD:54:32:99:6E:58:A1:32:36:D6:66:C5:6F:25:64:56:52:A0 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/2hndVDKZblihMjbWZsVvJWRWUqA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.120.0/22 Signature Algorithm: sha256WithRSAEncryption 58:eb:88:58:43:b4:7f:e5:74:64:31:39:a5:eb:85:97:c7:f4: 4f:3e:34:c8:2e:26:bd:13:b9:69:eb:46:1e:fa:ba:9c:87:54: 58:18:d0:39:89:d9:b0:a3:e4:9c:34:8f:b4:f1:93:0f:27:e5: bf:7d:f2:31:34:43:76:f7:a1:c1:75:68:7e:76:fb:3a:dc:8f: 84:c5:ed:7a:ef:11:f3:49:77:7b:2d:7c:c6:91:71:30:53:31: b0:87:bc:8c:1f:be:12:9f:b9:af:fd:1b:6b:1d:e2:10:62:01: 40:d9:1b:b5:10:79:32:2c:ad:7f:82:6c:dc:6f:68:61:2e:8b: 4f:c4:e5:26:c3:8d:03:d4:d6:ca:0e:16:92:1b:7c:fc:4b:d1: d6:33:ee:a9:c6:a9:ce:06:9d:a6:77:df:35:ea:34:8f:81:d3: 61:53:2d:95:83:fd:da:36:e7:ad:73:15:98:aa:68:c2:78:83: fa:8f:af:04:de:14:6b:df:68:e4:45:78:5e:cf:30:75:5d:26: 11:62:57:85:f6:86:a5:fb:81:b5:60:99:6a:0e:87:28:52:27: 3d:da:ab:ad:f8:56:8b:7b:73:99:5b:46:83:0b:b7:bf:ea:5e: cd:36:63:5d:03:37:cb:03:17:6f:6d:5b:63:fa:0f:12:c7:7c: 26:b7:50:7c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGnMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MTZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKERBMTlERDU0MzI5OTZF NThBMTMyMzZENjY2QzU2RjI1NjQ1NjUyQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJ1yenWzAe/2Y4lK3x8g31smJ9arvRIaXB1JMmFmv1wvN2LDSY T9j8zrLuU6R/lA+tsrqNTGFrBwBtG1KgWVHEVkyNuiDdbAZn//cTwezb7qt3jzFI tc/kiCAGhLlhJeEkM8Sjg43n7uxgW/KUU4m2phu9q/WSX6gDDiBOnMwfLwJyioeo ndsQPjIl7Euwi1OI34LXaHIzGv0dCj9GC685LdWyONKnybRqzzDq1XMGAcomKl+4 JFcw0ZlPxeZfNzwrPKvSr+zl38W2ujeFbdUM1rRXQlmD8ZLOmaoqdTYpI038dXZ8 zmVhxQjIBJKKJXJS8PbXGgrCvLzRkfccdWulAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU2hndVDKZblihMjbWZsVvJWRWUqAwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvMmhuZFZES1pibGlo TWpiV1pzVnZKV1JXVXFBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArTfeDANBgkqhkiG9w0BAQsFAAOCAQEAWOuIWEO0f+V0ZDE5peuFl8f0Tz40 yC4mvRO5aetGHvq6nIdUWBjQOYnZsKPknDSPtPGTDyflv33yMTRDdvehwXVofnb7 OtyPhMXteu8R80l3ey18xpFxMFMxsIe8jB++Ep+5r/0bax3iEGIBQNkbtRB5Miyt f4Js3G9oYS6LT8TlJsONA9TWyg4Wkht8/EvR1jPuqcapzgadpnffNeo0j4HTYVMt lYP92jbnrXMVmKpowniD+o+vBN4Ua99o5EV4Xs8wdV0mEWJXhfaGpfuBtWCZag6H KFInPdqrrfhWi3tzmVtGgwu3v+pezTZjXQM3ywMXb21bY/oPEsd8JrdQfA== -----END CERTIFICATE-----Generated at Mon Oct 20 00:04:36 2025 by rpki-client