$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/A4SZZryhF5OHGsnBLLchAntSlhY.roa File: A4SZZryhF5OHGsnBLLchAntSlhY.roa (raw, json) Hash identifier: gTH1sdrsWaRaeaQ1EDd11evk2sXNkynI5kYWwMEZ3Nk= Subject key identifier: 03:84:99:66:BC:A1:17:93:87:1A:C9:C1:2C:B7:21:02:7B:52:96:16 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A63 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/A4SZZryhF5OHGsnBLLchAntSlhY.roa Signing time: Sat 13 Sep 2025 03:07:13 +0000 ROA not before: Sat 13 Sep 2025 03:07:13 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 18811 IP address blocks: 180.223.232.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 04:06:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6755 (0x1a63) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:13 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=03849966BCA11793871AC9C12CB721027B529616 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:48:1e:b0:27:8b:a7:c2:45:ab:45:d0:43:40: 62:b1:fe:7c:78:ef:2f:e8:00:7d:a6:76:54:65:55: 88:ac:bf:80:7e:4c:f8:d8:da:d6:ad:af:c4:d9:76: 00:d5:ef:3f:5e:78:17:c7:7f:d1:2d:91:dc:21:c2: 9a:5a:6f:ed:71:83:32:70:0a:69:d8:92:a5:e9:80: 2c:54:62:d2:1f:53:c2:4c:5e:c4:f1:5b:18:c6:6a: 7a:94:f8:97:5d:1c:b2:fd:fc:5a:83:20:52:c4:c6: 4f:c4:54:9e:84:f7:c2:cc:5d:25:01:30:f5:07:d9: e7:d3:8c:0b:8e:bf:f4:32:3e:6d:6e:3c:29:84:d7: af:35:dd:71:a4:bc:f7:f8:7f:e6:cc:c0:4c:1c:52: 4d:cf:32:ba:24:ee:3a:2e:f6:6e:c2:0d:ae:69:66: 66:0d:df:ad:14:bf:40:5c:be:5f:eb:fc:42:9a:fb: af:fb:b4:c3:bc:f5:34:20:0f:b9:62:cc:34:fb:fc: b1:cc:9d:b5:3e:94:0f:4e:8f:f9:cf:cd:1b:7a:c1: ab:26:6a:d3:55:d7:a3:3c:28:c0:48:0b:61:4a:4f: b1:cc:86:20:50:fc:03:df:83:3b:c4:48:93:67:9e: 91:b8:44:1f:63:90:09:6e:c7:0a:b2:3d:37:49:fa: c4:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:84:99:66:BC:A1:17:93:87:1A:C9:C1:2C:B7:21:02:7B:52:96:16 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/A4SZZryhF5OHGsnBLLchAntSlhY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.232.0/21 Signature Algorithm: sha256WithRSAEncryption 1b:ce:0b:a5:4e:d6:ff:38:bc:90:62:10:35:db:40:45:e3:46: cf:4a:6f:fb:b3:8b:21:8b:5e:4e:e9:1c:10:ab:3f:20:c4:ba: 8a:81:00:dc:9d:39:6a:88:8b:03:fe:a2:34:71:bb:d2:f6:a5: c9:27:f1:ec:a1:a3:6c:5a:50:dd:ec:16:24:6a:ca:8d:01:c4: c3:aa:fd:91:c9:e0:97:f6:6d:bd:77:8b:57:44:40:f9:01:74: 26:bd:d3:9d:a1:57:23:97:4b:87:25:13:ba:47:1e:61:d6:48: 11:0b:f3:3f:87:69:0d:f3:8b:9a:ab:15:f0:0f:8b:7f:cb:3a: f7:ee:21:0a:23:12:30:3d:7b:05:79:fc:bb:28:53:77:b5:30: 15:da:3a:25:d3:b5:c6:6a:0d:f2:d3:06:40:ef:16:75:55:2e: 3f:9c:a3:ad:aa:51:e5:2e:21:e0:6f:8d:83:d2:04:b1:e1:7e: db:e1:b2:70:4c:67:18:e4:44:a0:0b:84:58:5e:25:f3:e5:4e: 9f:2e:19:18:7d:7f:60:bf:28:8f:97:70:5f:6e:1e:a0:58:e7: dd:f5:9d:48:7d:2e:75:84:07:79:54:84:5f:23:30:ad:62:d9: e6:7a:11:f5:15:b6:c4:e4:ab:b7:ab:e7:f2:20:6f:60:d1:0b: ce:23:ca:f6 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGmMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MTNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDAzODQ5OTY2QkNBMTE3 OTM4NzFBQzlDMTJDQjcyMTAyN0I1Mjk2MTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDzSB6wJ4unwkWrRdBDQGKx/nx47y/oAH2mdlRlVYisv4B+TPjY 2tatr8TZdgDV7z9eeBfHf9Etkdwhwppab+1xgzJwCmnYkqXpgCxUYtIfU8JMXsTx WxjGanqU+JddHLL9/FqDIFLExk/EVJ6E98LMXSUBMPUH2efTjAuOv/QyPm1uPCmE 16813XGkvPf4f+bMwEwcUk3PMrok7jou9m7CDa5pZmYN360Uv0Bcvl/r/EKa+6/7 tMO89TQgD7lizDT7/LHMnbU+lA9Oj/nPzRt6wasmatNV16M8KMBIC2FKT7HMhiBQ /APfgzvESJNnnpG4RB9jkAluxwqyPTdJ+sQbAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUA4SZZryhF5OHGsnBLLchAntSlhYwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvQTRTWlpyeWhGNU9I R3NuQkxMY2hBbnRTbGhZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7Tf6DANBgkqhkiG9w0BAQsFAAOCAQEAG84LpU7W/zi8kGIQNdtAReNGz0pv +7OLIYteTukcEKs/IMS6ioEA3J05aoiLA/6iNHG70valySfx7KGjbFpQ3ewWJGrK jQHEw6r9kcngl/ZtvXeLV0RA+QF0Jr3TnaFXI5dLhyUTukceYdZIEQvzP4dpDfOL mqsV8A+Lf8s69+4hCiMSMD17BXn8uyhTd7UwFdo6JdO1xmoN8tMGQO8WdVUuP5yj rapR5S4h4G+Ng9IEseF+2+GycExnGOREoAuEWF4l8+VOny4ZGH1/YL8oj5dwX24e oFjn3fWdSH0udYQHeVSEXyMwrWLZ5noR9RW2xOSrt6vn8iBvYNELziPK9g== -----END CERTIFICATE-----Generated at Mon Oct 20 00:04:29 2025 by rpki-client