$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/MfDL02PJIjt94MH9NqfNO1xhS6g.roa File: MfDL02PJIjt94MH9NqfNO1xhS6g.roa (raw, json) Hash identifier: PALCwLd66g82mkEhBN5eGvACAwYFtkfFN2mr/5uoLEQ= Subject key identifier: 31:F0:CB:D3:63:C9:22:3B:7D:E0:C1:FD:36:A7:CD:3B:5C:61:4B:A8 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A92 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/MfDL02PJIjt94MH9NqfNO1xhS6g.roa Signing time: Sat 13 Sep 2025 03:07:22 +0000 ROA not before: Sat 13 Sep 2025 03:07:22 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4766 IP address blocks: 180.223.232.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Oct 2025 23:36:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6802 (0x1a92) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:22 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=31F0CBD363C9223B7DE0C1FD36A7CD3B5C614BA8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:74:ef:60:17:48:80:57:90:cb:22:cf:f7:a1: 99:31:48:5d:d0:de:f2:09:c0:da:0c:24:99:93:0c: 9f:ec:bd:ff:9a:10:4f:8e:84:15:0d:d5:71:fb:01: 7b:0e:a9:28:8c:81:13:a5:43:db:76:7f:02:22:32: f1:a1:7f:2f:39:af:f3:be:b4:72:de:6a:95:6f:d9: 73:fd:f7:d1:6a:16:52:24:f1:2c:3c:51:8f:32:fb: 4d:9b:b6:52:ef:3c:19:d6:25:9f:13:37:23:2c:0e: b5:de:d3:e3:59:cc:5e:d0:1c:78:eb:bf:94:8a:59: 3f:d8:ab:eb:85:28:11:81:d0:2d:4b:8f:a8:79:bc: 0e:a7:15:b5:0d:89:06:fe:7a:9c:b0:cf:ce:32:37: e2:4d:67:1c:62:23:f4:84:dc:e5:38:94:32:09:d2: db:4b:92:09:76:ca:71:1b:e0:82:c2:ee:19:d1:62: 0f:12:7e:48:fb:8e:21:34:a9:84:f1:1c:73:ac:d0: 74:81:2c:c3:f5:58:63:4a:6c:ae:83:2d:1a:b7:dd: 57:d1:b6:41:7d:a4:ea:e7:01:a9:d4:61:d7:ae:81: 78:c7:f1:d4:68:61:4f:f7:27:69:53:53:9c:d8:c1: 3b:eb:ac:d6:3a:63:a6:49:9e:64:95:d4:81:0c:5b: 82:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:F0:CB:D3:63:C9:22:3B:7D:E0:C1:FD:36:A7:CD:3B:5C:61:4B:A8 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/MfDL02PJIjt94MH9NqfNO1xhS6g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.232.0/21 Signature Algorithm: sha256WithRSAEncryption 2a:3c:a4:92:a1:d2:bd:3c:6b:57:50:85:50:50:bc:27:4f:aa: b2:06:c4:38:65:93:ec:df:e1:a3:b2:8c:3e:f1:89:9a:6c:b7: 7d:99:22:21:0a:1e:25:de:5a:e7:a6:0d:28:dd:05:55:b4:8d: 73:95:2d:1a:e6:71:47:12:d2:68:d8:77:06:c0:81:ef:24:d4: 58:cf:fd:e6:4f:d7:06:8f:9d:36:17:75:c3:0c:32:66:e1:6b: ef:58:1d:15:cc:00:d8:c5:49:9f:6a:f4:e8:20:00:cb:ea:55: ae:5e:b2:f9:ba:98:c0:45:8c:31:da:c5:73:4f:4c:36:9a:61: b6:c5:3c:23:62:ec:4a:d2:a9:8f:a6:6c:7a:fd:da:ff:cc:71: 2b:b9:7f:f7:5e:8c:70:58:21:8e:f8:3e:7f:2c:57:98:29:ca: 76:3c:12:f3:63:f7:04:64:57:04:4c:55:d2:b3:fb:0c:9f:3d: ab:8f:6f:09:87:c0:25:93:13:b3:55:0b:a2:b4:14:45:77:2b: 94:7e:8f:f9:8a:63:5c:d2:94:ea:1e:2f:45:cb:cb:13:20:d6: 3d:47:f6:d8:f0:79:0c:33:29:5b:5a:b5:85:cc:12:99:e2:3c: cc:c0:04:51:72:96:cb:70:6a:bb:26:7c:43:25:9e:b5:d6:75: 03:3d:b5:d2 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGpIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MjJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDMxRjBDQkQzNjNDOTIy M0I3REUwQzFGRDM2QTdDRDNCNUM2MTRCQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDgdO9gF0iAV5DLIs/3oZkxSF3Q3vIJwNoMJJmTDJ/svf+aEE+O hBUN1XH7AXsOqSiMgROlQ9t2fwIiMvGhfy85r/O+tHLeapVv2XP999FqFlIk8Sw8 UY8y+02btlLvPBnWJZ8TNyMsDrXe0+NZzF7QHHjrv5SKWT/Yq+uFKBGB0C1Lj6h5 vA6nFbUNiQb+epywz84yN+JNZxxiI/SE3OU4lDIJ0ttLkgl2ynEb4ILC7hnRYg8S fkj7jiE0qYTxHHOs0HSBLMP1WGNKbK6DLRq33VfRtkF9pOrnAanUYdeugXjH8dRo YU/3J2lTU5zYwTvrrNY6Y6ZJnmSV1IEMW4LtAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUMfDL02PJIjt94MH9NqfNO1xhS6gwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvTWZETDAyUEpJanQ5 NE1IOU5xZk5PMXhoUzZnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7Tf6DANBgkqhkiG9w0BAQsFAAOCAQEAKjykkqHSvTxrV1CFUFC8J0+qsgbE OGWT7N/ho7KMPvGJmmy3fZkiIQoeJd5a56YNKN0FVbSNc5UtGuZxRxLSaNh3BsCB 7yTUWM/95k/XBo+dNhd1wwwyZuFr71gdFcwA2MVJn2r06CAAy+pVrl6y+bqYwEWM MdrFc09MNpphtsU8I2LsStKpj6Zsev3a/8xxK7l/916McFghjvg+fyxXmCnKdjwS 82P3BGRXBExV0rP7DJ89q49vCYfAJZMTs1ULorQURXcrlH6P+YpjXNKU6h4vRcvL EyDWPUf22PB5DDMpW1q1hcwSmeI8zMAEUXKWy3BquyZ8QyWetdZ1Az210g== -----END CERTIFICATE-----Generated at Sun Oct 19 21:08:38 2025 by rpki-client