$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/y7kt26LEYyIapWG7IllYvfHng2w.roa File: y7kt26LEYyIapWG7IllYvfHng2w.roa (raw, json) Hash identifier: djHMZT8cY4d179aBFklWHwNzSz0jbHeed7YVtKK2aos= Subject key identifier: CB:B9:2D:DB:A2:C4:63:22:1A:A5:61:BB:22:59:58:BD:F1:E7:83:6C Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A91 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/y7kt26LEYyIapWG7IllYvfHng2w.roa Signing time: Sat 13 Sep 2025 03:07:22 +0000 ROA not before: Sat 13 Sep 2025 03:07:22 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 18811 IP address blocks: 180.223.124.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 04:06:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6801 (0x1a91) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:22 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CBB92DDBA2C463221AA561BB225958BDF1E7836C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:0b:bd:3d:61:58:5b:93:dd:d4:c5:56:f8:7f: f4:8e:ad:74:ed:95:6e:55:20:06:72:41:8b:3b:41: 45:07:09:67:2b:96:2f:8c:8f:4c:19:d9:a3:50:7a: c1:a5:91:98:7a:ac:47:bc:ff:ec:b6:07:21:d1:da: ab:60:31:ed:15:d9:fe:83:ea:64:75:1d:89:81:0c: 31:f8:a6:05:4e:d5:14:1c:f1:85:e8:88:ed:4a:a0: e1:05:d2:d6:7f:5a:31:c0:98:c1:28:02:a4:05:65: 70:e5:ba:2f:93:d1:46:2b:b1:b9:29:a0:4e:5a:87: b2:09:e0:ab:a8:a6:58:fc:48:d5:4b:80:88:e2:40: c5:d8:7b:b5:f5:a8:43:a6:00:2b:c1:3d:2e:c8:12: 93:21:b2:a6:af:34:b3:42:2f:52:5d:c5:2d:c4:32: 09:1d:70:c9:37:35:99:1f:40:c9:f2:f2:80:81:91: c4:31:3d:88:bb:e6:ab:86:7a:19:75:46:c4:d6:94: 01:18:2a:d3:ee:e2:c5:8b:1d:84:cd:85:4b:e6:b9: bb:1d:85:8a:97:aa:90:05:97:ef:63:85:30:5d:1a: a3:cf:aa:4e:f1:70:32:e2:98:40:94:76:18:1e:81: a2:6a:ef:bc:fa:a0:38:20:03:d6:94:23:53:86:4d: 88:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:B9:2D:DB:A2:C4:63:22:1A:A5:61:BB:22:59:58:BD:F1:E7:83:6C X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/y7kt26LEYyIapWG7IllYvfHng2w.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.124.0/22 Signature Algorithm: sha256WithRSAEncryption c7:6e:92:82:ba:12:56:f2:31:31:83:b5:ba:98:5b:a0:c5:3c: 29:32:a0:46:fa:65:6d:9f:c1:47:3b:99:a3:57:ff:63:26:5c: ce:26:7f:58:22:4c:5f:f4:49:f9:31:92:56:7d:87:ea:f5:43: 14:fd:f8:cc:b0:09:98:ee:83:fd:2d:0a:1a:09:aa:e5:84:63: 3d:89:f6:c5:a0:de:8f:98:3a:9a:1d:0e:e5:82:50:70:55:bd: c4:95:99:15:ca:bf:8c:2d:e3:25:d2:18:65:13:cb:8b:9d:84: 73:7a:cb:34:13:5b:14:c8:0f:0d:06:f6:23:99:bd:8d:ac:dd: f2:c2:f0:57:03:fa:4d:6d:fd:4e:e3:2d:f6:46:8e:76:7b:1f: 14:32:cd:3d:78:b3:58:51:86:de:f0:1b:cd:66:a6:29:95:5c: 66:40:81:40:ca:e4:20:4e:12:97:b5:99:8e:00:d7:b9:0a:30: 65:59:d1:14:bb:d7:e2:81:2f:eb:1b:ee:9d:31:d9:f4:3a:97: d0:98:be:81:4a:78:77:81:c9:21:9e:5e:70:39:81:f7:69:b2: 5a:1a:a1:72:20:c0:b7:21:ab:de:06:2b:09:de:fc:14:a8:54: 8e:89:22:e0:ac:74:47:6c:b8:73:eb:35:9e:34:b4:4f:75:53: ac:d0:ea:cf -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGpEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MjJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENCQjkyRERCQTJDNDYz MjIxQUE1NjFCQjIyNTk1OEJERjFFNzgzNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCcC709YVhbk93UxVb4f/SOrXTtlW5VIAZyQYs7QUUHCWcrli+M j0wZ2aNQesGlkZh6rEe8/+y2ByHR2qtgMe0V2f6D6mR1HYmBDDH4pgVO1RQc8YXo iO1KoOEF0tZ/WjHAmMEoAqQFZXDlui+T0UYrsbkpoE5ah7IJ4Kuoplj8SNVLgIji QMXYe7X1qEOmACvBPS7IEpMhsqavNLNCL1JdxS3EMgkdcMk3NZkfQMny8oCBkcQx PYi75quGehl1RsTWlAEYKtPu4sWLHYTNhUvmubsdhYqXqpAFl+9jhTBdGqPPqk7x cDLimECUdhgegaJq77z6oDggA9aUI1OGTYhDAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUy7kt26LEYyIapWG7IllYvfHng2wwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAveTdrdDI2TEVZeUlh cFdHN0lsbFl2ZkhuZzJ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArTffDANBgkqhkiG9w0BAQsFAAOCAQEAx26SgroSVvIxMYO1uphboMU8KTKg RvplbZ/BRzuZo1f/YyZcziZ/WCJMX/RJ+TGSVn2H6vVDFP34zLAJmO6D/S0KGgmq 5YRjPYn2xaDej5g6mh0O5YJQcFW9xJWZFcq/jC3jJdIYZRPLi52Ec3rLNBNbFMgP DQb2I5m9jazd8sLwVwP6TW39TuMt9kaOdnsfFDLNPXizWFGG3vAbzWamKZVcZkCB QMrkIE4Sl7WZjgDXuQowZVnRFLvX4oEv6xvunTHZ9DqX0Ji+gUp4d4HJIZ5ecDmB 92myWhqhciDAtyGr3gYrCd78FKhUjoki4Kx0R2y4c+s1njS0T3VTrNDqzw== -----END CERTIFICATE-----Generated at Mon Oct 20 00:04:25 2025 by rpki-client