$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3250/XVPdJGEihCIvA9JpS0UUMoot9iU.roa File: XVPdJGEihCIvA9JpS0UUMoot9iU.roa (raw, json) Hash identifier: fYMRjE6iBqW+ZfjLg530UsMpfW5MUD7/ULq3nNW/G2A= Subject key identifier: 5D:53:DD:24:61:22:84:22:2F:03:D2:69:4B:45:14:32:8A:2D:F6:25 Certificate issuer: /CN=8D34D5981D7B6A00127B9F268748A4E1233E138F Certificate serial: 0C2B Authority key identifier: 8D:34:D5:98:1D:7B:6A:00:12:7B:9F:26:87:48:A4:E1:23:3E:13:8F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/jTTVmB17agASe58mh0ik4SM-E48.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3250/XVPdJGEihCIvA9JpS0UUMoot9iU.roa Signing time: Sat 13 Sep 2025 03:08:57 +0000 ROA not before: Sat 13 Sep 2025 03:08:57 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4837 IP address blocks: 36.50.226.0/23 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3250/jTTVmB17agASe58mh0ik4SM-E48.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3250/jTTVmB17agASe58mh0ik4SM-E48.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/jTTVmB17agASe58mh0ik4SM-E48.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3115 (0xc2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8D34D5981D7B6A00127B9F268748A4E1233E138F Validity Not Before: Sep 13 03:08:57 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=5D53DD24612284222F03D2694B4514328A2DF625 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:56:93:b7:7d:38:d4:92:53:79:e2:58:07:48: 28:6d:dc:cc:85:9f:f4:52:47:c2:af:92:7a:4b:6c: 23:92:cd:1e:b6:51:88:c3:6d:aa:54:09:69:7e:c3: 22:f6:84:12:d2:20:f7:00:3f:ed:f3:61:65:78:f7: 7d:3c:19:aa:ec:b5:6f:85:91:da:b6:a0:f7:fd:d2: cc:12:ed:a9:7b:20:2e:e8:c0:cf:80:30:d6:d7:2a: f9:19:d2:68:89:61:77:4f:cd:93:ab:e5:44:bd:30: 44:f4:b3:78:54:27:3f:39:b3:fd:9d:ac:0c:d0:c1: 4f:4a:71:bf:51:0d:fa:64:21:19:ad:ff:59:7d:fd: c3:b1:d0:30:dc:24:3e:5a:a7:1d:42:b1:66:44:69: 57:51:ad:8f:c6:4e:eb:39:59:14:05:1a:79:01:6b: 9b:7f:02:63:ea:96:1e:73:4c:c9:ce:8f:1f:8f:1d: de:10:79:cf:77:77:2e:4c:1c:9d:1a:50:5e:1a:9e: ba:97:b7:25:e9:5e:e8:ad:55:46:42:7c:bb:2d:a7: 9a:ef:01:aa:8c:30:67:7e:93:e9:ec:46:17:14:0d: 38:de:57:57:01:a1:32:99:a6:49:fc:08:ed:09:2a: 8d:c0:df:09:8c:9c:98:bf:5c:bd:90:07:cb:90:4c: 1d:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:53:DD:24:61:22:84:22:2F:03:D2:69:4B:45:14:32:8A:2D:F6:25 X509v3 Authority Key Identifier: keyid:8D:34:D5:98:1D:7B:6A:00:12:7B:9F:26:87:48:A4:E1:23:3E:13:8F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3250/jTTVmB17agASe58mh0ik4SM-E48.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/jTTVmB17agASe58mh0ik4SM-E48.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3250/XVPdJGEihCIvA9JpS0UUMoot9iU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 36.50.226.0/23 Signature Algorithm: sha256WithRSAEncryption 02:2e:4d:a5:4c:03:3e:1f:63:15:72:b5:88:47:06:02:70:23: ea:cc:2d:53:70:2b:48:4d:18:b5:ec:e0:82:6a:79:dc:32:ac: d4:db:7a:c4:d7:50:46:91:00:3a:56:fc:1f:41:f9:0b:e9:79: b9:94:00:33:79:db:f3:5e:14:c9:8f:5d:3d:14:66:4f:2d:9f: 5d:ad:a6:7e:2d:c1:0e:de:28:b7:40:ec:4c:bb:41:f5:3f:fb: 0b:28:6d:fd:42:5d:50:08:1b:7a:45:d9:45:56:b7:2e:94:9f: ab:81:57:24:ca:8d:54:71:81:99:02:3c:f0:77:37:d6:81:d5: 09:0d:26:01:98:5a:87:ec:55:8f:8b:0a:e6:09:aa:2b:59:18: 54:55:c6:ac:34:48:82:ae:32:aa:27:e0:d9:c7:b8:65:57:4e: 29:e0:fc:03:26:d1:7e:b9:84:53:76:7d:b6:3b:ef:95:2e:c2: e6:66:db:2c:f6:06:ed:2a:ff:c7:73:46:68:63:51:7a:a2:39: 0e:bf:5b:70:82:3b:6f:8d:94:a4:6c:11:42:55:85:09:0c:2c: 76:46:bb:01:32:77:da:5a:ea:4f:eb:e0:c6:36:46:84:67:93: dd:72:cf:8b:ff:fd:38:3e:a1:1d:12:ff:19:bd:80:94:6d:ee: 00:9a:41:75 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDCswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEQz NEQ1OTgxRDdCNkEwMDEyN0I5RjI2ODc0OEE0RTEyMzNFMTM4RjAeFw0yNTA5MTMw MzA4NTdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDVENTNERDI0NjEyMjg0 MjIyRjAzRDI2OTRCNDUxNDMyOEEyREY2MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2VpO3fTjUklN54lgHSCht3MyFn/RSR8KvknpLbCOSzR62UYjD bapUCWl+wyL2hBLSIPcAP+3zYWV49308GarstW+Fkdq2oPf90swS7al7IC7owM+A MNbXKvkZ0miJYXdPzZOr5US9MET0s3hUJz85s/2drAzQwU9Kcb9RDfpkIRmt/1l9 /cOx0DDcJD5apx1CsWZEaVdRrY/GTus5WRQFGnkBa5t/AmPqlh5zTMnOjx+PHd4Q ec93dy5MHJ0aUF4anrqXtyXpXuitVUZCfLstp5rvAaqMMGd+k+nsRhcUDTjeV1cB oTKZpkn8CO0JKo3A3wmMnJi/XL2QB8uQTB1bAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUXVPdJGEihCIvA9JpS0UUMoot9iUwHwYDVR0jBBgwFoAUjTTVmB17agASe58m h0ik4SM+E48wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 MC9qVFRWbUIxN2FnQVNlNThtaDBpazRTTS1FNDguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2pUVFZtQjE3YWdBU2U1OG1oMGlrNFNNLUU0OC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTAvWFZQZEpHRWloQ0l2 QTlKcFMwVVVNb290OWlVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEASQy4jANBgkqhkiG9w0BAQsFAAOCAQEAAi5NpUwDPh9jFXK1iEcGAnAj6swt U3ArSE0Ytezggmp53DKs1Nt6xNdQRpEAOlb8H0H5C+l5uZQAM3nb814UyY9dPRRm Ty2fXa2mfi3BDt4ot0DsTLtB9T/7Cyht/UJdUAgbekXZRVa3LpSfq4FXJMqNVHGB mQI88Hc31oHVCQ0mAZhah+xVj4sK5gmqK1kYVFXGrDRIgq4yqifg2ce4ZVdOKeD8 AybRfrmEU3Z9tjvvlS7C5mbbLPYG7Sr/x3NGaGNReqI5Dr9bcII7b42UpGwRQlWF CQwsdka7ATJ32lrqT+vgxjZGhGeT3XLPi//9OD6hHRL/Gb2AlG3uAJpBdQ== -----END CERTIFICATE-----Generated at Mon Oct 20 14:31:20 2025 by rpki-client