$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/Sr0TgWDSc7R2EBuvKi1TRd2VOG8.roa File: Sr0TgWDSc7R2EBuvKi1TRd2VOG8.roa (raw, json) Hash identifier: kUd7Uax2tqAGLomgEHb5dHkJrPQBptDvfJpvD3ptWBc= Subject key identifier: 4A:BD:13:81:60:D2:73:B4:76:10:1B:AF:2A:2D:53:45:DD:95:38:6F Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 0A6D Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/Sr0TgWDSc7R2EBuvKi1TRd2VOG8.roa Signing time: Sat 13 Sep 2025 03:03:18 +0000 ROA not before: Sat 13 Sep 2025 03:03:18 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 7641 IP address blocks: 211.146.32.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:04:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2669 (0xa6d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: Sep 13 03:03:18 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4ABD138160D273B476101BAF2A2D5345DD95386F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:d4:0d:17:29:62:fc:9c:a8:5e:2e:be:ef:82: 58:c0:57:cb:02:52:5e:2d:e1:2e:ee:9b:b8:4f:06: e0:cb:b0:9e:45:3c:1d:de:30:54:b3:e2:83:72:bc: 77:32:66:d3:96:5d:f1:a3:e0:7e:1c:8b:98:e4:04: e5:33:8a:86:59:82:b1:f3:c5:98:fc:1a:0a:11:e0: 0d:c7:e4:60:f5:0f:1a:6a:87:a1:e0:36:ad:0d:35: 7e:fa:77:27:34:e5:f0:76:7a:c0:e2:49:18:24:d7: 38:f4:4c:94:14:bb:b7:f2:2a:97:f7:01:77:02:2a: 69:2d:bb:26:3d:6e:22:47:71:f8:4c:d8:ee:64:08: d3:e8:c0:c4:6b:b2:56:82:a2:27:7c:69:dc:11:4d: 19:0f:b2:22:02:12:a9:22:26:f8:fd:69:89:8d:22: 30:9a:41:da:ee:f0:be:5c:22:1b:c5:57:c8:cd:61: e3:40:b1:85:79:36:fc:65:29:a3:1f:4b:4d:96:88: 31:02:67:21:65:ee:08:fc:3b:18:56:e4:aa:78:bd: 2c:8e:fe:da:27:09:a7:81:22:b7:83:83:8f:7f:9d: 0d:67:40:0c:ec:6d:b8:61:15:12:08:2e:2c:0b:28: d8:02:35:54:9d:de:49:fd:df:1c:3b:60:ba:fe:2c: 19:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:BD:13:81:60:D2:73:B4:76:10:1B:AF:2A:2D:53:45:DD:95:38:6F X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/Sr0TgWDSc7R2EBuvKi1TRd2VOG8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.146.32.0/19 Signature Algorithm: sha256WithRSAEncryption 9d:d7:88:0f:d9:b3:52:72:fb:d6:5b:2f:f7:c1:dc:52:38:02: 77:65:bd:5b:3d:83:74:a3:57:b7:d1:d5:6c:f5:05:a5:d0:a1: 32:ff:bf:3b:ec:58:2a:a6:ee:51:37:41:02:54:b0:fa:89:c5: 98:99:d4:41:5f:20:9a:32:ee:b1:26:1a:a4:2f:b7:f9:b2:e4: 0e:71:a6:52:ba:55:bc:e5:5b:f5:4a:ed:e8:36:38:6b:86:ba: 50:02:c3:3d:ee:65:02:2a:3a:e0:4d:d3:38:ef:dc:04:50:b1: b6:09:88:d9:3c:80:29:2d:ef:cd:10:54:6c:96:18:22:a4:83: 77:7c:50:d6:8e:9c:1a:59:98:b6:7d:1d:4a:a4:83:a3:30:cb: 85:61:df:29:81:45:2a:e6:15:a5:ad:ba:f6:c0:df:5d:0a:b2: b6:73:b3:f4:43:bc:67:ec:17:26:f0:18:1f:70:ea:b3:9a:d7: 51:91:43:48:de:87:91:0f:8f:5d:69:b1:4a:28:2c:73:c3:c9: 3e:38:ae:de:a9:62:94:14:62:1c:82:d6:80:88:97:43:4f:3e: 86:8c:74:dc:7c:7b:c2:5f:89:bf:89:64:a5:36:ae:7c:1e:18: 50:ae:4a:72:cb:ed:18:cc:f4:d7:97:13:54:71:1f:79:7b:14: ea:1c:ea:c5 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICCm0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA5MTMw MzAzMThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDRBQkQxMzgxNjBEMjcz QjQ3NjEwMUJBRjJBMkQ1MzQ1REQ5NTM4NkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC51A0XKWL8nKheLr7vgljAV8sCUl4t4S7um7hPBuDLsJ5FPB3e MFSz4oNyvHcyZtOWXfGj4H4ci5jkBOUzioZZgrHzxZj8GgoR4A3H5GD1Dxpqh6Hg Nq0NNX76dyc05fB2esDiSRgk1zj0TJQUu7fyKpf3AXcCKmktuyY9biJHcfhM2O5k CNPowMRrslaCoid8adwRTRkPsiICEqkiJvj9aYmNIjCaQdru8L5cIhvFV8jNYeNA sYV5NvxlKaMfS02WiDECZyFl7gj8OxhW5Kp4vSyO/tonCaeBIreDg49/nQ1nQAzs bbhhFRIILiwLKNgCNVSd3kn93xw7YLr+LBnvAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUSr0TgWDSc7R2EBuvKi1TRd2VOG8wHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9TcjBUZ1dEU2M3UjJFQnV2 S2kxVFJkMlZPRzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF 05IgMA0GCSqGSIb3DQEBCwUAA4IBAQCd14gP2bNScvvWWy/3wdxSOAJ3Zb1bPYN0 o1e30dVs9QWl0KEy/7877Fgqpu5RN0ECVLD6icWYmdRBXyCaMu6xJhqkL7f5suQO caZSulW85Vv1Su3oNjhrhrpQAsM97mUCKjrgTdM479wEULG2CYjZPIApLe/NEFRs lhgipIN3fFDWjpwaWZi2fR1KpIOjMMuFYd8pgUUq5hWlrbr2wN9dCrK2c7P0Q7xn 7Bcm8BgfcOqzmtdRkUNI3oeRD49dabFKKCxzw8k+OK7eqWKUFGIcgtaAiJdDTz6G jHTcfHvCX4m/iWSlNq58HhhQrkpyy+0YzPTXlxNUcR95exTqHOrF -----END CERTIFICATE-----Generated at Mon Oct 20 16:09:22 2025 by rpki-client