$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/ll7KL1kbH0rXnmkrLvw0io9RU2k.roa File: ll7KL1kbH0rXnmkrLvw0io9RU2k.roa (raw, json) Hash identifier: I9vN+RRN+rOWoaSYHOf9YHTRcz47y3nrL3NkUMEeZz4= Subject key identifier: 96:5E:CA:2F:59:1B:1F:4A:D7:9E:69:2B:2E:FC:34:8A:8F:51:53:69 Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Certificate serial: 20BE Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/ll7KL1kbH0rXnmkrLvw0io9RU2k.roa Signing time: Fri 26 Sep 2025 06:29:37 +0000 ROA not before: Fri 26 Sep 2025 06:29:37 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 131314 IP address blocks: 202.47.110.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8382 (0x20be) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Validity Not Before: Sep 26 06:29:37 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=965ECA2F591B1F4AD79E692B2EFC348A8F515369 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:8d:42:30:48:71:db:76:a9:51:ed:7e:b9:e7: 4b:5e:4a:05:57:d6:cf:ad:0f:17:dc:86:28:85:33: 1c:dd:3d:3e:e1:ef:ed:f1:48:c2:9f:a3:19:2f:8d: 9d:c0:74:69:a9:6a:22:b4:c4:23:27:10:b0:47:fe: 10:d2:85:8f:74:46:7d:6f:f7:e0:d7:5b:e1:4d:d6: 8f:6c:2a:de:c6:cc:f2:0f:20:b8:36:8a:94:52:38: 6f:ea:14:f5:e1:8a:d0:92:53:6b:11:e8:fc:23:f4: c2:d3:ab:c4:93:2b:26:33:d5:3b:a5:ae:47:bb:4d: f2:54:27:02:5f:6a:44:2e:23:59:5e:3f:32:91:b1: c8:fe:84:a4:cb:45:34:01:cb:7d:42:cd:0d:63:c0: f3:98:22:be:39:0b:80:b6:75:c1:29:e0:fd:0a:27: fe:a5:a5:c8:0e:08:aa:29:a9:d9:24:82:12:60:95: dc:0c:ee:2d:5c:5a:ac:45:a8:3e:8b:d6:ab:60:e9: 6c:2f:77:52:98:97:d1:b4:87:83:ae:65:34:f6:0c: 74:06:cd:0a:ae:99:1c:b9:ef:92:64:ac:12:72:2a: e4:ef:f7:f8:ea:dc:d4:f2:b2:68:40:c7:04:af:3b: 91:b6:03:0d:3a:19:15:08:c7:76:32:d6:39:6b:09: 75:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:5E:CA:2F:59:1B:1F:4A:D7:9E:69:2B:2E:FC:34:8A:8F:51:53:69 X509v3 Authority Key Identifier: keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/ll7KL1kbH0rXnmkrLvw0io9RU2k.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.47.110.0/24 Signature Algorithm: sha256WithRSAEncryption 10:14:a6:ee:43:77:42:c4:76:b2:23:2c:0b:53:9a:cc:a4:22: e1:6e:2e:c6:ce:80:35:45:02:d5:63:ac:57:24:7a:c7:30:a8: 67:40:a6:ad:6b:17:7b:13:f4:77:64:1c:d2:61:88:13:37:96: 52:fd:3f:af:1b:0a:b7:f6:27:29:f3:87:5b:ba:96:7e:ab:44: 36:7c:b5:06:97:f0:da:57:46:e4:3f:ca:77:ff:f4:f2:07:69: 46:0d:ed:97:d5:cc:cb:ce:16:84:b3:37:6d:14:fd:27:08:c1: 64:67:61:f4:39:14:ce:9b:7e:db:64:aa:9f:14:d9:d1:63:1d: 4d:6c:fd:60:44:d8:c3:69:92:18:65:c9:60:3b:ef:3c:fb:45: 2c:53:08:3b:22:24:c2:ce:2f:85:03:a6:00:7e:54:26:82:32: b4:e1:c3:3e:fd:37:92:3b:2e:73:4c:d0:06:79:04:af:c6:10: 0c:14:f4:ee:79:99:11:87:02:61:71:31:93:e8:be:3f:26:d1: fa:5f:82:7e:63:a0:f8:b7:57:9e:15:e6:a5:dc:90:c5:63:f9: c7:d7:a9:16:27:ad:07:9e:a9:94:28:91:f7:a0:9e:90:c2:b4: 9d:e3:e5:b9:66:e8:ea:88:b7:57:14:bb:09:f5:b3:8f:76:79: ea:34:74:2b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIL4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1 MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yNTA5MjYw NjI5MzdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDk2NUVDQTJGNTkxQjFG NEFENzlFNjkyQjJFRkMzNDhBOEY1MTUzNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxjUIwSHHbdqlR7X6550teSgVX1s+tDxfchiiFMxzdPT7h7+3x SMKfoxkvjZ3AdGmpaiK0xCMnELBH/hDShY90Rn1v9+DXW+FN1o9sKt7GzPIPILg2 ipRSOG/qFPXhitCSU2sR6Pwj9MLTq8STKyYz1Tulrke7TfJUJwJfakQuI1lePzKR scj+hKTLRTQBy31CzQ1jwPOYIr45C4C2dcEp4P0KJ/6lpcgOCKopqdkkghJgldwM 7i1cWqxFqD6L1qtg6Wwvd1KYl9G0h4OuZTT2DHQGzQqumRy575JkrBJyKuTv9/jq 3NTysmhAxwSvO5G2Aw06GRUIx3Yy1jlrCXVXAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUll7KL1kbH0rXnmkrLvw0io9RU2kwHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt 4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxL2xsN0tMMWtiSDByWG5t a3JMdncwaW85UlUyay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKL24wDQYJKoZIhvcNAQELBQADggEBABAUpu5Dd0LEdrIjLAtTmsykIuFuLsbO gDVFAtVjrFckescwqGdApq1rF3sT9HdkHNJhiBM3llL9P68bCrf2Jynzh1u6ln6r RDZ8tQaX8NpXRuQ/ynf/9PIHaUYN7ZfVzMvOFoSzN20U/ScIwWRnYfQ5FM6bfttk qp8U2dFjHU1s/WBE2MNpkhhlyWA77zz7RSxTCDsiJMLOL4UDpgB+VCaCMrThwz79 N5I7LnNM0AZ5BK/GEAwU9O55mRGHAmFxMZPovj8m0fpfgn5joPi3V54V5qXckMVj +cfXqRYnrQeeqZQokfegnpDCtJ3j5blm6OqIt1cUuwn1s492eeo0dCs= -----END CERTIFICATE-----Generated at Mon Oct 20 20:37:56 2025 by rpki-client