$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/zoeT5L5f3Na-h30OWq35qYlumu8.roa File: zoeT5L5f3Na-h30OWq35qYlumu8.roa (raw, json) Hash identifier: l7k3wvgohg/0osBDcj3dzj7qa1fOaGV5KhWvtmvMA7M= Subject key identifier: CE:87:93:E4:BE:5F:DC:D6:BE:87:7D:0E:5A:AD:F9:A9:89:6E:9A:EF Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1E72 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/zoeT5L5f3Na-h30OWq35qYlumu8.roa Signing time: Sat 13 Sep 2025 03:05:10 +0000 ROA not before: Sat 13 Sep 2025 03:05:10 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59083 IP address blocks: 202.136.250.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7794 (0x1e72) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:10 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CE8793E4BE5FDCD6BE877D0E5AADF9A9896E9AEF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:31:65:4b:7e:f3:f4:a8:2c:38:a6:15:9b:46: f4:88:33:f9:8e:41:a4:ac:c5:ae:6b:60:79:19:f3: b1:17:76:06:7b:90:ed:96:5e:ac:3f:e7:6b:65:9c: 18:48:da:5c:ec:9a:40:63:63:ac:55:42:8a:38:7b: 22:a4:4d:26:40:52:3f:ef:71:d1:f7:56:93:fc:91: 67:b3:2b:d4:0a:ee:b1:d9:d8:23:43:90:69:14:8c: 11:94:a6:83:f1:2f:ae:af:46:ba:25:cb:5b:1a:a5: 94:87:35:63:8c:ee:ca:01:e9:69:9e:53:c4:02:64: 89:97:bb:d9:f9:e4:97:1a:46:1c:95:72:48:7d:fd: ef:8c:70:12:b7:de:cd:89:dc:2b:a8:34:0a:94:ab: 89:ad:f7:49:76:0e:e5:12:81:1e:86:85:65:3f:5c: f3:1f:bf:ff:45:85:b2:8a:39:e0:64:4c:03:eb:ba: b1:af:5f:6b:16:83:ee:dd:44:61:c8:5b:9c:52:71: 44:de:87:b5:e7:25:25:0e:06:11:60:5c:3b:c6:33: a6:35:ac:54:18:37:e9:68:96:38:4c:67:a0:09:43: 76:1e:a4:59:28:fd:99:0d:17:ae:5d:66:fa:0a:20: 26:40:7d:5d:56:b5:39:10:72:0d:cd:6a:92:06:eb: bf:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:87:93:E4:BE:5F:DC:D6:BE:87:7D:0E:5A:AD:F9:A9:89:6E:9A:EF X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/zoeT5L5f3Na-h30OWq35qYlumu8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.136.250.0/24 Signature Algorithm: sha256WithRSAEncryption 3a:64:62:e3:23:fd:33:21:8e:72:8b:f1:27:38:f0:b7:1c:25: 9d:c7:be:80:58:43:9e:54:2e:3e:ee:39:cc:94:f9:60:c9:5c: fb:88:7e:b7:d2:bd:31:d0:9e:dd:06:40:7d:d9:e7:23:0a:66: 56:20:34:66:b8:0a:8a:2f:de:9b:26:02:ea:38:d2:3f:af:5d: 19:2c:ad:d4:45:af:96:70:56:11:3d:0f:6d:bb:61:a3:60:86: 86:db:2c:a0:98:62:90:b1:b0:55:28:2e:af:39:0a:a1:bd:68: 8a:aa:aa:69:c4:7d:20:af:25:2b:03:9f:f8:22:d8:3d:fc:0c: 49:42:b9:7a:37:2b:e0:24:9a:a0:f8:ef:dd:3a:3d:77:c0:56: 02:20:e5:97:0c:67:70:7e:16:43:d2:4a:55:6e:91:67:23:a7: 12:a1:26:d9:9f:2a:14:00:46:28:1d:d7:97:c2:56:6b:ef:cb: 75:9c:06:97:77:d6:c6:4d:d6:e0:84:e4:a0:3f:99:73:e6:30: c2:11:4a:a0:b3:fa:68:6c:09:65:db:3d:36:2c:2a:24:16:3a: 8c:dc:0a:1f:60:c8:aa:7b:d4:1c:18:83:d3:b7:e1:06:9a:7d: 07:32:ca:33:45:06:e9:52:ee:f6:8c:89:d0:89:cc:35:86:b0: 73:32:80:5c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHnIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MTBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENFODc5M0U0QkU1RkRD RDZCRTg3N0QwRTVBQURGOUE5ODk2RTlBRUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCmMWVLfvP0qCw4phWbRvSIM/mOQaSsxa5rYHkZ87EXdgZ7kO2W Xqw/52tlnBhI2lzsmkBjY6xVQoo4eyKkTSZAUj/vcdH3VpP8kWezK9QK7rHZ2CND kGkUjBGUpoPxL66vRroly1sapZSHNWOM7soB6WmeU8QCZImXu9n55JcaRhyVckh9 /e+McBK33s2J3CuoNAqUq4mt90l2DuUSgR6GhWU/XPMfv/9FhbKKOeBkTAPrurGv X2sWg+7dRGHIW5xScUTeh7XnJSUOBhFgXDvGM6Y1rFQYN+loljhMZ6AJQ3YepFko /ZkNF65dZvoKICZAfV1WtTkQcg3NapIG67/xAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUzoeT5L5f3Na+h30OWq35qYlumu8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3pvZVQ1TDVmM05hLWgz ME9XcTM1cVlsdW11OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKiPowDQYJKoZIhvcNAQELBQADggEBADpkYuMj/TMhjnKL8Sc48LccJZ3HvoBY Q55ULj7uOcyU+WDJXPuIfrfSvTHQnt0GQH3Z5yMKZlYgNGa4Coov3psmAuo40j+v XRksrdRFr5ZwVhE9D227YaNghobbLKCYYpCxsFUoLq85CqG9aIqqqmnEfSCvJSsD n/gi2D38DElCuXo3K+AkmqD47906PXfAVgIg5ZcMZ3B+FkPSSlVukWcjpxKhJtmf KhQARigd15fCVmvvy3WcBpd31sZN1uCE5KA/mXPmMMIRSqCz+mhsCWXbPTYsKiQW OozcCh9gyKp71BwYg9O34QaafQcyyjNFBulS7vaMidCJzDWGsHMygFw= -----END CERTIFICATE-----Generated at Mon Oct 20 13:30:59 2025 by rpki-client