$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/595/SJOveRZRpxduZH7gXGxF-2m1Oi8.roa File: SJOveRZRpxduZH7gXGxF-2m1Oi8.roa (raw, json) Hash identifier: 6HoJhV9e7UiZYLZEDXNqL0CpzCNuCZBa7EZkxwjgvJM= Subject key identifier: 48:93:AF:79:16:51:A7:17:6E:64:7E:E0:5C:6C:45:FB:69:B5:3A:2F Certificate issuer: /CN=2CA390E2780550E44EC03598082E1995474DF2FB Certificate serial: 1EB6 Authority key identifier: 2C:A3:90:E2:78:05:50:E4:4E:C0:35:98:08:2E:19:95:47:4D:F2:FB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LKOQ4ngFUOROwDWYCC4ZlUdN8vs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/SJOveRZRpxduZH7gXGxF-2m1Oi8.roa Signing time: Sat 13 Sep 2025 03:06:53 +0000 ROA not before: Sat 13 Sep 2025 03:06:53 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 58862 IP address blocks: 167.220.244.0/22 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/LKOQ4ngFUOROwDWYCC4ZlUdN8vs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/LKOQ4ngFUOROwDWYCC4ZlUdN8vs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LKOQ4ngFUOROwDWYCC4ZlUdN8vs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 04:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7862 (0x1eb6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2CA390E2780550E44EC03598082E1995474DF2FB Validity Not Before: Sep 13 03:06:53 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4893AF791651A7176E647EE05C6C45FB69B53A2F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:59:42:62:bc:60:e2:39:72:52:14:75:e1:af: 44:32:99:00:38:ad:5a:cf:33:10:41:77:47:97:73: a8:4b:2a:cd:8f:4f:bc:29:58:7e:fe:97:4e:c9:a8: 6a:bd:93:0a:db:5d:87:7d:27:90:61:88:62:37:1f: f7:5f:59:d9:00:f1:41:4f:10:8b:83:b6:42:11:7d: 4f:e8:e6:c0:a5:dc:c3:5d:c8:5b:00:16:7b:fe:db: 9f:26:04:4a:b8:8a:80:51:e7:2e:75:4a:a4:fa:7c: 30:96:bb:a9:57:78:a9:f0:6e:2b:d3:47:6d:20:9b: 8d:a5:fe:a4:d2:a9:fb:9b:d6:b1:18:5b:4b:bd:2b: 5a:e3:54:dc:6c:09:c0:db:7d:60:60:86:5a:d1:6f: 34:4e:fb:b2:81:4b:d9:ae:b4:df:3e:d7:e5:04:44: 3d:de:c7:5b:7e:0b:a0:67:41:71:a7:cc:a8:04:d3: ba:7b:f4:c5:7d:9f:9a:87:4b:2a:42:06:02:24:93: 38:a2:0f:af:9a:35:81:c0:95:98:df:ec:a5:29:65: aa:a7:61:f2:2e:f5:35:9b:4e:95:a4:c5:75:3a:5f: 71:a2:e3:4d:f6:12:bb:20:50:5c:bf:98:20:6c:b9: 97:0a:6c:bc:6d:67:2e:51:e6:b7:42:83:d5:42:8e: a2:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:93:AF:79:16:51:A7:17:6E:64:7E:E0:5C:6C:45:FB:69:B5:3A:2F X509v3 Authority Key Identifier: keyid:2C:A3:90:E2:78:05:50:E4:4E:C0:35:98:08:2E:19:95:47:4D:F2:FB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/LKOQ4ngFUOROwDWYCC4ZlUdN8vs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LKOQ4ngFUOROwDWYCC4ZlUdN8vs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/SJOveRZRpxduZH7gXGxF-2m1Oi8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 167.220.244.0/22 Signature Algorithm: sha256WithRSAEncryption 9b:5c:7c:e2:24:cd:e0:1d:5e:0c:b4:ac:8c:a5:c0:71:c8:7d: bb:7b:7c:25:bf:b5:31:da:a9:2b:78:c7:17:63:63:d1:21:d8: ec:ae:ab:cf:45:54:24:05:02:8c:31:20:e5:61:a0:e6:02:ec: 81:e5:7f:5f:d2:18:e4:5a:5e:b5:86:46:54:bc:d1:e7:6c:d5: 81:7c:d7:43:48:8d:87:f6:cd:69:13:19:c2:2e:33:e4:fe:b8: 5d:8a:68:16:d0:4d:8a:e2:81:bb:df:ec:ae:01:bb:e8:b1:25: ae:71:05:c0:06:47:50:6b:92:78:c2:e2:06:6a:68:05:40:1c: 77:45:7c:70:99:3b:ad:0a:ab:62:af:6c:5f:07:72:2c:ba:af: 4c:48:60:90:07:40:4b:4d:cc:bc:4c:4b:98:87:58:0e:26:ec: f4:bd:fb:45:7b:02:ae:fb:ce:ea:ad:6a:2f:49:3d:69:7f:3d: 28:8a:30:ce:26:0e:70:62:9b:ec:09:19:5f:66:18:d8:e8:18: c8:c8:19:16:b1:e4:94:f8:5e:39:94:f8:3b:d1:ac:1a:7a:39: f9:7a:5c:4f:52:d6:be:14:88:a1:34:f3:27:6b:3e:62:b5:07: 26:9a:d6:f4:56:c5:88:61:f1:24:6e:8e:c9:61:12:c4:0c:f2: 9b:ba:42:ff -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHrYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkNB MzkwRTI3ODA1NTBFNDRFQzAzNTk4MDgyRTE5OTU0NzRERjJGQjAeFw0yNTA5MTMw MzA2NTNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQ4OTNBRjc5MTY1MUE3 MTc2RTY0N0VFMDVDNkM0NUZCNjlCNTNBMkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8WUJivGDiOXJSFHXhr0QymQA4rVrPMxBBd0eXc6hLKs2PT7wp WH7+l07JqGq9kwrbXYd9J5BhiGI3H/dfWdkA8UFPEIuDtkIRfU/o5sCl3MNdyFsA Fnv+258mBEq4ioBR5y51SqT6fDCWu6lXeKnwbivTR20gm42l/qTSqfub1rEYW0u9 K1rjVNxsCcDbfWBghlrRbzRO+7KBS9mutN8+1+UERD3ex1t+C6BnQXGnzKgE07p7 9MV9n5qHSypCBgIkkziiD6+aNYHAlZjf7KUpZaqnYfIu9TWbTpWkxXU6X3Gi4032 ErsgUFy/mCBsuZcKbLxtZy5R5rdCg9VCjqLTAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUSJOveRZRpxduZH7gXGxF+2m1Oi8wHwYDVR0jBBgwFoAULKOQ4ngFUOROwDWY CC4ZlUdN8vswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1 L0xLT1E0bmdGVU9ST3dEV1lDQzRabFVkTjh2cy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTEtPUTRuZ0ZVT1JPd0RXWUNDNFpsVWROOHZzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1L1NKT3ZlUlpScHhkdVpI N2dYR3hGLTJtMU9pOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAKn3PQwDQYJKoZIhvcNAQELBQADggEBAJtcfOIkzeAdXgy0rIylwHHIfbt7fCW/ tTHaqSt4xxdjY9Eh2Oyuq89FVCQFAowxIOVhoOYC7IHlf1/SGORaXrWGRlS80eds 1YF810NIjYf2zWkTGcIuM+T+uF2KaBbQTYrigbvf7K4Bu+ixJa5xBcAGR1BrknjC 4gZqaAVAHHdFfHCZO60Kq2KvbF8Hciy6r0xIYJAHQEtNzLxMS5iHWA4m7PS9+0V7 Aq77zuqtai9JPWl/PSiKMM4mDnBim+wJGV9mGNjoGMjIGRax5JT4XjmU+DvRrBp6 Ofl6XE9S1r4UiKE08ydrPmK1Byaa1vRWxYhh8SRujslhEsQM8pu6Qv8= -----END CERTIFICATE-----Generated at Tue Oct 21 02:19:37 2025 by rpki-client