$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/oIAeC2nny0IonRnlVcVz6xejUHU.roa File: oIAeC2nny0IonRnlVcVz6xejUHU.roa (raw, json) Hash identifier: iww/Jj3J6HRPMUS8eA0+59YmWTqG/oQVfm+yx40d6Ag= Subject key identifier: A0:80:1E:0B:69:E7:CB:42:28:9D:19:E5:55:C5:73:EB:17:A3:50:75 Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Certificate serial: 2165 Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/oIAeC2nny0IonRnlVcVz6xejUHU.roa Signing time: Sat 13 Sep 2025 03:03:02 +0000 ROA not before: Sat 13 Sep 2025 03:03:02 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4134 IP address blocks: 103.236.232.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:04:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8549 (0x2165) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Validity Not Before: Sep 13 03:03:02 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=A0801E0B69E7CB42289D19E555C573EB17A35075 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:41:97:81:c5:aa:ed:b0:0f:4b:17:75:d4:db: c0:63:a9:8a:f6:23:06:6c:fe:df:59:d1:4c:bd:6f: 3e:15:19:8b:f2:b9:20:a4:dd:28:25:47:b1:df:bd: ec:2c:d8:bf:d0:81:93:16:a9:a4:01:a4:0c:a0:fd: 48:b5:84:2a:33:5d:8e:0b:2a:dd:d4:07:52:9e:79: 26:b9:13:4f:79:04:00:10:ba:65:ed:20:b9:48:f3: d9:8d:72:aa:d6:37:4c:10:a7:4b:b8:18:a5:05:e4: 45:10:61:fe:81:0a:c1:66:72:d6:1a:9d:00:93:a5: e3:1f:31:36:94:ed:2b:90:10:6b:02:dc:b8:b5:4f: f6:a6:34:b5:77:3f:b9:b9:99:e7:04:24:66:8c:df: 55:5d:2c:69:47:2e:e1:38:4a:f3:34:84:ed:6f:6e: f3:81:e7:1c:91:d1:16:4d:e1:1d:83:72:a8:1b:7a: 75:d6:8e:5a:4a:28:44:1a:24:65:63:db:b8:63:a2: 57:fe:dd:dc:7a:58:e4:51:28:4b:de:ea:66:f0:8d: 47:bf:cd:b9:15:65:83:db:bb:6b:42:7b:86:5d:10: 14:36:1b:06:d7:68:f5:c3:5f:4d:08:32:d1:b6:ae: c0:d3:23:4f:aa:2a:93:b9:78:7b:78:65:b1:30:5a: 6c:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:80:1E:0B:69:E7:CB:42:28:9D:19:E5:55:C5:73:EB:17:A3:50:75 X509v3 Authority Key Identifier: keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/oIAeC2nny0IonRnlVcVz6xejUHU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.236.232.0/22 Signature Algorithm: sha256WithRSAEncryption 50:b2:07:a2:0a:10:65:07:31:45:c6:0f:b0:b8:53:ec:ed:70: a0:00:64:b4:0a:14:9b:c3:55:65:ae:6f:a3:dd:17:f7:40:eb: 7d:97:97:97:a8:cc:8b:d6:73:0e:62:4f:29:a5:c5:d7:57:53: c1:a1:f0:53:5c:dd:09:cc:3b:83:d6:a8:96:d1:99:01:1d:62: d4:30:ef:01:a7:1b:56:fb:a4:d7:8e:86:4e:8e:00:59:5e:24: c7:33:dc:0c:f2:79:1f:5b:b8:9b:c7:40:24:b8:1c:5e:16:65: fa:26:5a:c8:0c:a1:72:e0:37:61:0d:da:57:35:c3:74:ec:35: cd:24:02:b5:2e:be:36:7f:bd:74:d8:57:4b:8f:d6:1d:34:63: 4c:05:14:88:79:d1:00:e9:43:79:40:ad:0a:f4:65:8a:e7:51: 9a:64:5d:19:b3:d8:9a:68:b5:f3:46:fe:1b:81:27:eb:15:d5: c4:aa:bf:62:de:0d:c7:87:27:49:94:fb:2b:91:62:c8:83:f4: ea:64:90:f8:ff:57:73:43:54:a5:93:68:1d:4e:ef:2f:4f:68: 08:56:72:8b:47:b2:ba:03:13:89:7f:b9:98:a7:c5:ae:c5:d1: 49:d9:3a:d5:36:30:50:0a:72:03:a4:0a:84:d1:44:9f:45:98: 21:45:d7:c7 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIWUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNTA5MTMw MzAzMDJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEEwODAxRTBCNjlFN0NC NDIyODlEMTlFNTU1QzU3M0VCMTdBMzUwNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAQZeBxartsA9LF3XU28BjqYr2IwZs/t9Z0Uy9bz4VGYvyuSCk 3SglR7Hfvews2L/QgZMWqaQBpAyg/Ui1hCozXY4LKt3UB1KeeSa5E095BAAQumXt ILlI89mNcqrWN0wQp0u4GKUF5EUQYf6BCsFmctYanQCTpeMfMTaU7SuQEGsC3Li1 T/amNLV3P7m5mecEJGaM31VdLGlHLuE4SvM0hO1vbvOB5xyR0RZN4R2DcqgbenXW jlpKKEQaJGVj27hjolf+3dx6WORRKEve6mbwjUe/zbkVZYPbu2tCe4ZdEBQ2GwbX aPXDX00IMtG2rsDTI0+qKpO5eHt4ZbEwWmz3AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUoIAeC2nny0IonRnlVcVz6xejUHUwHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL29JQWVDMm5ueTBJb25S bmxWY1Z6NnhlalVIVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn7OgwDQYJKoZIhvcNAQELBQADggEBAFCyB6IKEGUHMUXGD7C4U+ztcKAAZLQK FJvDVWWub6PdF/dA632Xl5eozIvWcw5iTymlxddXU8Gh8FNc3QnMO4PWqJbRmQEd YtQw7wGnG1b7pNeOhk6OAFleJMcz3AzyeR9buJvHQCS4HF4WZfomWsgMoXLgN2EN 2lc1w3TsNc0kArUuvjZ/vXTYV0uP1h00Y0wFFIh50QDpQ3lArQr0ZYrnUZpkXRmz 2JpotfNG/huBJ+sV1cSqv2LeDceHJ0mU+yuRYsiD9OpkkPj/V3NDVKWTaB1O7y9P aAhWcotHsroDE4l/uZinxa7F0UnZOtU2MFAKcgOkCoTRRJ9FmCFF18c= -----END CERTIFICATE-----Generated at Mon Oct 20 14:31:47 2025 by rpki-client