$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/656/4qDHOmrS1wT4lzQmoBk_Nmcp3yk.roa File: 4qDHOmrS1wT4lzQmoBk_Nmcp3yk.roa (raw, json) Hash identifier: B6AH5O9gGqwAymI6xCMYxI3SGea5gY1382EzRnQ6xoU= Subject key identifier: E2:A0:C7:3A:6A:D2:D7:04:F8:97:34:26:A0:19:3F:36:67:29:DF:29 Certificate issuer: /CN=64DC20D9612C5B77499A6D223A652B2E38B11647 Certificate serial: 1C21 Authority key identifier: 64:DC:20:D9:61:2C:5B:77:49:9A:6D:22:3A:65:2B:2E:38:B1:16:47 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZNwg2WEsW3dJmm0iOmUrLjixFkc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/4qDHOmrS1wT4lzQmoBk_Nmcp3yk.roa Signing time: Sat 13 Sep 2025 03:06:57 +0000 ROA not before: Sat 13 Sep 2025 03:06:57 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 132203 IP address blocks: 49.51.128.0/19 maxlen: 24 49.51.146.0/23 maxlen: 24 49.51.160.0/20 maxlen: 24 119.28.164.0/24 maxlen: 24 119.28.165.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/ZNwg2WEsW3dJmm0iOmUrLjixFkc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/ZNwg2WEsW3dJmm0iOmUrLjixFkc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZNwg2WEsW3dJmm0iOmUrLjixFkc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7201 (0x1c21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=64DC20D9612C5B77499A6D223A652B2E38B11647 Validity Not Before: Sep 13 03:06:57 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=E2A0C73A6AD2D704F8973426A0193F366729DF29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:02:2e:6a:e5:0b:a4:ef:2b:1c:e2:34:db:27: d4:62:02:02:12:d4:bc:4f:93:5d:a4:63:ca:bb:6c: 59:6d:90:1c:1f:6a:8f:15:c1:1e:f3:1d:9b:52:66: da:c2:aa:45:5a:f0:50:8f:ec:5f:f9:a5:94:db:45: ed:5e:fc:19:d3:67:04:b1:3d:49:74:85:93:80:f7: a3:35:87:9d:36:e8:1c:a9:42:95:7f:07:f9:11:f7: 93:d3:52:e0:99:8f:52:31:ae:5e:73:85:97:20:ca: 0f:81:17:37:46:ec:64:9f:30:1b:26:38:31:d2:a3: 01:c6:8c:2e:97:99:b5:7e:41:4b:21:8a:fc:66:c8: 53:ff:b5:3a:1c:40:35:ae:31:06:8c:cb:0b:bd:a2: 79:ac:77:65:b7:84:b8:e2:ae:3b:ec:86:4a:c7:4f: de:b7:ca:a5:20:2e:c5:39:47:ff:6e:cc:f6:36:05: 8b:c2:d5:df:92:ce:cd:a9:40:74:e3:87:a4:76:65: 87:04:b8:b0:bc:10:d3:08:e2:cb:17:ca:e1:09:2f: b1:9f:12:df:18:d3:f5:c6:47:b3:cf:36:a3:05:29: a3:49:cc:aa:43:62:c1:cc:18:9e:31:b7:f6:6b:42: 54:f0:fd:2f:fc:06:1e:9c:59:fa:71:c2:19:65:f5: 4e:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:A0:C7:3A:6A:D2:D7:04:F8:97:34:26:A0:19:3F:36:67:29:DF:29 X509v3 Authority Key Identifier: keyid:64:DC:20:D9:61:2C:5B:77:49:9A:6D:22:3A:65:2B:2E:38:B1:16:47 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/ZNwg2WEsW3dJmm0iOmUrLjixFkc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZNwg2WEsW3dJmm0iOmUrLjixFkc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/4qDHOmrS1wT4lzQmoBk_Nmcp3yk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 49.51.128.0-49.51.175.255 119.28.164.0/23 Signature Algorithm: sha256WithRSAEncryption 93:a7:6e:d5:65:67:b5:04:09:f1:4d:43:1e:c0:50:fb:d0:49: 6a:75:6e:86:b3:44:4a:95:f4:8d:b5:93:d8:c1:1e:9b:c8:3b: 56:54:fd:45:8a:f7:e9:b5:c6:de:82:50:0f:9c:f6:fc:90:94: e1:00:27:5a:93:83:74:a7:ab:80:09:6a:ce:68:4a:0e:84:e7: 3d:8d:f0:db:51:32:b4:35:63:3a:9f:ff:63:29:b3:9f:fd:3d: c5:85:7b:1d:3a:2f:45:34:3b:04:9d:ae:4d:e6:74:5a:8b:7a: 0e:20:bf:fc:41:a1:ed:db:38:c6:e6:e5:df:75:eb:1b:6e:9f: ec:e9:e9:af:68:0e:f7:82:13:e2:95:fe:d9:71:8a:c6:ac:f6: 23:3b:88:c0:53:08:ef:fd:3a:38:9f:0c:ab:d2:29:10:54:23: 55:98:f8:08:25:6e:34:42:ca:37:7b:b6:de:f7:98:ac:54:67: d8:b3:ce:7a:bd:96:7d:70:5b:84:82:ed:8e:32:47:6b:b4:f5: 9f:95:4f:ae:a1:bc:3e:f0:4c:6f:a5:0f:7a:07:17:ad:d6:2d: b2:4c:66:fc:ca:64:45:54:40:91:1b:18:1d:72:05:a6:9b:4b: 47:21:ff:27:dd:c3:3d:14:61:94:65:4b:dd:89:43:db:10:da: 53:84:be:2f -----BEGIN CERTIFICATE----- MIIE4zCCA8ugAwIBAgICHCEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjRE QzIwRDk2MTJDNUI3NzQ5OUE2RDIyM0E2NTJCMkUzOEIxMTY0NzAeFw0yNTA5MTMw MzA2NTdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEUyQTBDNzNBNkFEMkQ3 MDRGODk3MzQyNkEwMTkzRjM2NjcyOURGMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTAi5q5Quk7ysc4jTbJ9RiAgIS1LxPk12kY8q7bFltkBwfao8V wR7zHZtSZtrCqkVa8FCP7F/5pZTbRe1e/BnTZwSxPUl0hZOA96M1h5026BypQpV/ B/kR95PTUuCZj1Ixrl5zhZcgyg+BFzdG7GSfMBsmODHSowHGjC6XmbV+QUshivxm yFP/tTocQDWuMQaMywu9onmsd2W3hLjirjvshkrHT963yqUgLsU5R/9uzPY2BYvC 1d+Szs2pQHTjh6R2ZYcEuLC8ENMI4ssXyuEJL7GfEt8Y0/XGR7PPNqMFKaNJzKpD YsHMGJ4xt/ZrQlTw/S/8Bh6cWfpxwhll9U5xAgMBAAGjggH/MIIB+zAdBgNVHQ4E FgQU4qDHOmrS1wT4lzQmoBk/Nmcp3ykwHwYDVR0jBBgwFoAUZNwg2WEsW3dJmm0i OmUrLjixFkcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU2 L1pOd2cyV0VzVzNkSm1tMGlPbVVyTGppeEZrYy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvWk53ZzJXRXNXM2RKbW0waU9tVXJMaml4RmtjLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU2LzRxREhPbXJTMXdUNGx6 UW1vQmtfTm1jcDN5ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQw DAMEBzEzgAMEBDEzoAMEAXccpDANBgkqhkiG9w0BAQsFAAOCAQEAk6du1WVntQQJ 8U1DHsBQ+9BJanVuhrNESpX0jbWT2MEem8g7VlT9RYr36bXG3oJQD5z2/JCU4QAn WpODdKergAlqzmhKDoTnPY3w21EytDVjOp//Yymzn/09xYV7HTovRTQ7BJ2uTeZ0 Wot6DiC//EGh7ds4xubl33XrG26f7Onpr2gO94IT4pX+2XGKxqz2IzuIwFMI7/06 OJ8Mq9IpEFQjVZj4CCVuNELKN3u23veYrFRn2LPOer2WfXBbhILtjjJHa7T1n5VP rqG8PvBMb6UPegcXrdYtskxm/MpkRVRAkRsYHXIFpptLRyH/J93DPRRhlGVL3YlD 2xDaU4S+Lw== -----END CERTIFICATE-----Generated at Mon Oct 20 22:18:23 2025 by rpki-client