$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/313/JXsubFE5rE6hJXtY0ei_k2IEO6Q.roa File: JXsubFE5rE6hJXtY0ei_k2IEO6Q.roa (raw, json) Hash identifier: F+TjXHDCf8NFe0rDwJxtLPL5kd+h8tLpLMX5LIISFMs= Subject key identifier: 25:7B:2E:6C:51:39:AC:4E:A1:25:7B:58:D1:E8:BF:93:62:04:3B:A4 Certificate issuer: /CN=F5EB8FCA98FE5332275BA94D85E69397956CBE47 Certificate serial: 1F5B Authority key identifier: F5:EB:8F:CA:98:FE:53:32:27:5B:A9:4D:85:E6:93:97:95:6C:BE:47 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9euPypj-UzInW6lNheaTl5Vsvkc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/313/JXsubFE5rE6hJXtY0ei_k2IEO6Q.roa Signing time: Mon 21 Jul 2025 08:08:16 +0000 ROA not before: Mon 21 Jul 2025 08:08:16 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 38365 IP address blocks: 182.61.200.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/313/9euPypj-UzInW6lNheaTl5Vsvkc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/313/9euPypj-UzInW6lNheaTl5Vsvkc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9euPypj-UzInW6lNheaTl5Vsvkc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 13:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8027 (0x1f5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F5EB8FCA98FE5332275BA94D85E69397956CBE47 Validity Not Before: Jul 21 08:08:16 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=257B2E6C5139AC4EA1257B58D1E8BF9362043BA4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:70:b4:dd:4a:a9:71:db:19:3b:74:de:53:c7: 8f:22:15:52:81:a9:97:65:7c:ac:34:26:01:b1:0a: 20:b5:03:eb:bc:8f:a9:32:df:cb:f8:5b:6a:d8:a0: c3:27:a2:ae:30:7d:fe:05:02:92:1c:d4:19:90:7c: 3f:7a:8d:ba:2c:c2:41:ee:b7:25:d9:1f:63:32:49: 33:86:2e:d4:7c:fc:59:56:63:4a:d3:90:20:a9:52: 45:fb:b8:ca:4c:f0:6c:c2:be:1a:26:85:89:a2:95: 58:20:5d:f2:5d:a3:e5:a5:49:df:33:91:55:65:bd: ec:88:44:ae:83:87:e5:3b:c8:ce:57:77:ec:2b:31: d9:41:fe:17:9c:04:5d:5e:d0:82:b2:6b:ef:90:05: e8:33:91:a2:dc:12:c0:e7:9e:e6:df:43:a0:af:bc: 67:0b:cf:aa:47:c0:07:40:ec:39:13:7a:82:e9:4f: d0:07:b1:79:e0:0b:5c:56:7f:ee:05:11:cb:ce:2b: 86:01:ee:44:0c:c9:f6:72:44:6e:17:2b:2b:a4:cd: c1:38:91:a8:66:f1:3c:12:b2:90:a1:40:7c:5b:f3: 9a:00:94:75:79:20:14:50:0a:c3:89:6c:57:5b:a9: b3:71:62:3c:ee:12:ec:2f:99:c4:cb:b8:ef:5b:6c: d3:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:7B:2E:6C:51:39:AC:4E:A1:25:7B:58:D1:E8:BF:93:62:04:3B:A4 X509v3 Authority Key Identifier: keyid:F5:EB:8F:CA:98:FE:53:32:27:5B:A9:4D:85:E6:93:97:95:6C:BE:47 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/313/9euPypj-UzInW6lNheaTl5Vsvkc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9euPypj-UzInW6lNheaTl5Vsvkc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/313/JXsubFE5rE6hJXtY0ei_k2IEO6Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 182.61.200.0/21 Signature Algorithm: sha256WithRSAEncryption 8f:9f:7c:e7:dd:00:8e:3d:98:68:57:9c:e4:3b:3f:8e:ef:37: 8e:1c:c8:40:fb:0c:7a:08:1e:5e:71:fc:0f:fd:a4:4f:d8:a9: 71:0c:e1:fd:44:fa:c0:bb:84:21:26:33:7e:f9:f0:10:af:07: 4d:a4:1f:ed:c1:49:da:a6:1d:df:ea:6c:b6:37:4e:6e:39:91: ce:27:80:36:cf:12:32:bc:9f:89:22:ea:11:b7:25:d1:2a:bb: f9:fc:60:be:b4:95:99:4f:b0:ff:5b:1f:c1:65:38:e7:2f:16: 07:cc:75:d7:d5:dd:0f:c8:0d:72:6d:a9:a0:1c:3d:8b:ee:40: 29:59:cf:e1:0d:67:03:a8:f6:7c:05:57:25:69:d9:11:39:be: 46:e5:75:66:43:fc:a9:b0:43:76:6e:06:90:fd:9a:9d:74:80: 54:4d:a9:a9:72:86:54:90:83:31:2a:9c:9b:1d:24:d7:4e:d8: d1:28:e5:5a:4a:48:e7:53:1a:1a:71:aa:41:0f:e2:7f:f8:15: 8c:10:99:ae:03:d0:8a:b4:41:71:4b:0d:3e:7b:05:c4:bc:10: 75:18:ab:e5:fa:bb:7e:33:c7:10:55:d4:4f:0e:6d:2e:21:36: a8:26:47:74:a7:aa:04:15:b2:9c:46:55:fd:9b:6e:8a:18:e6: b9:4d:00:b7 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICH1swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjVF QjhGQ0E5OEZFNTMzMjI3NUJBOTREODVFNjkzOTc5NTZDQkU0NzAeFw0yNTA3MjEw ODA4MTZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDI1N0IyRTZDNTEzOUFD NEVBMTI1N0I1OEQxRThCRjkzNjIwNDNCQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrcLTdSqlx2xk7dN5Tx48iFVKBqZdlfKw0JgGxCiC1A+u8j6ky 38v4W2rYoMMnoq4wff4FApIc1BmQfD96jboswkHutyXZH2MySTOGLtR8/FlWY0rT kCCpUkX7uMpM8GzCvhomhYmilVggXfJdo+WlSd8zkVVlveyIRK6Dh+U7yM5Xd+wr MdlB/hecBF1e0IKya++QBegzkaLcEsDnnubfQ6CvvGcLz6pHwAdA7DkTeoLpT9AH sXngC1xWf+4FEcvOK4YB7kQMyfZyRG4XKyukzcE4kahm8TwSspChQHxb85oAlHV5 IBRQCsOJbFdbqbNxYjzuEuwvmcTLuO9bbNOFAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUJXsubFE5rE6hJXtY0ei/k2IEO6QwHwYDVR0jBBgwFoAU9euPypj+UzInW6lN heaTl5VsvkcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz LzlldVB5cGotVXpJblc2bE5oZWFUbDVWc3ZrYy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOWV1UHlwai1VekluVzZsTmhlYVRsNVZzdmtjLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEzL0pYc3ViRkU1ckU2aEpY dFkwZWlfazJJRU82US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAO2PcgwDQYJKoZIhvcNAQELBQADggEBAI+ffOfdAI49mGhXnOQ7P47vN44cyED7 DHoIHl5x/A/9pE/YqXEM4f1E+sC7hCEmM3758BCvB02kH+3BSdqmHd/qbLY3Tm45 kc4ngDbPEjK8n4ki6hG3JdEqu/n8YL60lZlPsP9bH8FlOOcvFgfMddfV3Q/IDXJt qaAcPYvuQClZz+ENZwOo9nwFVyVp2RE5vkbldWZD/KmwQ3ZuBpD9mp10gFRNqaly hlSQgzEqnJsdJNdO2NEo5VpKSOdTGhpxqkEP4n/4FYwQma4D0Iq0QXFLDT57BcS8 EHUYq+X6u34zxxBV1E8ObS4hNqgmR3SnqgQVspxGVf2bbooY5rlNALc= -----END CERTIFICATE-----Generated at Thu Aug 14 11:10:50 2025 by rpki-client