$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/F_cF8zUUecw-6s58AlyiPat8QaU.roa File: F_cF8zUUecw-6s58AlyiPat8QaU.roa (raw, json) Hash identifier: T5dgVCV2mAdquZvhQDjjtIQvOlxQCcb6/v3e+7Nlis8= Subject key identifier: 17:F7:05:F3:35:14:79:CC:3E:EA:CE:7C:02:5C:A2:3D:AB:7C:41:A5 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1951 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/F_cF8zUUecw-6s58AlyiPat8QaU.roa Signing time: Mon 21 Jul 2025 07:42:28 +0000 ROA not before: Mon 21 Jul 2025 07:42:28 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 6079 IP address blocks: 180.223.32.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 05:02:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6481 (0x1951) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Jul 21 07:42:28 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=17F705F3351479CC3EEACE7C025CA23DAB7C41A5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:c4:04:69:fd:ac:7d:46:80:bd:55:09:47:8c: 40:e3:40:c5:d4:29:e6:0b:dd:36:6d:96:e4:97:b2: 6f:9b:da:de:b5:29:fc:26:90:db:13:3b:bd:a8:5e: 1a:bf:30:d5:c7:18:ee:1e:a3:d7:1c:9d:7d:c6:f6: 91:bc:93:ce:35:ee:91:3c:bd:74:93:ec:11:30:ef: 93:f1:f7:8f:93:87:a4:91:28:07:a2:04:1e:c9:08: 8a:09:fa:87:0f:95:87:5c:42:f0:26:7e:99:e8:17: 1e:56:d3:41:52:16:82:fc:77:3a:4a:33:3f:77:ec: e9:55:e8:69:06:59:53:6f:c9:2a:31:7d:55:ce:41: f6:28:6c:4d:ac:fc:27:d3:db:dc:94:47:0b:29:52: a9:63:a4:c0:06:09:73:ed:df:d1:cf:bc:73:ed:8b: 63:91:96:f8:c5:f8:30:08:58:e0:f5:bd:38:da:48: 38:7a:51:8d:c7:a8:8f:a0:85:af:68:20:d0:96:20: 02:55:49:a8:9b:43:5b:21:ab:df:1b:0a:eb:0f:7f: d0:3e:10:99:36:99:46:b7:4b:4d:16:f4:f8:8a:44: 28:82:61:dd:d1:b6:d8:37:b1:2a:e7:b3:5c:ca:50: ad:73:14:00:5b:cc:d9:d0:2d:01:4c:6e:16:b3:72: 4d:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:F7:05:F3:35:14:79:CC:3E:EA:CE:7C:02:5C:A2:3D:AB:7C:41:A5 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/F_cF8zUUecw-6s58AlyiPat8QaU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.32.0/21 Signature Algorithm: sha256WithRSAEncryption 77:be:08:21:67:78:cf:6e:b6:23:54:30:a6:e3:81:a3:5c:e7: d2:a5:44:55:45:2c:cf:d3:f8:7a:a4:f4:4e:aa:1b:06:8f:80: 5b:c6:79:97:b0:70:23:f6:a6:c9:51:b4:a7:71:9c:37:e7:dd: c0:45:58:db:40:37:ab:13:90:9b:19:09:32:7b:1b:6b:b4:8f: 05:4b:1d:07:f9:8b:a7:27:d9:04:71:35:c5:62:63:27:0b:fe: 50:b3:f1:c7:8e:ae:90:ae:f8:c3:cd:77:69:0a:77:b5:2d:b2: f5:85:1c:e7:07:39:93:2d:c2:a2:28:9c:5b:8f:4e:e9:10:fa: 0c:69:6f:61:b4:9a:76:a8:77:ab:db:e4:3a:d9:5f:27:c5:60: 96:ed:61:cb:6a:18:63:c2:dc:ce:18:3b:e6:a1:3c:10:ac:32: 6d:9f:2d:ce:88:65:76:e2:dd:71:dc:d2:00:bc:91:9d:3c:d2: cd:3d:85:1e:ee:86:6f:75:36:81:ad:4b:0c:88:18:74:ca:fe: 13:a8:ce:71:44:5b:1a:1b:44:4a:72:b9:df:b3:9d:b8:8f:59: f4:37:c5:58:b9:b7:e4:ae:07:78:36:ed:28:39:d6:83:47:0a: aa:8b:0d:4e:c2:f6:a4:5c:2c:32:f0:3d:29:92:03:f2:13:52: 7e:f5:ef:e8 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGVEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA3MjEw NzQyMjhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDE3RjcwNUYzMzUxNDc5 Q0MzRUVBQ0U3QzAyNUNBMjNEQUI3QzQxQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCbxARp/ax9RoC9VQlHjEDjQMXUKeYL3TZtluSXsm+b2t61Kfwm kNsTO72oXhq/MNXHGO4eo9ccnX3G9pG8k8417pE8vXST7BEw75Px94+Th6SRKAei BB7JCIoJ+ocPlYdcQvAmfpnoFx5W00FSFoL8dzpKMz937OlV6GkGWVNvySoxfVXO QfYobE2s/CfT29yURwspUqljpMAGCXPt39HPvHPti2ORlvjF+DAIWOD1vTjaSDh6 UY3HqI+gha9oINCWIAJVSaibQ1shq98bCusPf9A+EJk2mUa3S00W9PiKRCiCYd3R ttg3sSrns1zKUK1zFABbzNnQLQFMbhazck03AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUF/cF8zUUecw+6s58AlyiPat8QaUwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvRl9jRjh6VVVlY3ct NnM1OEFseWlQYXQ4UWFVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7TfIDANBgkqhkiG9w0BAQsFAAOCAQEAd74IIWd4z262I1QwpuOBo1zn0qVE VUUsz9P4eqT0TqobBo+AW8Z5l7BwI/amyVG0p3GcN+fdwEVY20A3qxOQmxkJMnsb a7SPBUsdB/mLpyfZBHE1xWJjJwv+ULPxx46ukK74w813aQp3tS2y9YUc5wc5ky3C oiicW49O6RD6DGlvYbSadqh3q9vkOtlfJ8Vglu1hy2oYY8Lczhg75qE8EKwybZ8t zohlduLdcdzSALyRnTzSzT2FHu6Gb3U2ga1LDIgYdMr+E6jOcURbGhtESnK537Od uI9Z9DfFWLm35K4HeDbtKDnWg0cKqosNTsL2pFwsMvA9KZID8hNSfvXv6A== -----END CERTIFICATE-----Generated at Mon Aug 11 02:26:12 2025 by rpki-client