$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/TO28YNXiXdB4pFk7DUMONecgPfU.roa File: TO28YNXiXdB4pFk7DUMONecgPfU.roa (raw, json) Hash identifier: Y70qPJ4ksBDsGWAjcLKILw59S+DKtLUu1O6XS7OTCkY= Subject key identifier: 4C:ED:BC:60:D5:E2:5D:D0:78:A4:59:3B:0D:43:0E:35:E7:20:3D:F5 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1A98 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/TO28YNXiXdB4pFk7DUMONecgPfU.roa Signing time: Sat 13 Sep 2025 03:07:24 +0000 ROA not before: Sat 13 Sep 2025 03:07:24 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 2914 IP address blocks: 180.223.203.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Nov 2025 23:43:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6808 (0x1a98) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Sep 13 03:07:24 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4CEDBC60D5E25DD078A4593B0D430E35E7203DF5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:89:c5:08:fd:54:af:38:73:57:1d:4a:8c:3a: 88:2e:8d:d2:97:cc:21:28:ee:8d:a7:1d:7d:8d:96: d7:06:13:db:85:0b:bb:11:92:ab:e3:59:90:f1:a3: b1:30:f5:84:db:40:5a:95:9d:77:4d:8a:b1:1c:61: 36:36:6c:20:a5:f5:70:47:e4:32:24:d6:99:71:1a: 3c:1a:bd:02:aa:75:3a:18:11:86:4f:1e:66:48:af: 26:12:04:1a:00:60:5c:14:bc:b9:a8:64:f6:02:00: 03:91:99:65:d7:2e:1a:c8:23:1e:74:72:c7:ed:87: 9f:31:70:5b:1e:c6:06:81:32:56:5e:99:a2:ba:90: 01:7c:7c:17:e4:8b:07:62:7c:f8:06:7e:2a:a7:12: c4:fe:7a:5e:1c:43:27:e6:8b:0f:19:14:38:62:16: e0:42:15:c6:ca:3c:e8:38:57:d7:ed:b1:e0:b1:00: 92:b6:32:66:10:7f:ba:0d:80:b3:39:18:a1:51:bb: 96:3e:49:e3:e5:3d:15:b1:70:f9:9b:5a:90:1a:a2: bc:84:36:50:c7:d1:fa:4b:67:69:45:e7:35:f8:2f: a8:45:d3:9a:41:51:f4:cb:b1:b4:c7:49:90:29:6e: 2d:ac:46:b6:35:4c:3f:ab:fb:f3:5a:e6:a1:2a:e9: d6:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:ED:BC:60:D5:E2:5D:D0:78:A4:59:3B:0D:43:0E:35:E7:20:3D:F5 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/TO28YNXiXdB4pFk7DUMONecgPfU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.203.0/24 Signature Algorithm: sha256WithRSAEncryption 79:5b:27:e0:cb:36:3b:eb:32:49:f3:2a:7a:ee:44:7f:83:b2: d5:70:45:86:a8:7e:82:b8:c8:4e:8f:34:3a:1c:07:4b:77:b3: 2d:a2:d4:e5:38:a8:0b:d1:2b:95:cd:5a:2c:ed:e3:85:f7:27: 74:7e:94:bb:a3:a6:3c:46:02:ce:3b:86:d6:f4:b9:5b:b7:a6: 64:5b:b8:8f:05:b1:a4:77:fa:55:db:04:70:ab:9e:3f:d5:3d: 06:96:c3:76:fb:f2:5a:b2:20:40:b2:4e:07:53:33:06:46:83: a9:42:07:9f:55:7a:e8:c4:ed:82:80:0b:b6:18:7e:4b:fc:ec: c5:00:80:ae:ff:ad:c5:5f:b6:fa:f7:a8:02:9d:67:31:fb:47: ff:9b:20:d0:9a:78:cc:8f:a8:ab:ec:8f:7e:a0:1d:fe:12:fb: 00:fa:9c:54:5c:35:4f:72:a0:3a:db:1b:c7:eb:56:7f:e0:27: 10:39:d0:1c:86:0e:15:dd:af:1e:af:34:33:db:b6:34:ab:62: a8:e5:1f:17:90:33:43:98:5b:33:7d:f9:71:bf:9d:24:9b:3f: b6:00:e8:b0:6b:a1:d5:99:55:4b:5e:36:53:47:6d:65:a3:70: 59:c5:df:dd:e6:d9:72:66:11:80:f8:f3:9f:a8:20:1c:e8:6e: 2f:50:02:05 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGpgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA5MTMw MzA3MjRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDRDRURCQzYwRDVFMjVE RDA3OEE0NTkzQjBENDMwRTM1RTcyMDNERjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEicUI/VSvOHNXHUqMOogujdKXzCEo7o2nHX2NltcGE9uFC7sR kqvjWZDxo7Ew9YTbQFqVnXdNirEcYTY2bCCl9XBH5DIk1plxGjwavQKqdToYEYZP HmZIryYSBBoAYFwUvLmoZPYCAAORmWXXLhrIIx50csfth58xcFsexgaBMlZemaK6 kAF8fBfkiwdifPgGfiqnEsT+el4cQyfmiw8ZFDhiFuBCFcbKPOg4V9ftseCxAJK2 MmYQf7oNgLM5GKFRu5Y+SePlPRWxcPmbWpAaoryENlDH0fpLZ2lF5zX4L6hF05pB UfTLsbTHSZApbi2sRrY1TD+r+/Na5qEq6daXAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUTO28YNXiXdB4pFk7DUMONecgPfUwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvVE8yOFlOWGlYZEI0 cEZrN0RVTU9OZWNnUGZVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTfyzANBgkqhkiG9w0BAQsFAAOCAQEAeVsn4Ms2O+sySfMqeu5Ef4Oy1XBF hqh+grjITo80OhwHS3ezLaLU5TioC9Erlc1aLO3jhfcndH6Uu6OmPEYCzjuG1vS5 W7emZFu4jwWxpHf6VdsEcKueP9U9BpbDdvvyWrIgQLJOB1MzBkaDqUIHn1V66MTt goALthh+S/zsxQCArv+txV+2+veoAp1nMftH/5sg0Jp4zI+oq+yPfqAd/hL7APqc VFw1T3KgOtsbx+tWf+AnEDnQHIYOFd2vHq80M9u2NKtiqOUfF5AzQ5hbM335cb+d JJs/tgDosGuh1ZlVS142U0dtZaNwWcXf3ebZcmYRgPjzn6ggHOhuL1ACBQ== -----END CERTIFICATE-----Generated at Tue Nov 4 22:35:04 2025 by rpki-client