$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/FEKi2XmJhngJQPy5x7S-ohtjI_k.roa File: FEKi2XmJhngJQPy5x7S-ohtjI_k.roa (raw, json) Hash identifier: CIATHnFPZbzyu6Wp3cexM1+osc5w+jp4hKIkyNUxLmE= Subject key identifier: 14:42:A2:D9:79:89:86:78:09:40:FC:B9:C7:B4:BE:A2:1B:63:23:F9 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 13DE Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/FEKi2XmJhngJQPy5x7S-ohtjI_k.roa Signing time: Mon 21 Jul 2025 11:55:33 +0000 ROA not before: Mon 21 Jul 2025 11:55:33 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 62387 IP address blocks: 101.232.140.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 06:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5086 (0x13de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Jul 21 11:55:33 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=1442A2D9798986780940FCB9C7B4BEA21B6323F9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:aa:b8:18:26:ea:28:42:83:5b:16:b6:b7:7a: 77:d1:a7:15:06:9d:44:ae:f6:1c:4c:1e:41:0b:2e: 74:f2:73:86:df:76:d3:aa:13:26:50:41:83:a3:22: 15:9d:b0:26:73:35:e4:67:7f:2d:d6:c4:8c:1f:4c: 88:2d:ea:43:14:1f:b2:d2:27:a3:be:ba:9a:d3:0a: f3:44:12:e4:ee:cd:69:23:74:08:62:fa:9e:08:aa: 5a:f0:87:56:70:fd:d1:34:ae:d3:48:41:9b:88:32: 58:49:da:5d:e2:4c:00:73:2a:3b:87:53:0b:9a:9a: 2b:52:b3:56:b9:7e:0c:9d:2d:d2:7c:f9:99:0e:12: c1:35:6e:c1:96:58:c4:e8:29:b5:90:1a:e1:eb:7c: 40:e9:85:09:6b:1f:b4:a1:69:a8:70:b4:86:56:99: 79:b8:07:68:6b:0f:fe:4b:76:e5:2b:87:aa:a3:69: bd:64:95:1c:2b:af:1e:7f:74:d2:30:c9:e6:ce:35: 58:0b:04:45:c6:54:17:5d:9f:3d:c1:f3:ed:51:cc: 41:99:65:8b:f0:ff:05:76:fb:58:8a:c6:c9:16:a2: 69:a8:50:a9:47:40:28:b0:38:98:09:23:a6:32:2c: ec:56:a5:b5:d7:d7:41:16:64:66:a1:ba:2e:61:38: 56:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:42:A2:D9:79:89:86:78:09:40:FC:B9:C7:B4:BE:A2:1B:63:23:F9 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/FEKi2XmJhngJQPy5x7S-ohtjI_k.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.140.0/22 Signature Algorithm: sha256WithRSAEncryption 58:97:ea:f8:5b:c8:f1:5d:57:d0:2b:b3:69:eb:b4:c5:d2:eb: 26:d9:59:12:37:5b:cb:89:3d:b8:8c:1a:0f:63:6c:f2:b9:af: 5c:80:9a:a2:7c:04:e5:1e:af:9c:97:f7:d8:6c:6f:9c:ee:de: b2:23:36:27:24:90:80:62:b2:e5:2a:cf:4c:ad:00:1c:97:3d: be:ea:a9:ec:07:d0:de:1d:ea:15:78:3c:cb:2c:52:9a:dd:45: d9:6a:ad:6a:75:d4:54:9f:5c:d4:2a:1f:f3:45:f1:f1:ed:d7: 92:35:31:08:da:d4:dc:71:7f:11:9c:b5:8e:b3:84:b7:a4:71: 9e:f1:31:71:8e:2e:71:4e:b5:6f:68:8b:c9:01:30:64:28:83: ef:41:ff:fb:5f:14:33:6d:a2:0e:7c:9f:45:b5:e4:65:13:e2: 28:d1:79:81:65:1d:91:53:39:d2:3e:80:0a:81:e4:06:bc:8c: ba:7a:48:92:4c:fc:62:c0:aa:83:c9:7a:85:10:08:3f:25:79: 0a:bb:db:31:dd:23:47:a4:69:ee:df:55:ec:99:44:18:5f:4f: 0e:86:8d:57:b3:c6:5f:91:b7:89:d7:b0:e3:91:95:65:ec:6d: 8d:3f:2d:ae:d5:88:8c:5f:ed:98:9b:d8:5e:6e:bb:81:cd:f4: 0c:a2:fa:e5 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICE94wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA3MjEx MTU1MzNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDE0NDJBMkQ5Nzk4OTg2 NzgwOTQwRkNCOUM3QjRCRUEyMUI2MzIzRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDRqrgYJuooQoNbFra3enfRpxUGnUSu9hxMHkELLnTyc4bfdtOq EyZQQYOjIhWdsCZzNeRnfy3WxIwfTIgt6kMUH7LSJ6O+uprTCvNEEuTuzWkjdAhi +p4Iqlrwh1Zw/dE0rtNIQZuIMlhJ2l3iTABzKjuHUwuamitSs1a5fgydLdJ8+ZkO EsE1bsGWWMToKbWQGuHrfEDphQlrH7ShaahwtIZWmXm4B2hrD/5LduUrh6qjab1k lRwrrx5/dNIwyebONVgLBEXGVBddnz3B8+1RzEGZZYvw/wV2+1iKxskWommoUKlH QCiwOJgJI6YyLOxWpbXX10EWZGahui5hOFbZAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUFEKi2XmJhngJQPy5x7S+ohtjI/kwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0ZFS2kyWG1KaG5nSlFQ eTV4N1Mtb2h0aklfay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6IwwDQYJKoZIhvcNAQELBQADggEBAFiX6vhbyPFdV9Ars2nrtMXS6ybZWRI3 W8uJPbiMGg9jbPK5r1yAmqJ8BOUer5yX99hsb5zu3rIjNickkIBisuUqz0ytAByX Pb7qqewH0N4d6hV4PMssUprdRdlqrWp11FSfXNQqH/NF8fHt15I1MQja1NxxfxGc tY6zhLekcZ7xMXGOLnFOtW9oi8kBMGQog+9B//tfFDNtog58n0W15GUT4ijReYFl HZFTOdI+gAqB5Aa8jLp6SJJM/GLAqoPJeoUQCD8leQq72zHdI0ekae7fVeyZRBhf Tw6GjVezxl+Rt4nXsOORlWXsbY0/La7ViIxf7Zib2F5uu4HN9Ayi+uU= -----END CERTIFICATE-----Generated at Mon Aug 11 04:42:05 2025 by rpki-client