$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/kdoYjAU8__DqkCOzvcULaMgm3-Q.roa File: kdoYjAU8__DqkCOzvcULaMgm3-Q.roa (raw, json) Hash identifier: 9wAtnpoXSTBmPcqVIgftByOjiIpYDXvqFO2hE4y8dDM= Subject key identifier: 91:DA:18:8C:05:3C:FF:F0:EA:90:23:B3:BD:C5:0B:68:C8:26:DF:E4 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 13E0 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/kdoYjAU8__DqkCOzvcULaMgm3-Q.roa Signing time: Mon 21 Jul 2025 11:55:45 +0000 ROA not before: Mon 21 Jul 2025 11:55:45 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 62387 IP address blocks: 101.232.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 04:02:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5088 (0x13e0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Jul 21 11:55:45 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=91DA188C053CFFF0EA9023B3BDC50B68C826DFE4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:80:68:ba:e9:42:c5:13:1e:d6:22:01:ed:dc: 68:3c:d1:5d:4e:37:7f:bb:e3:ca:61:f7:fc:99:15: 67:55:11:79:ff:68:28:c4:9c:72:4a:87:a3:0c:74: d3:8f:56:91:5f:b2:b0:5c:15:ab:d8:1d:31:07:7b: 4a:be:01:81:cf:59:03:57:dd:37:b8:bf:20:11:32: 17:73:d8:1f:b7:7a:62:28:00:66:6c:0c:af:de:1d: d1:88:1c:0c:0b:e0:0b:8e:60:a4:68:2e:b0:ed:e9: e1:f2:77:38:e3:d7:7b:c4:39:6b:dc:8b:e1:5d:3c: 40:ba:e0:32:db:73:fd:f4:3b:77:20:0d:f4:5f:4a: 72:48:2c:11:19:ee:3b:46:22:a7:f6:50:f3:b7:be: b4:90:c9:4f:b9:13:93:78:52:2a:26:fa:9c:c7:b7: 8a:8d:ae:c2:93:4b:89:90:37:a7:9a:b2:29:90:16: a8:7b:d3:94:e6:0d:4e:4d:80:49:4d:32:8a:f8:5d: 43:2c:b9:d6:3e:df:ef:3f:f4:24:aa:9c:ac:70:ac: 9c:b1:4a:3e:49:05:1f:7e:21:8f:1a:f3:ca:f8:55: d4:ea:68:e4:5f:2e:98:fa:c5:74:33:de:56:7d:2b: 98:4b:82:7b:e5:f2:e6:cd:48:a2:aa:7b:b5:92:82: e9:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:DA:18:8C:05:3C:FF:F0:EA:90:23:B3:BD:C5:0B:68:C8:26:DF:E4 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/kdoYjAU8__DqkCOzvcULaMgm3-Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.144.0/22 Signature Algorithm: sha256WithRSAEncryption 54:49:1b:f2:9b:06:4b:02:fe:64:66:80:70:e5:34:ee:a3:65: 5f:73:dd:32:18:bc:1f:86:e9:7d:ea:59:03:4b:3d:48:86:fe: 40:44:a5:5d:59:34:8d:f0:8e:58:47:3e:fd:bd:d9:d8:46:7f: 76:2e:64:28:9f:86:2b:6a:87:54:c3:4b:2f:e9:55:71:5e:68: f8:96:60:df:81:dc:b8:0c:6e:d1:03:81:7b:62:6b:15:95:9c: bf:32:4a:07:01:ec:26:05:47:24:5c:a6:3f:ff:df:3e:19:aa: 49:b3:f0:1e:a9:64:22:21:6f:33:8f:c1:b2:48:1a:dd:fa:28: 10:59:34:45:cc:2b:64:e5:cc:1a:60:58:c4:bb:8e:fa:6f:b0: 02:9e:28:4b:58:4d:73:26:08:8b:83:5d:b0:bf:e6:79:d3:52: 48:65:08:98:f5:51:a2:d6:16:7d:6a:9a:ff:d0:6b:34:6c:60: 68:0d:3c:9e:2c:75:09:ba:c7:c9:f3:8f:cb:9f:85:72:fd:04: d4:f5:83:5d:8a:15:e5:99:b5:42:6f:9e:a9:26:68:be:33:10: 9c:46:b7:bc:1b:a2:12:d7:03:bc:42:29:a1:24:b0:35:e7:43: 83:78:46:cb:02:f3:c1:bf:99:ba:05:72:b3:dd:20:7e:ed:63: d6:7c:f6:db -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICE+AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA3MjEx MTU1NDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDkxREExODhDMDUzQ0ZG RjBFQTkwMjNCM0JEQzUwQjY4QzgyNkRGRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDcgGi66ULFEx7WIgHt3Gg80V1ON3+748ph9/yZFWdVEXn/aCjE nHJKh6MMdNOPVpFfsrBcFavYHTEHe0q+AYHPWQNX3Te4vyARMhdz2B+3emIoAGZs DK/eHdGIHAwL4AuOYKRoLrDt6eHydzjj13vEOWvci+FdPEC64DLbc/30O3cgDfRf SnJILBEZ7jtGIqf2UPO3vrSQyU+5E5N4Uiom+pzHt4qNrsKTS4mQN6easimQFqh7 05TmDU5NgElNMor4XUMsudY+3+8/9CSqnKxwrJyxSj5JBR9+IY8a88r4VdTqaORf Lpj6xXQz3lZ9K5hLgnvl8ubNSKKqe7WSgukjAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUkdoYjAU8//DqkCOzvcULaMgm3+QwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2tkb1lqQVU4X19EcWtD T3p2Y1VMYU1nbTMtUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6JAwDQYJKoZIhvcNAQELBQADggEBAFRJG/KbBksC/mRmgHDlNO6jZV9z3TIY vB+G6X3qWQNLPUiG/kBEpV1ZNI3wjlhHPv292dhGf3YuZCifhitqh1TDSy/pVXFe aPiWYN+B3LgMbtEDgXtiaxWVnL8ySgcB7CYFRyRcpj//3z4Zqkmz8B6pZCIhbzOP wbJIGt36KBBZNEXMK2TlzBpgWMS7jvpvsAKeKEtYTXMmCIuDXbC/5nnTUkhlCJj1 UaLWFn1qmv/QazRsYGgNPJ4sdQm6x8nzj8ufhXL9BNT1g12KFeWZtUJvnqkmaL4z EJxGt7wbohLXA7xCKaEksDXnQ4N4RssC88G/mboFcrPdIH7tY9Z89ts= -----END CERTIFICATE-----Generated at Mon Aug 11 02:21:12 2025 by rpki-client