$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/fMMujWZXQ8MVAKOXpfF-2wt74EM.roa File: fMMujWZXQ8MVAKOXpfF-2wt74EM.roa (raw, json) Hash identifier: j3Fa218mLRgqQC0EXQHCf4AEtoOx4OM76tVZGK7FUcU= Subject key identifier: 7C:C3:2E:8D:66:57:43:C3:15:00:A3:97:A5:F1:7E:DB:0B:7B:E0:43 Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 0439 Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/fMMujWZXQ8MVAKOXpfF-2wt74EM.roa Signing time: Mon 04 Aug 2025 02:32:44 +0000 ROA not before: Mon 04 Aug 2025 02:32:44 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 142132 IP address blocks: 114.28.254.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 10 Aug 2025 15:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1081 (0x439) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Aug 4 02:32:44 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=7CC32E8D665743C31500A397A5F17EDB0B7BE043 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:6e:5f:b0:93:25:67:f6:8a:f1:d7:d2:91:b7: 6a:ce:47:c5:7a:e1:7d:30:fc:23:35:7b:81:29:cd: dd:8a:77:e1:dc:7e:53:1b:07:fc:1d:47:a1:26:37: 9f:26:4a:15:f5:9c:ae:2c:83:d4:6b:ef:7b:d1:fb: 34:80:ac:31:f7:61:04:42:48:ed:a2:ad:86:d4:41: 4a:d7:76:a0:45:e5:2d:a9:d9:ff:1f:17:76:3d:ab: 09:19:22:71:55:4d:c9:86:11:4a:e6:1a:2a:c2:c0: 25:8f:f8:01:6c:1d:08:6d:04:7e:8d:9f:5a:6a:57: 7d:a7:49:7f:27:cc:8b:4c:ca:7b:c4:f4:04:77:35: d2:ce:35:5f:3a:a0:7c:37:95:fc:72:b3:b9:69:52: a9:3c:6b:3d:1d:a3:3e:ce:64:4e:bf:6e:08:c2:8c: 0b:fd:d4:06:94:d5:38:93:ca:4f:37:3a:7a:f1:62: 92:3d:86:fc:43:ec:ff:91:bc:22:9d:bb:97:5c:2a: c0:9b:84:19:f1:34:bc:68:56:87:15:a4:63:94:0e: 9e:16:b1:98:41:4c:92:b5:98:3f:04:f8:b6:18:36: a5:db:59:ac:ac:4d:fd:31:af:8b:66:51:fa:cd:32: 87:2b:5a:67:59:96:d0:1c:00:53:f4:a7:e3:ca:ac: 97:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:C3:2E:8D:66:57:43:C3:15:00:A3:97:A5:F1:7E:DB:0B:7B:E0:43 X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/fMMujWZXQ8MVAKOXpfF-2wt74EM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.28.254.0/24 Signature Algorithm: sha256WithRSAEncryption cf:1d:27:05:09:40:81:65:fb:bb:f8:6b:d2:c9:e2:fd:29:cd: dc:79:9f:fd:17:cb:1e:24:61:d8:f4:3b:f9:7c:9b:05:fb:d3: 3b:b8:3d:09:74:94:e8:37:bd:74:1a:be:25:34:f4:13:eb:b3: 5c:6b:04:72:5a:02:9d:3a:59:c8:bb:9d:48:c0:c5:a1:a2:14: 20:1f:16:42:0e:8c:66:ce:be:92:ff:d9:8f:93:85:2b:ae:49: 7e:18:b5:ca:b0:2c:d9:05:e6:1c:16:3d:ce:dc:96:1c:38:f9: 26:cf:f8:e3:bf:8f:a8:8c:02:14:dc:4f:51:f8:3c:3b:d0:d4: 85:b6:b0:69:5f:80:f0:43:af:25:61:6c:8b:c3:24:89:b1:e7: fe:44:a3:bf:aa:a0:92:cd:b3:29:0b:1b:5a:74:fb:8c:70:bc: d0:65:04:82:7a:88:2d:db:bc:96:0d:d1:15:4a:2e:49:48:49: d4:0f:af:00:0e:fd:7f:41:70:51:0f:1a:de:80:68:94:6a:40: fe:4c:15:ae:38:d0:4e:b9:7b:d2:df:45:53:1e:6f:19:ba:45: 99:49:e6:ce:ab:9a:65:a8:1a:be:d1:7c:e9:fd:ea:42:04:d8: 93:6a:6b:d7:91:cc:95:aa:2e:70:b7:b9:a9:12:bf:7e:7a:15: 3c:c3:26:35 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICBDkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTA4MDQw MjMyNDRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDdDQzMyRThENjY1NzQz QzMxNTAwQTM5N0E1RjE3RURCMEI3QkUwNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCfbl+wkyVn9orx19KRt2rOR8V64X0w/CM1e4Epzd2Kd+HcflMb B/wdR6EmN58mShX1nK4sg9Rr73vR+zSArDH3YQRCSO2irYbUQUrXdqBF5S2p2f8f F3Y9qwkZInFVTcmGEUrmGirCwCWP+AFsHQhtBH6Nn1pqV32nSX8nzItMynvE9AR3 NdLONV86oHw3lfxys7lpUqk8az0doz7OZE6/bgjCjAv91AaU1TiTyk83OnrxYpI9 hvxD7P+RvCKdu5dcKsCbhBnxNLxoVocVpGOUDp4WsZhBTJK1mD8E+LYYNqXbWays Tf0xr4tmUfrNMocrWmdZltAcAFP0p+PKrJeRAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUfMMujWZXQ8MVAKOXpfF+2wt74EMwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL2ZNTXVqV1pYUThNVkFL T1hwZkYtMnd0NzRFTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAByHP4wDQYJKoZIhvcNAQELBQADggEBAM8dJwUJQIFl+7v4a9LJ4v0pzdx5n/0X yx4kYdj0O/l8mwX70zu4PQl0lOg3vXQaviU09BPrs1xrBHJaAp06Wci7nUjAxaGi FCAfFkIOjGbOvpL/2Y+ThSuuSX4YtcqwLNkF5hwWPc7clhw4+SbP+OO/j6iMAhTc T1H4PDvQ1IW2sGlfgPBDryVhbIvDJImx5/5Eo7+qoJLNsykLG1p0+4xwvNBlBIJ6 iC3bvJYN0RVKLklISdQPrwAO/X9BcFEPGt6AaJRqQP5MFa440E65e9LfRVMebxm6 RZlJ5s6rmmWoGr7RfOn96kIE2JNqa9eRzJWqLnC3uakSv356FTzDJjU= -----END CERTIFICATE-----Generated at Sun Aug 10 13:56:54 2025 by rpki-client