$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/lDxKi-wEbZ8bjdtA89mwMtNYto8.roa File: lDxKi-wEbZ8bjdtA89mwMtNYto8.roa (raw, json) Hash identifier: h275Xv+m81ZKTLoWPj+ZJeLmkbl/JB9aoh0g5UFhQ1s= Subject key identifier: 94:3C:4A:8B:EC:04:6D:9F:1B:8D:DB:40:F3:D9:B0:32:D3:58:B6:8F Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Certificate serial: 0B04 Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/lDxKi-wEbZ8bjdtA89mwMtNYto8.roa Signing time: Mon 27 Oct 2025 02:31:40 +0000 ROA not before: Mon 27 Oct 2025 02:31:40 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 58834 IP address blocks: 124.240.64.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 23:43:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2820 (0xb04) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Validity Not Before: Oct 27 02:31:40 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=943C4A8BEC046D9F1B8DDB40F3D9B032D358B68F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:5f:97:47:9e:0f:3a:72:32:7a:7a:f5:45:19: 94:60:42:2d:13:7f:a7:46:6c:ab:fd:08:5c:cb:2f: ac:82:37:33:f8:b6:41:8e:6f:02:2b:3e:a3:a2:2b: d3:df:53:b1:53:7e:45:b9:c0:bc:9b:11:ca:7b:28: bf:74:e8:4a:19:93:ec:60:ee:02:30:53:3d:6e:be: e8:02:64:99:7f:1a:71:28:9c:73:42:33:d2:72:77: 34:e9:c5:8f:86:ae:25:14:85:e9:10:0c:40:8c:49: 57:30:ac:aa:b2:6a:4a:e6:f2:c0:64:f3:c1:1a:0d: 22:ec:f2:7f:57:7e:89:53:31:4a:dd:de:58:d3:77: 6f:c1:08:4b:85:04:7b:42:34:76:0e:2a:16:ed:42: 7c:d7:06:23:32:be:e0:ae:c3:02:60:45:0c:99:92: 0f:52:a1:c2:8b:13:69:43:86:e9:94:ee:a5:ef:50: 8a:f6:68:2b:5c:36:ea:c9:b6:35:1e:dc:2d:c0:94: 3b:da:3c:21:7c:81:62:a5:68:e7:01:58:3b:0f:70: 0e:28:97:fb:7e:64:a2:5f:11:59:4f:46:cb:e3:b7: 1c:ce:0f:d0:a7:ae:c6:08:4a:72:07:c7:5f:9b:09: 16:65:af:0d:8c:cb:48:1d:84:6f:53:a8:bd:da:33: 83:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:3C:4A:8B:EC:04:6D:9F:1B:8D:DB:40:F3:D9:B0:32:D3:58:B6:8F X509v3 Authority Key Identifier: keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/lDxKi-wEbZ8bjdtA89mwMtNYto8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.240.64.0/20 Signature Algorithm: sha256WithRSAEncryption 4d:aa:56:a6:ee:e9:e7:98:58:05:18:bf:64:63:83:e0:79:31: 4c:e3:c5:4c:b8:c0:40:57:47:16:d7:6b:fd:5e:79:a5:05:2c: 5d:07:2c:ee:02:4f:61:ef:8f:be:28:7b:23:64:09:95:6d:89: b3:30:d2:ff:05:60:6c:23:96:c2:b2:3e:47:12:9d:65:e4:24: cd:c9:ba:d9:6c:23:a6:7d:4f:27:df:eb:f2:72:54:bc:54:d5: 5c:81:ec:6e:d7:ca:a8:e8:cc:5e:bc:94:a4:13:bc:ef:14:e7: ba:90:84:29:05:a4:e7:f9:23:ab:3a:34:fa:f1:8b:f2:ee:e1: 2b:0c:65:39:de:6c:15:13:ed:86:86:44:ac:17:86:50:36:26: 7d:8f:a0:47:07:b5:cc:9c:e4:83:23:4c:0d:25:69:d9:95:80: d6:d9:12:58:3d:60:57:eb:e4:2d:64:00:54:45:30:2b:be:63: da:02:ee:a7:28:5f:3c:d7:44:9e:8d:0c:cc:a7:14:c6:c9:2f: a2:a7:e4:d5:48:70:2d:03:43:c9:4e:94:c7:54:23:3b:2b:2c: cf:9a:60:16:a0:d2:f2:8b:29:77:01:1e:fb:3b:63:6c:56:bd: e5:76:f7:03:dc:82:aa:fb:30:f7:21:69:03:01:de:99:cd:d6: ee:1d:2b:46 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICCwQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC RkM5MDBFREMzNEY4MURBNDgyN0YxRjlGNjNEMDRFMEUyRjc1NjAeFw0yNTEwMjcw MjMxNDBaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDk0M0M0QThCRUMwNDZE OUYxQjhEREI0MEYzRDlCMDMyRDM1OEI2OEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxX5dHng86cjJ6evVFGZRgQi0Tf6dGbKv9CFzLL6yCNzP4tkGO bwIrPqOiK9PfU7FTfkW5wLybEcp7KL906EoZk+xg7gIwUz1uvugCZJl/GnEonHNC M9JydzTpxY+GriUUhekQDECMSVcwrKqyakrm8sBk88EaDSLs8n9XfolTMUrd3ljT d2/BCEuFBHtCNHYOKhbtQnzXBiMyvuCuwwJgRQyZkg9SocKLE2lDhumU7qXvUIr2 aCtcNurJtjUe3C3AlDvaPCF8gWKlaOcBWDsPcA4ol/t+ZKJfEVlPRsvjtxzOD9Cn rsYISnIHx1+bCRZlrw2My0gdhG9TqL3aM4PbAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUlDxKi+wEbZ8bjdtA89mwMtNYto8wHwYDVR0jBBgwFoAU3r/JAO3DT4HaSCfx +fY9BODi91YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIz LzNyX0pBTzNEVDRIYVNDZngtZlk5Qk9EaTkxWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvM3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIzL2xEeEtpLXdFYlo4Ympk dEE4OW13TXROWXRvOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAR88EAwDQYJKoZIhvcNAQELBQADggEBAE2qVqbu6eeYWAUYv2Rjg+B5MUzjxUy4 wEBXRxbXa/1eeaUFLF0HLO4CT2Hvj74oeyNkCZVtibMw0v8FYGwjlsKyPkcSnWXk JM3JutlsI6Z9Tyff6/JyVLxU1VyB7G7XyqjozF68lKQTvO8U57qQhCkFpOf5I6s6 NPrxi/Lu4SsMZTnebBUT7YaGRKwXhlA2Jn2PoEcHtcyc5IMjTA0ladmVgNbZElg9 YFfr5C1kAFRFMCu+Y9oC7qcoXzzXRJ6NDMynFMbJL6Kn5NVIcC0DQ8lOlMdUIzsr LM+aYBag0vKLKXcBHvs7Y2xWveV29wPcgqr7MPchaQMB3pnN1u4dK0Y= -----END CERTIFICATE-----Generated at Wed Nov 5 22:30:14 2025 by rpki-client