$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1211/Ny91JoE-Aae-wwUHwOudSWK0G6c.roa File: Ny91JoE-Aae-wwUHwOudSWK0G6c.roa (raw, json) Hash identifier: Ht9sFtj2GQO8IDVrhBf08i92wnEYngaChPyTb90qLvc= Subject key identifier: 37:2F:75:26:81:3E:01:A7:BE:C3:05:07:C0:EB:9D:49:62:B4:1B:A7 Certificate issuer: /CN=183D882201945BE13993B4C6DAC954F8EE426C97 Certificate serial: 1402 Authority key identifier: 18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/Ny91JoE-Aae-wwUHwOudSWK0G6c.roa Signing time: Sat 13 Sep 2025 03:06:55 +0000 ROA not before: Sat 13 Sep 2025 03:06:55 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63701 IP address blocks: 103.63.244.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 13:36:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5122 (0x1402) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=183D882201945BE13993B4C6DAC954F8EE426C97 Validity Not Before: Sep 13 03:06:55 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=372F7526813E01A7BEC30507C0EB9D4962B41BA7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:89:4b:71:6d:22:cd:df:7f:4a:e8:45:dc:51: 82:17:45:fb:dd:81:5e:62:45:31:e6:1a:f3:d9:a5: 7a:eb:1c:bf:21:26:06:c5:d3:16:ee:dd:a4:03:08: bc:fc:d8:bb:ca:ef:69:4f:1f:78:7e:54:5c:a4:6a: 39:8b:ba:ff:9e:7a:da:46:da:a8:a0:a3:35:c5:0c: 22:b4:5b:28:9b:17:8c:c1:70:08:c0:e6:cd:b5:34: f8:eb:75:5e:92:28:75:e3:fa:6b:fe:b2:ca:10:32: 4f:00:d7:79:df:5b:c9:15:3d:3f:16:67:63:99:ce: ea:15:e0:48:e3:fe:ed:2f:ed:48:84:a0:e5:ad:07: 00:c7:13:27:dd:8a:c6:75:ca:27:e8:d3:fe:b7:c2: fd:e0:d0:f6:4d:e0:6c:dc:43:68:36:22:dc:b5:c3: 19:46:94:46:8a:02:6f:6d:de:72:ff:02:13:04:09: 15:4d:b1:92:16:b5:3b:64:a6:31:f0:5f:a5:8a:10: 30:73:b8:0b:a7:eb:71:06:75:dc:0f:2b:a9:17:03: b0:24:cb:6f:ee:74:c4:52:18:ca:dc:5d:f4:2e:3e: 5a:c6:a3:aa:05:4a:b1:83:f6:bf:c5:bb:3d:da:49: ea:79:2b:a7:c2:60:68:ef:e5:0e:54:64:2c:65:e1: 49:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:2F:75:26:81:3E:01:A7:BE:C3:05:07:C0:EB:9D:49:62:B4:1B:A7 X509v3 Authority Key Identifier: keyid:18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/Ny91JoE-Aae-wwUHwOudSWK0G6c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.63.244.0/22 Signature Algorithm: sha256WithRSAEncryption 1d:51:bd:7c:51:0b:3e:44:27:67:05:21:c4:41:f4:68:cc:40: 0b:81:05:a5:b5:69:b2:ef:7d:59:00:bf:5e:72:db:02:dc:d3: 1d:27:26:aa:f2:bd:1d:c1:5f:ad:93:07:45:92:0b:48:43:46: eb:dc:0b:53:9e:ff:bb:7d:fe:16:72:a3:4d:48:bd:25:cf:21: aa:e5:a0:54:c9:72:42:a7:fb:50:33:9a:89:9b:b5:3d:53:02: 36:f8:de:ad:42:65:c7:af:46:60:b2:27:b4:25:e1:2a:60:ff: 14:32:5b:7e:0a:62:80:86:bf:02:78:c5:48:25:f4:8a:44:8a: c8:fa:57:6b:b8:4a:2b:a4:af:87:db:56:55:40:50:73:d6:1a: 5d:d1:46:78:7b:9b:c4:9c:b2:d4:8a:fa:5c:48:79:99:62:10: 11:17:34:d2:d5:02:dd:0c:5e:46:7f:10:17:ee:33:79:b1:16: ae:63:d1:18:f6:5a:17:7f:b0:c7:e2:b5:09:0d:ac:65:ec:b1: 65:e3:4f:0c:62:fe:dd:74:01:ad:41:30:69:de:7a:3b:f8:f4: 74:01:9b:b8:52:15:3a:a7:86:68:40:8c:bc:b4:10:9a:5c:65: 75:10:d1:e1:62:6b:a2:e9:8f:f0:cf:93:eb:a1:ff:a3:3b:5d: 13:42:69:d6 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFAIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTgz RDg4MjIwMTk0NUJFMTM5OTNCNEM2REFDOTU0RjhFRTQyNkM5NzAeFw0yNTA5MTMw MzA2NTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDM3MkY3NTI2ODEzRTAx QTdCRUMzMDUwN0MwRUI5RDQ5NjJCNDFCQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDmiUtxbSLN339K6EXcUYIXRfvdgV5iRTHmGvPZpXrrHL8hJgbF 0xbu3aQDCLz82LvK72lPH3h+VFykajmLuv+eetpG2qigozXFDCK0WyibF4zBcAjA 5s21NPjrdV6SKHXj+mv+ssoQMk8A13nfW8kVPT8WZ2OZzuoV4Ejj/u0v7UiEoOWt BwDHEyfdisZ1yifo0/63wv3g0PZN4GzcQ2g2Ity1wxlGlEaKAm9t3nL/AhMECRVN sZIWtTtkpjHwX6WKEDBzuAun63EGddwPK6kXA7Aky2/udMRSGMrcXfQuPlrGo6oF SrGD9r/Fuz3aSep5K6fCYGjv5Q5UZCxl4UmPAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUNy91JoE+Aae+wwUHwOudSWK0G6cwHwYDVR0jBBgwFoAUGD2IIgGUW+E5k7TG 2slU+O5CbJcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx MS9HRDJJSWdHVVctRTVrN1RHMnNsVS1PNUNiSmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0dEMklJZ0dVVy1FNWs3VEcyc2xVLU81Q2JKYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTEvTnk5MUpvRS1BYWUt d3dVSHdPdWRTV0swRzZjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmc/9DANBgkqhkiG9w0BAQsFAAOCAQEAHVG9fFELPkQnZwUhxEH0aMxAC4EF pbVpsu99WQC/XnLbAtzTHScmqvK9HcFfrZMHRZILSENG69wLU57/u33+FnKjTUi9 Jc8hquWgVMlyQqf7UDOaiZu1PVMCNvjerUJlx69GYLIntCXhKmD/FDJbfgpigIa/ AnjFSCX0ikSKyPpXa7hKK6Svh9tWVUBQc9YaXdFGeHubxJyy1Ir6XEh5mWIQERc0 0tUC3QxeRn8QF+4zebEWrmPRGPZaF3+wx+K1CQ2sZeyxZeNPDGL+3XQBrUEwad56 O/j0dAGbuFIVOqeGaECMvLQQmlxldRDR4WJroumP8M+T66H/oztdE0Jp1g== -----END CERTIFICATE-----Generated at Tue Oct 21 11:28:40 2025 by rpki-client