$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1211/_lzMFrryOQAHc3Z7MMORLpFlAMw.roa File: _lzMFrryOQAHc3Z7MMORLpFlAMw.roa (raw, json) Hash identifier: gZGHifN8gUG8NJL2p6YHT2SlmdtK193EMLPfpRUtMeU= Subject key identifier: FE:5C:CC:16:BA:F2:39:00:07:73:76:7B:30:C3:91:2E:91:65:00:CC Certificate issuer: /CN=183D882201945BE13993B4C6DAC954F8EE426C97 Certificate serial: 1406 Authority key identifier: 18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/_lzMFrryOQAHc3Z7MMORLpFlAMw.roa Signing time: Sat 13 Sep 2025 03:06:55 +0000 ROA not before: Sat 13 Sep 2025 03:06:55 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63701 IP address blocks: 103.57.12.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 13:36:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5126 (0x1406) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=183D882201945BE13993B4C6DAC954F8EE426C97 Validity Not Before: Sep 13 03:06:55 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=FE5CCC16BAF239000773767B30C3912E916500CC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:7f:f9:8d:4b:29:08:ab:31:52:88:a5:db:54: cb:37:fd:64:2c:22:0c:24:70:71:79:d0:d2:7d:08: b5:d3:b8:71:07:b9:18:6b:ac:4b:84:89:cd:b4:5b: a1:f5:e2:ad:73:b0:5d:89:1d:b4:21:bf:7d:a5:3d: a7:17:df:9f:4b:31:df:26:f7:da:86:58:d1:19:be: d8:56:9b:0c:31:22:91:2b:eb:44:2d:90:f3:85:2d: d5:af:8c:b5:4a:80:bf:35:98:b2:25:40:ea:e8:00: 41:1d:c4:ff:2f:be:34:58:fb:05:2e:3f:95:66:ee: 1f:cd:86:23:54:4e:ea:fc:59:ef:51:3c:74:1a:c3: 6e:ef:02:2f:4b:f4:e4:4b:fb:ce:99:1b:8d:1e:5d: 60:b6:c7:ed:c9:1d:56:37:cf:4e:2a:1b:22:a9:3c: 05:86:f7:ab:61:bb:88:91:37:4e:fa:cf:cf:46:7a: 5c:d9:5a:03:d8:3b:b6:8c:ac:44:75:36:0f:f2:95: 42:5f:71:99:83:69:01:82:25:b9:56:7e:78:f8:c7: 2e:05:8f:e6:07:d1:e0:bb:0d:23:0b:18:39:00:07: 9a:1f:f9:5e:b7:05:f6:db:d9:3b:8f:8c:89:21:5f: b6:c1:e6:3f:39:cf:4a:21:83:1e:e5:ba:62:ad:9e: b2:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:5C:CC:16:BA:F2:39:00:07:73:76:7B:30:C3:91:2E:91:65:00:CC X509v3 Authority Key Identifier: keyid:18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/_lzMFrryOQAHc3Z7MMORLpFlAMw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.57.12.0/22 Signature Algorithm: sha256WithRSAEncryption 00:0f:55:c5:8c:33:8d:40:e2:83:41:69:90:97:45:54:fb:d0: e5:a9:3c:79:36:70:fb:19:8b:83:3c:6d:18:06:6d:76:a8:e9: 84:76:97:38:f8:69:b1:3b:17:c7:ec:d1:a5:16:c3:69:89:2e: 02:2b:cd:d0:61:99:78:b5:74:29:4d:c8:45:b2:a4:98:1d:9c: 00:48:4e:98:00:a3:20:0e:5e:c9:50:f6:96:b7:d2:88:10:f6: db:e4:75:e0:fe:4a:cf:bd:27:7e:24:ba:18:3a:4d:74:74:4a: 2c:fc:79:2d:17:6a:cf:ac:01:7a:77:f8:2d:58:c5:3a:53:7b: 09:77:89:af:5a:5b:17:b4:46:14:3a:7d:19:9a:ce:b3:58:f1: 0e:08:af:7a:53:eb:ff:39:43:44:8d:41:0c:9c:49:9b:d4:03: 8a:1d:25:f6:c0:29:a5:25:6a:34:92:96:8e:7f:02:0a:2a:bc: bb:90:90:09:3b:1e:6b:71:30:30:50:79:0d:3f:41:a5:7f:d3: 04:3c:be:fe:0f:69:7b:2b:07:0b:28:69:1c:fd:6d:6e:06:4b: d8:c5:a1:a8:92:b6:f3:3f:95:c8:b3:64:fe:51:98:09:29:23: a3:88:ed:3f:c5:ce:c2:b9:28:50:83:17:7f:77:57:c0:5f:21: bf:11:cf:53 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFAYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTgz RDg4MjIwMTk0NUJFMTM5OTNCNEM2REFDOTU0RjhFRTQyNkM5NzAeFw0yNTA5MTMw MzA2NTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEZFNUNDQzE2QkFGMjM5 MDAwNzczNzY3QjMwQzM5MTJFOTE2NTAwQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDlf/mNSykIqzFSiKXbVMs3/WQsIgwkcHF50NJ9CLXTuHEHuRhr rEuEic20W6H14q1zsF2JHbQhv32lPacX359LMd8m99qGWNEZvthWmwwxIpEr60Qt kPOFLdWvjLVKgL81mLIlQOroAEEdxP8vvjRY+wUuP5Vm7h/NhiNUTur8We9RPHQa w27vAi9L9ORL+86ZG40eXWC2x+3JHVY3z04qGyKpPAWG96thu4iRN076z89GelzZ WgPYO7aMrER1Ng/ylUJfcZmDaQGCJblWfnj4xy4Fj+YH0eC7DSMLGDkAB5of+V63 Bfbb2TuPjIkhX7bB5j85z0ohgx7lumKtnrLnAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU/lzMFrryOQAHc3Z7MMORLpFlAMwwHwYDVR0jBBgwFoAUGD2IIgGUW+E5k7TG 2slU+O5CbJcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx MS9HRDJJSWdHVVctRTVrN1RHMnNsVS1PNUNiSmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0dEMklJZ0dVVy1FNWs3VEcyc2xVLU81Q2JKYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTEvX2x6TUZycnlPUUFI YzNaN01NT1JMcEZsQU13LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmc5DDANBgkqhkiG9w0BAQsFAAOCAQEAAA9VxYwzjUDig0FpkJdFVPvQ5ak8 eTZw+xmLgzxtGAZtdqjphHaXOPhpsTsXx+zRpRbDaYkuAivN0GGZeLV0KU3IRbKk mB2cAEhOmACjIA5eyVD2lrfSiBD22+R14P5Kz70nfiS6GDpNdHRKLPx5LRdqz6wB enf4LVjFOlN7CXeJr1pbF7RGFDp9GZrOs1jxDgivelPr/zlDRI1BDJxJm9QDih0l 9sAppSVqNJKWjn8CCiq8u5CQCTsea3EwMFB5DT9BpX/TBDy+/g9peysHCyhpHP1t bgZL2MWhqJK28z+VyLNk/lGYCSkjo4jtP8XOwrkoUIMXf3dXwF8hvxHPUw== -----END CERTIFICATE-----Generated at Tue Oct 21 11:28:41 2025 by rpki-client