$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/GfHRxJhcv-CnwuNLSEA-xhPJnYo.roa File: GfHRxJhcv-CnwuNLSEA-xhPJnYo.roa (raw, json) Hash identifier: O3uOJ7ULj6RN4qPWvVPqEv5fXFHCsZWl9JOQw0hzgy0= Subject key identifier: 19:F1:D1:C4:98:5C:BF:E0:A7:C2:E3:4B:48:40:3E:C6:13:C9:9D:8A Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 24F2 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/GfHRxJhcv-CnwuNLSEA-xhPJnYo.roa Signing time: Sat 13 Sep 2025 03:08:51 +0000 ROA not before: Sat 13 Sep 2025 03:08:51 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139648 IP address blocks: 103.244.116.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Oct 2025 23:37:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9458 (0x24f2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 13 03:08:51 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=19F1D1C4985CBFE0A7C2E34B48403EC613C99D8A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:24:fa:22:40:b3:fb:4a:f0:ed:1a:84:55:2e: f0:de:99:da:d7:6e:bb:63:1e:e3:28:8c:5a:8a:54: 68:8b:bb:74:54:06:5c:91:38:35:97:25:65:64:98: 8c:41:11:5d:45:b5:6d:1b:aa:40:f0:ec:49:e0:d4: b7:5b:f9:70:6f:24:a8:2b:42:72:75:36:c8:65:51: e5:2a:ab:12:fe:95:1b:fd:cc:cf:b3:5b:12:16:9e: 3b:51:af:ba:84:b3:00:47:da:ef:fa:75:86:fe:b4: ba:e3:39:40:e7:2d:3f:c3:22:59:bb:5b:08:6a:2e: e5:ce:f9:14:da:5f:e4:84:ac:f6:05:92:cd:f8:85: e6:51:d0:a8:7b:67:22:f8:c1:6f:36:f4:a3:b1:55: ee:18:d8:be:3b:b1:e0:48:4b:e3:85:cb:25:c4:24: ef:7f:82:2e:5c:28:ce:8e:19:2a:58:26:71:70:1c: b8:38:ee:72:ec:db:eb:2b:b8:c9:4c:0a:f9:c5:da: 55:23:b4:0c:99:b7:41:48:51:86:69:5f:65:e7:13: 00:3f:4d:90:55:c4:a9:ec:79:0a:c3:92:3b:1c:fc: 47:d5:dd:10:a5:50:78:97:a0:70:43:d0:d9:2f:7c: 73:a7:eb:0f:d4:03:ed:fe:c4:77:ba:ad:44:14:93: bb:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:F1:D1:C4:98:5C:BF:E0:A7:C2:E3:4B:48:40:3E:C6:13:C9:9D:8A X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/GfHRxJhcv-CnwuNLSEA-xhPJnYo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.244.116.0/22 Signature Algorithm: sha256WithRSAEncryption 5a:56:2b:d5:4e:d3:4f:c9:e7:b4:3c:ed:73:79:a0:6e:17:92: ed:06:74:3d:0d:bd:90:c0:e0:2b:a7:61:47:eb:0e:6b:b7:d8: 19:f9:b1:b2:29:7c:2d:af:3a:c0:af:0f:7c:7f:66:6d:4b:96: 3c:df:71:25:a3:17:04:07:95:db:b5:09:88:81:38:ce:ca:90: 19:66:15:f6:94:e0:a3:ac:4a:8d:3d:cb:d2:9a:20:d5:dc:70: 7a:cd:0e:c6:da:88:67:1c:1b:d6:7e:06:83:2b:62:b8:a5:d9: de:b6:61:27:7d:ea:81:15:9e:9c:d6:1a:a8:b4:64:46:2e:4a: 11:f7:0c:84:6a:c3:f2:59:f9:66:58:25:0c:c5:3e:13:a4:97: 48:4e:c5:d0:eb:cf:4d:e7:38:e7:4b:fa:86:e8:3e:88:db:d8: 31:5e:46:d7:48:ea:1c:1f:78:46:d9:0a:e5:79:3e:96:04:92: 65:ee:a3:79:30:fa:7b:da:71:e3:86:6b:b8:ba:53:2f:0d:e2: af:2f:38:67:9d:3a:75:a2:d3:8c:70:00:c6:72:8a:bb:7b:c2: bc:73:e1:26:1e:2c:a3:f0:51:a0:19:b4:d1:1c:73:13:5a:c5: bf:94:f1:24:52:58:ac:ab:61:f2:91:06:0d:4d:18:f2:20:bc: d8:4b:41:35 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICJPIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTA5MTMw MzA4NTFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDE5RjFEMUM0OTg1Q0JG RTBBN0MyRTM0QjQ4NDAzRUM2MTNDOTlEOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDgJPoiQLP7SvDtGoRVLvDemdrXbrtjHuMojFqKVGiLu3RUBlyR ODWXJWVkmIxBEV1FtW0bqkDw7Eng1Ldb+XBvJKgrQnJ1NshlUeUqqxL+lRv9zM+z WxIWnjtRr7qEswBH2u/6dYb+tLrjOUDnLT/DIlm7WwhqLuXO+RTaX+SErPYFks34 heZR0Kh7ZyL4wW829KOxVe4Y2L47seBIS+OFyyXEJO9/gi5cKM6OGSpYJnFwHLg4 7nLs2+sruMlMCvnF2lUjtAyZt0FIUYZpX2XnEwA/TZBVxKnseQrDkjsc/EfV3RCl UHiXoHBD0NkvfHOn6w/UA+3+xHe6rUQUk7txAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUGfHRxJhcv+CnwuNLSEA+xhPJnYowHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvR2ZIUnhKaGN2LUNu d3VOTFNFQS14aFBKbllvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmf0dDANBgkqhkiG9w0BAQsFAAOCAQEAWlYr1U7TT8nntDztc3mgbheS7QZ0 PQ29kMDgK6dhR+sOa7fYGfmxsil8La86wK8PfH9mbUuWPN9xJaMXBAeV27UJiIE4 zsqQGWYV9pTgo6xKjT3L0pog1dxwes0OxtqIZxwb1n4GgytiuKXZ3rZhJ33qgRWe nNYaqLRkRi5KEfcMhGrD8ln5ZlglDMU+E6SXSE7F0OvPTec450v6hug+iNvYMV5G 10jqHB94RtkK5Xk+lgSSZe6jeTD6e9px44ZruLpTLw3iry84Z506daLTjHAAxnKK u3vCvHPhJh4so/BRoBm00RxzE1rFv5TxJFJYrKth8pEGDU0Y8iC82EtBNQ== -----END CERTIFICATE-----Generated at Sun Oct 19 20:11:03 2025 by rpki-client