$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1584/ZuFZ3yTlzzL4hED96zjApiGmeaU.roa File: ZuFZ3yTlzzL4hED96zjApiGmeaU.roa (raw, json) Hash identifier: 3h76Q0Jz15HYZu8MjVyqtyvTTP64ybZbaOAoou4Bquk= Subject key identifier: 66:E1:59:DF:24:E5:CF:32:F8:84:40:FD:EB:38:C0:A6:21:A6:79:A5 Certificate issuer: /CN=F76C9E43361DEA446077AD7029057380AFFF3266 Certificate serial: 2470 Authority key identifier: F7:6C:9E:43:36:1D:EA:44:60:77:AD:70:29:05:73:80:AF:FF:32:66 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/92yeQzYd6kRgd61wKQVzgK__MmY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1584/ZuFZ3yTlzzL4hED96zjApiGmeaU.roa Signing time: Sat 13 Sep 2025 03:03:23 +0000 ROA not before: Sat 13 Sep 2025 03:03:23 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 24424 IP address blocks: 103.203.212.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1584/92yeQzYd6kRgd61wKQVzgK__MmY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1584/92yeQzYd6kRgd61wKQVzgK__MmY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/92yeQzYd6kRgd61wKQVzgK__MmY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:04:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9328 (0x2470) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F76C9E43361DEA446077AD7029057380AFFF3266 Validity Not Before: Sep 13 03:03:23 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=66E159DF24E5CF32F88440FDEB38C0A621A679A5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:a0:6b:90:a6:58:18:4c:6d:6e:20:ee:86:23: c1:cb:2a:72:5d:ce:b6:b8:9c:5f:d7:f7:53:1c:94: f4:c7:12:1b:c1:31:5b:51:6e:60:1e:2a:47:65:b7: 83:60:79:a6:24:55:cb:9d:f6:ef:91:99:bd:10:d0: d6:6f:3e:35:3b:4f:eb:b0:42:79:bc:3b:aa:e0:9a: b9:49:4c:8a:f0:7a:16:ca:35:90:95:b5:e4:24:19: 6c:35:e2:43:e2:68:7c:e7:20:97:a7:59:39:ba:dc: 2c:b8:25:54:ad:fc:c7:96:e1:e9:2f:a5:d6:ad:7f: 0c:d9:19:e9:3b:35:03:db:0c:6e:53:9f:0c:6e:f5: 89:92:3f:11:c2:a2:71:28:95:a4:8b:57:4a:76:65: f0:25:6c:1f:90:01:49:00:93:3e:46:21:33:8c:1f: ec:3f:9f:87:5f:41:6c:f3:f7:32:f3:0f:43:8a:87: 54:0a:3a:66:30:c0:a5:70:e8:1f:7a:6f:60:13:a0: 4e:66:58:f9:86:72:8e:35:26:ff:6f:1e:e9:41:9c: 82:59:1d:38:bb:b8:6a:5a:7b:d5:4e:bf:b8:8e:b9: 84:41:ee:df:78:e6:61:f4:8b:3e:32:8c:65:43:ca: f1:f0:fe:1e:96:ff:cd:2a:31:64:e9:9a:6e:18:a3: 37:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:E1:59:DF:24:E5:CF:32:F8:84:40:FD:EB:38:C0:A6:21:A6:79:A5 X509v3 Authority Key Identifier: keyid:F7:6C:9E:43:36:1D:EA:44:60:77:AD:70:29:05:73:80:AF:FF:32:66 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1584/92yeQzYd6kRgd61wKQVzgK__MmY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/92yeQzYd6kRgd61wKQVzgK__MmY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1584/ZuFZ3yTlzzL4hED96zjApiGmeaU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.203.212.0/22 Signature Algorithm: sha256WithRSAEncryption 43:d3:a7:aa:27:45:78:bb:36:74:00:0b:4d:60:b5:a4:7b:90: 48:36:96:d0:fe:8b:e8:cd:d8:95:ca:87:23:cb:3f:5c:3f:86: 21:55:63:b0:e8:99:5e:33:33:17:49:d8:ae:b7:f5:c1:ba:90: 12:a2:cb:09:1e:14:d4:da:e9:af:5b:af:ce:42:0e:12:1e:ad: 18:b8:ba:ff:7e:d6:d5:8f:9f:07:79:83:7f:63:dc:85:da:15: 95:e3:01:2e:c4:a5:80:5a:ab:76:14:5c:8c:6d:ce:ac:92:71: 0b:85:dc:8c:af:e3:a9:06:5b:57:60:3f:ae:96:49:3d:17:78: d2:37:a7:c4:5f:c2:6d:38:19:e0:d9:78:02:1b:e8:88:f4:6a: 0b:ac:6b:46:69:67:5b:98:44:7d:02:23:4f:12:58:6a:a2:bf: c1:ff:62:09:9c:9b:36:a9:5f:e0:5e:c4:04:e3:c6:c8:61:8b: e9:63:86:cf:13:8d:fc:d2:64:eb:45:78:95:9c:c4:db:3d:8c: f7:66:32:a9:40:29:38:14:57:69:f4:f6:2f:fe:cd:e8:ca:2a: e8:b3:03:65:a9:e4:40:8e:a9:f8:1c:ce:4b:d4:9c:19:4e:0f: ce:de:8b:19:1f:1f:22:fc:ee:e9:52:d0:af:21:74:03:21:4b: cf:02:ad:43 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICJHAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjc2 QzlFNDMzNjFERUE0NDYwNzdBRDcwMjkwNTczODBBRkZGMzI2NjAeFw0yNTA5MTMw MzAzMjNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDY2RTE1OURGMjRFNUNG MzJGODg0NDBGREVCMzhDMEE2MjFBNjc5QTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9oGuQplgYTG1uIO6GI8HLKnJdzra4nF/X91MclPTHEhvBMVtR bmAeKkdlt4NgeaYkVcud9u+Rmb0Q0NZvPjU7T+uwQnm8O6rgmrlJTIrwehbKNZCV teQkGWw14kPiaHznIJenWTm63Cy4JVSt/MeW4ekvpdatfwzZGek7NQPbDG5Tnwxu 9YmSPxHConEolaSLV0p2ZfAlbB+QAUkAkz5GITOMH+w/n4dfQWzz9zLzD0OKh1QK OmYwwKVw6B96b2AToE5mWPmGco41Jv9vHulBnIJZHTi7uGpae9VOv7iOuYRB7t94 5mH0iz4yjGVDyvHw/h6W/80qMWTpmm4Yozc9AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUZuFZ3yTlzzL4hED96zjApiGmeaUwHwYDVR0jBBgwFoAU92yeQzYd6kRgd61w KQVzgK//MmYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 NC85MnllUXpZZDZrUmdkNjF3S1FWemdLX19NbVkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzkyeWVRellkNmtSZ2Q2MXdLUVZ6Z0tfX01tWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODQvWnVGWjN5VGx6ekw0 aEVEOTZ6akFwaUdtZWFVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmfL1DANBgkqhkiG9w0BAQsFAAOCAQEAQ9OnqidFeLs2dAALTWC1pHuQSDaW 0P6L6M3YlcqHI8s/XD+GIVVjsOiZXjMzF0nYrrf1wbqQEqLLCR4U1Nrpr1uvzkIO Eh6tGLi6/37W1Y+fB3mDf2PchdoVleMBLsSlgFqrdhRcjG3OrJJxC4XcjK/jqQZb V2A/rpZJPRd40jenxF/CbTgZ4Nl4AhvoiPRqC6xrRmlnW5hEfQIjTxJYaqK/wf9i CZybNqlf4F7EBOPGyGGL6WOGzxON/NJk60V4lZzE2z2M92YyqUApOBRXafT2L/7N 6Moq6LMDZankQI6p+BzOS9ScGU4Pzt6LGR8fIvzu6VLQryF0AyFLzwKtQw== -----END CERTIFICATE-----Generated at Mon Oct 20 17:20:09 2025 by rpki-client