$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/No7gvAe0HiqMlWPX1eORii_qHNg.roa File: No7gvAe0HiqMlWPX1eORii_qHNg.roa (raw, json) Hash identifier: fsHInzrmBhxkqHfoeln8hYzxASuDDoDSJJ6xYdeYcAY= Subject key identifier: 36:8E:E0:BC:07:B4:1E:2A:8C:95:63:D7:D5:E3:91:8A:2F:EA:1C:D8 Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 5CFD Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/No7gvAe0HiqMlWPX1eORii_qHNg.roa Signing time: Sat 13 Sep 2025 03:06:30 +0000 ROA not before: Sat 13 Sep 2025 03:06:30 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4816 IP address blocks: 103.44.240.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23805 (0x5cfd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Sep 13 03:06:30 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=368EE0BC07B41E2A8C9563D7D5E3918A2FEA1CD8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:5f:33:fc:6c:19:71:d8:58:c7:5a:16:ba:8c: be:68:0b:eb:f7:4e:16:68:9a:99:18:2b:62:ae:b7: 95:e9:8a:35:58:f0:fa:5c:93:32:75:91:f3:5e:39: 5e:b3:0a:c1:d8:0e:08:2e:4b:16:ec:33:27:b0:4e: 0c:16:10:5e:40:35:f0:21:b8:b1:26:fb:05:41:3a: 09:32:26:ec:31:99:10:53:94:3d:73:f3:d5:2e:4d: 19:3b:a3:18:fa:15:96:d2:3e:ee:2d:a2:ea:62:21: c3:12:7f:50:13:26:83:a2:d2:7b:3a:48:64:af:19: a1:1d:16:1d:39:7f:8b:9b:69:af:01:e3:77:27:cd: 5f:e8:77:58:06:d9:2e:8c:85:3c:b7:5b:46:f6:a7: b3:b1:b7:ca:26:d7:ee:97:74:73:16:05:1f:5b:34: e7:43:1c:c7:85:84:14:c1:c8:61:84:92:9d:d9:03: 16:c8:fd:2f:06:99:e1:df:a0:b2:81:e7:dc:40:7d: e4:44:b2:b8:8f:a3:34:3c:e3:02:75:f8:c3:8d:18: fe:4b:70:00:31:ba:f3:4b:86:64:18:52:08:5d:62: cc:9f:b9:8b:4e:85:f0:95:c8:e9:f1:0f:5f:e3:5b: 62:d9:6c:17:71:b2:cb:17:8d:92:91:ca:8d:31:82: 55:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:8E:E0:BC:07:B4:1E:2A:8C:95:63:D7:D5:E3:91:8A:2F:EA:1C:D8 X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/No7gvAe0HiqMlWPX1eORii_qHNg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.44.240.0/20 Signature Algorithm: sha256WithRSAEncryption 02:26:fb:34:b2:bc:58:ab:a7:65:00:cb:96:a5:6d:0a:f2:c3: 4f:29:76:c5:95:53:79:df:71:9f:29:07:b7:9d:a8:65:fe:59: a5:0e:12:dd:34:d2:95:c7:1d:e0:c9:5f:35:7e:28:7f:1e:24: 8e:60:13:8b:49:8d:47:15:87:06:3e:b3:31:8f:86:e5:f2:57: 82:aa:9c:22:94:50:ef:1f:36:39:ea:cf:0c:44:1c:f0:da:e4: 2f:46:f3:56:62:2d:f5:71:47:b8:b3:2c:59:30:81:2c:cd:bf: 43:cc:c3:0e:e7:be:ff:18:2d:03:02:cf:94:6f:75:c3:68:08: d4:d5:d5:72:1f:8b:29:64:3c:9a:54:a0:bb:ae:ec:17:a4:49: 51:df:34:94:10:67:40:3e:01:15:68:ee:c4:5e:ee:14:0b:92: 68:ff:2e:81:3c:05:4e:20:1f:ea:b6:3b:fb:05:95:b1:a0:88: 46:ef:8d:e1:f0:f3:1c:48:1f:36:76:ed:a5:d8:7d:d3:7b:cf: 30:40:cf:6f:b6:d2:bc:a7:73:a7:42:82:9c:cb:bf:6c:6b:50: 72:93:61:ee:40:54:01:cf:3c:a6:be:15:5f:33:a2:7e:71:13: 37:3f:43:4f:b4:3c:8e:89:bd:c2:41:57:ee:87:0d:f2:e1:95: c6:01:0d:6a -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICXP0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTA5MTMw MzA2MzBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDM2OEVFMEJDMDdCNDFF MkE4Qzk1NjNEN0Q1RTM5MThBMkZFQTFDRDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQChXzP8bBlx2FjHWha6jL5oC+v3ThZompkYK2Kut5XpijVY8Ppc kzJ1kfNeOV6zCsHYDgguSxbsMyewTgwWEF5ANfAhuLEm+wVBOgkyJuwxmRBTlD1z 89UuTRk7oxj6FZbSPu4toupiIcMSf1ATJoOi0ns6SGSvGaEdFh05f4ubaa8B43cn zV/od1gG2S6MhTy3W0b2p7Oxt8om1+6XdHMWBR9bNOdDHMeFhBTByGGEkp3ZAxbI /S8GmeHfoLKB59xAfeREsriPozQ84wJ1+MONGP5LcAAxuvNLhmQYUghdYsyfuYtO hfCVyOnxD1/jW2LZbBdxsssXjZKRyo0xglULAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUNo7gvAe0HiqMlWPX1eORii/qHNgwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvTm83Z3ZBZTBIaXFN bFdQWDFlT1JpaV9xSE5nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBGcs8DANBgkqhkiG9w0BAQsFAAOCAQEAAib7NLK8WKunZQDLlqVtCvLDTyl2 xZVTed9xnykHt52oZf5ZpQ4S3TTSlccd4MlfNX4ofx4kjmATi0mNRxWHBj6zMY+G 5fJXgqqcIpRQ7x82OerPDEQc8NrkL0bzVmIt9XFHuLMsWTCBLM2/Q8zDDue+/xgt AwLPlG91w2gI1NXVch+LKWQ8mlSgu67sF6RJUd80lBBnQD4BFWjuxF7uFAuSaP8u gTwFTiAf6rY7+wWVsaCIRu+N4fDzHEgfNnbtpdh903vPMEDPb7bSvKdzp0KCnMu/ bGtQcpNh7kBUAc88pr4VXzOifnETNz9DT7Q8jom9wkFX7ocN8uGVxgENag== -----END CERTIFICATE-----Generated at Mon Oct 20 12:10:27 2025 by rpki-client