$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/QD7THVmiGOcCiQQPVumiDRR-d7I.roa File: QD7THVmiGOcCiQQPVumiDRR-d7I.roa (raw, json) Hash identifier: BeWz4UxSBqt/CJdq0rqcX/Y2LZaQqSYTg9P3zaCSJy8= Subject key identifier: 40:3E:D3:1D:59:A2:18:E7:02:89:04:0F:56:E9:A2:0D:14:7E:77:B2 Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 5CFF Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/QD7THVmiGOcCiQQPVumiDRR-d7I.roa Signing time: Sat 13 Sep 2025 03:06:30 +0000 ROA not before: Sat 13 Sep 2025 03:06:30 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4816 IP address blocks: 103.44.236.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23807 (0x5cff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Sep 13 03:06:30 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=403ED31D59A218E70289040F56E9A20D147E77B2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:95:60:b4:9c:46:a9:6c:66:0f:b2:cd:6f:c4: 34:fd:93:e2:39:0b:02:f0:49:4c:91:9f:25:70:8e: 60:74:97:f7:82:58:f7:15:30:03:29:96:ec:5a:b0: e4:0b:fe:b5:57:ba:5c:56:31:68:52:02:7b:f0:cf: 60:25:52:b9:c4:8b:24:cf:0d:7f:e9:13:91:b2:b3: 6e:bc:26:5c:16:4b:86:38:e6:20:25:94:a6:59:84: 26:d1:48:d1:60:37:1e:62:46:e7:b4:1d:db:20:34: fc:d7:7d:11:9d:b0:36:cb:12:21:1d:8e:d4:e2:c3: 24:5c:ba:ad:09:a5:d7:79:a9:8c:6d:bd:5b:54:64: a0:09:04:25:9f:00:27:7f:6c:8c:8f:e5:67:aa:54: 0d:fd:9c:c0:38:d6:f7:96:ef:03:06:19:46:6c:e5: 34:7a:3a:76:e2:9e:f1:2c:91:08:b6:34:79:55:a1: cd:c9:58:44:85:9d:4d:68:65:01:1e:9f:9c:04:80: 31:91:29:03:6c:4f:a9:22:d0:74:30:1e:fc:b4:a3: 52:ae:56:7a:71:b1:24:27:4c:50:f2:c8:90:c2:be: b5:e5:85:2d:76:76:05:2b:20:1f:8c:e6:2c:a0:9f: 71:c8:a3:65:dc:30:c9:62:11:a4:24:4b:82:de:27: 89:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:3E:D3:1D:59:A2:18:E7:02:89:04:0F:56:E9:A2:0D:14:7E:77:B2 X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/QD7THVmiGOcCiQQPVumiDRR-d7I.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.44.236.0/22 Signature Algorithm: sha256WithRSAEncryption 15:0c:48:10:cd:80:1f:18:7d:1e:a0:6e:c0:84:a1:85:d5:87: b3:ef:8b:35:b3:7e:17:07:5d:03:1c:be:d2:8c:11:d8:69:23: 25:1b:98:ea:5e:1e:9a:9a:e7:08:0d:3c:be:7d:66:05:b4:03: 91:bf:59:e2:bb:3e:ec:ac:51:2d:66:b0:79:be:36:4b:64:22: 1d:36:16:f4:f4:c4:c0:f7:d3:97:49:c6:21:6d:33:80:38:d9: 2b:8a:bb:57:66:5e:52:04:da:65:c6:44:32:26:78:7f:0d:90: e5:64:8d:92:36:9b:f2:0b:21:10:93:53:ac:0a:8d:39:ff:9d: 7b:7d:4b:0e:91:47:13:5b:f0:4a:aa:6d:f3:9d:dd:dd:05:f0: 7f:a4:52:ab:a4:50:38:2e:e8:a5:14:cc:a0:52:a1:3b:af:35: 78:8a:64:6d:bd:0f:59:c3:86:93:a5:ca:6e:41:bd:14:09:23: 5a:70:66:7c:62:07:24:03:04:5b:6c:dd:6f:ee:cf:88:5a:a1: fb:ba:1e:c8:15:a6:a8:28:79:bb:5a:fa:68:62:9a:7b:a8:b8: f8:d3:45:2f:08:db:3a:a8:ef:40:cc:72:f1:ee:6f:c9:0f:fd: 26:b5:b1:05:13:86:c5:42:5e:aa:52:73:e4:51:0a:0c:2c:19: b0:49:b2:0e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICXP8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTA5MTMw MzA2MzBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQwM0VEMzFENTlBMjE4 RTcwMjg5MDQwRjU2RTlBMjBEMTQ3RTc3QjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDhlWC0nEapbGYPss1vxDT9k+I5CwLwSUyRnyVwjmB0l/eCWPcV MAMpluxasOQL/rVXulxWMWhSAnvwz2AlUrnEiyTPDX/pE5Gys268JlwWS4Y45iAl lKZZhCbRSNFgNx5iRue0HdsgNPzXfRGdsDbLEiEdjtTiwyRcuq0Jpdd5qYxtvVtU ZKAJBCWfACd/bIyP5WeqVA39nMA41veW7wMGGUZs5TR6OnbinvEskQi2NHlVoc3J WESFnU1oZQEen5wEgDGRKQNsT6ki0HQwHvy0o1KuVnpxsSQnTFDyyJDCvrXlhS12 dgUrIB+M5iygn3HIo2XcMMliEaQkS4LeJ4ldAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUQD7THVmiGOcCiQQPVumiDRR+d7IwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvUUQ3VEhWbWlHT2ND aVFRUFZ1bWlEUlItZDdJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmcs7DANBgkqhkiG9w0BAQsFAAOCAQEAFQxIEM2AHxh9HqBuwIShhdWHs++L NbN+FwddAxy+0owR2GkjJRuY6l4emprnCA08vn1mBbQDkb9Z4rs+7KxRLWaweb42 S2QiHTYW9PTEwPfTl0nGIW0zgDjZK4q7V2ZeUgTaZcZEMiZ4fw2Q5WSNkjab8gsh EJNTrAqNOf+de31LDpFHE1vwSqpt853d3QXwf6RSq6RQOC7opRTMoFKhO681eIpk bb0PWcOGk6XKbkG9FAkjWnBmfGIHJAMEW2zdb+7PiFqh+7oeyBWmqCh5u1r6aGKa e6i4+NNFLwjbOqjvQMxy8e5vyQ/9JrWxBROGxUJeqlJz5FEKDCwZsEmyDg== -----END CERTIFICATE-----Generated at Mon Oct 20 08:42:44 2025 by rpki-client