$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/XsbnPodlNkVFgCzTwYVVRKP-GEQ.roa File: XsbnPodlNkVFgCzTwYVVRKP-GEQ.roa (raw, json) Hash identifier: yacvbm4gKGYgc5wCZtcaOFLtzo1EC6TxZpfMKP9mzO4= Subject key identifier: 5E:C6:E7:3E:87:65:36:45:45:80:2C:D3:C1:85:55:44:A3:FE:18:44 Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 5CF1 Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/XsbnPodlNkVFgCzTwYVVRKP-GEQ.roa Signing time: Sat 13 Sep 2025 03:06:27 +0000 ROA not before: Sat 13 Sep 2025 03:06:27 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4816 IP address blocks: 103.39.232.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23793 (0x5cf1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Sep 13 03:06:27 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=5EC6E73E8765364545802CD3C1855544A3FE1844 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:a3:00:d1:b0:d9:fc:9c:56:19:fa:93:5b:dc: a0:1c:35:31:ed:57:92:1d:5e:26:f1:2f:24:77:04: c6:54:7b:47:be:c1:f5:d0:ae:e7:a1:70:64:49:06: 9c:de:71:b6:52:6d:e1:a2:17:b6:54:31:d5:dd:ac: 35:45:c3:9a:2b:4e:e9:7a:e3:bd:eb:f5:29:96:ac: 01:1c:ca:e0:5a:09:8c:bd:3e:85:a6:6a:d7:a9:2a: e5:02:7a:1e:24:52:7c:7a:fe:34:09:c5:09:b5:e1: ee:e1:60:01:4b:f7:6d:bf:05:20:62:7f:48:94:b8: e7:44:db:f5:48:94:e6:17:ae:73:f4:de:c6:95:06: 8d:7c:a1:25:d3:33:e2:5f:de:41:6f:66:54:4b:e6: 06:22:5d:99:e4:f4:99:bf:df:41:30:b6:b7:07:41: 2f:0e:b9:cf:91:5e:04:d4:ce:af:f9:3e:14:18:b8: d6:dd:ea:4b:59:bf:d8:31:26:2d:71:b7:2c:e1:1b: af:57:a8:9d:ca:0d:76:b4:f1:83:0e:c9:db:d8:7d: aa:3a:28:2e:c7:bb:f2:9c:a6:a2:55:46:36:60:8e: 4b:2b:64:0a:ee:8d:a7:59:6d:79:36:2c:35:48:58: fd:36:c9:6f:71:41:43:e2:60:c5:17:c7:05:83:12: 41:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:C6:E7:3E:87:65:36:45:45:80:2C:D3:C1:85:55:44:A3:FE:18:44 X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/XsbnPodlNkVFgCzTwYVVRKP-GEQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.39.232.0/22 Signature Algorithm: sha256WithRSAEncryption 01:22:8a:fc:9a:f2:6d:c3:30:5c:42:37:05:55:23:bc:74:12: d4:27:e3:3a:7d:f6:a7:bf:c4:24:74:41:f0:3d:80:d6:a5:31: 53:84:a9:95:62:ac:01:70:8e:0c:d9:65:27:87:eb:04:c2:01: 80:29:f6:71:ba:27:17:ca:1d:94:69:0c:90:7c:1a:ec:4f:74: 51:80:2d:76:14:83:e8:a7:db:9c:f0:e2:6b:60:de:64:f7:87: 55:80:9e:dd:c4:de:81:0d:74:2e:d6:e1:c7:f8:8c:cf:28:9c: cc:b6:ab:d4:db:3f:28:5c:33:75:27:7e:57:39:f1:a5:ca:da: 60:62:71:87:2d:b3:e2:85:0d:bf:d0:de:53:34:08:0b:79:cc: aa:55:55:7f:d6:18:4d:8f:66:2c:d9:43:c2:ec:c1:36:bb:48: 6d:55:47:49:d5:8b:34:ed:67:7a:10:c0:cc:fc:c8:fa:e5:eb: a8:83:7c:3b:83:f2:ec:f7:f1:1a:75:e8:bb:3b:b4:f8:66:84: c3:ef:eb:30:c2:38:44:ec:17:3a:f5:ed:62:1c:85:4e:06:e6: 5a:35:b0:7c:3a:40:41:95:c1:43:7b:01:e5:2e:c2:e7:cf:b9: 53:16:c5:54:17:17:e9:89:3b:5d:e4:5a:1a:09:60:5c:43:c3: 3a:22:e4:ef -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICXPEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTA5MTMw MzA2MjdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDVFQzZFNzNFODc2NTM2 NDU0NTgwMkNEM0MxODU1NTQ0QTNGRTE4NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDdowDRsNn8nFYZ+pNb3KAcNTHtV5IdXibxLyR3BMZUe0e+wfXQ ruehcGRJBpzecbZSbeGiF7ZUMdXdrDVFw5orTul6473r9SmWrAEcyuBaCYy9PoWm atepKuUCeh4kUnx6/jQJxQm14e7hYAFL922/BSBif0iUuOdE2/VIlOYXrnP03saV Bo18oSXTM+Jf3kFvZlRL5gYiXZnk9Jm/30EwtrcHQS8Ouc+RXgTUzq/5PhQYuNbd 6ktZv9gxJi1xtyzhG69XqJ3KDXa08YMOydvYfao6KC7Hu/KcpqJVRjZgjksrZAru jadZbXk2LDVIWP02yW9xQUPiYMUXxwWDEkFdAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUXsbnPodlNkVFgCzTwYVVRKP+GEQwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvWHNiblBvZGxOa1ZG Z0N6VHdZVlZSS1AtR0VRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmcn6DANBgkqhkiG9w0BAQsFAAOCAQEAASKK/JrybcMwXEI3BVUjvHQS1Cfj On32p7/EJHRB8D2A1qUxU4SplWKsAXCODNllJ4frBMIBgCn2cbonF8odlGkMkHwa 7E90UYAtdhSD6KfbnPDia2DeZPeHVYCe3cTegQ10Ltbhx/iMzyiczLar1Ns/KFwz dSd+VznxpcraYGJxhy2z4oUNv9DeUzQIC3nMqlVVf9YYTY9mLNlDwuzBNrtIbVVH SdWLNO1nehDAzPzI+uXrqIN8O4Py7PfxGnXouzu0+GaEw+/rMMI4ROwXOvXtYhyF TgbmWjWwfDpAQZXBQ3sB5S7C58+5UxbFVBcX6Yk7XeRaGglgXEPDOiLk7w== -----END CERTIFICATE-----Generated at Mon Oct 20 12:10:11 2025 by rpki-client