$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/vQGMLXKuPigq7LZo-Pr7Y9YiM-c.roa File: vQGMLXKuPigq7LZo-Pr7Y9YiM-c.roa (raw, json) Hash identifier: zTk7jcBriJqG2gtlVugmX1oERrjs/CQDeKUtk6NsPUk= Subject key identifier: BD:01:8C:2D:72:AE:3E:28:2A:EC:B6:68:F8:FA:FB:63:D6:22:33:E7 Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 5D03 Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/vQGMLXKuPigq7LZo-Pr7Y9YiM-c.roa Signing time: Sat 13 Sep 2025 03:06:31 +0000 ROA not before: Sat 13 Sep 2025 03:06:31 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 134762 IP address blocks: 43.226.50.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23811 (0x5d03) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Sep 13 03:06:31 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=BD018C2D72AE3E282AECB668F8FAFB63D62233E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:6a:3a:c3:20:09:cd:15:e6:53:0c:de:83:fa: 57:7b:c0:4f:52:20:6d:8d:ba:82:3d:3e:9d:a5:3b: ce:74:07:78:06:fd:2b:77:62:5f:f5:44:19:bf:0e: af:98:13:56:a8:aa:83:d9:50:11:77:c4:c0:64:5b: 23:21:75:56:cd:b5:20:b7:14:ef:c3:21:33:f0:99: 4d:fd:6f:a5:d3:e9:57:45:ec:2c:98:cb:0b:54:d4: 24:ea:a4:fe:b8:f3:06:51:1c:dc:7f:de:f3:7b:54: 93:59:c8:a2:35:7a:22:12:c9:c2:79:b4:c5:db:f6: 76:04:93:29:7d:2e:e9:06:d2:d6:01:57:de:1d:0c: 3d:61:e8:58:37:3a:a8:6b:24:5b:ea:90:e9:77:dc: d7:e9:39:31:59:71:65:55:97:ba:49:3e:4d:45:4a: c7:12:44:53:93:59:29:f3:1e:2b:82:04:5a:91:9a: ed:7f:d2:8b:8b:d5:4b:e9:ec:28:54:5a:33:11:55: f5:18:9e:09:1f:cd:50:5f:c5:99:d9:70:01:6b:c6: 27:b5:be:01:e6:b3:af:9b:73:9b:ab:a0:d8:93:d1: 1d:72:e4:2d:db:b1:7e:be:90:8e:ae:7c:77:94:b4: 85:8c:17:09:e6:53:f6:dd:33:55:19:67:30:c5:6d: 58:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:01:8C:2D:72:AE:3E:28:2A:EC:B6:68:F8:FA:FB:63:D6:22:33:E7 X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/vQGMLXKuPigq7LZo-Pr7Y9YiM-c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.226.50.0/23 Signature Algorithm: sha256WithRSAEncryption 23:96:28:eb:55:f4:ea:6c:a0:52:f3:c3:d4:79:be:28:07:27: b3:f9:b0:2f:c1:82:68:0f:9a:e7:d1:07:e8:16:48:f9:36:ac: b7:f4:a2:80:1c:71:7b:57:93:25:6f:57:c9:2a:2b:b0:95:68: 63:df:b4:46:9a:a9:e5:8a:c7:d1:50:c0:12:33:01:38:c4:59: 13:a9:eb:d2:71:90:fe:52:68:e4:3a:c4:4e:bc:36:9c:40:ed: fb:d4:87:64:85:aa:aa:16:03:93:18:90:f6:a9:a1:b5:c7:f5: 61:85:3d:fe:90:8a:74:52:23:3d:5d:29:6d:b4:52:ee:0e:fe: 0a:82:02:92:5d:c9:11:a7:0d:c7:06:2f:4b:d1:81:4d:58:6b: ec:82:8f:b3:70:5b:60:6f:d3:78:dd:cf:20:9d:a1:2f:36:65: 2e:0c:e5:6d:cb:67:48:bc:28:86:3b:1c:27:4d:d9:5e:ca:8c: 06:c1:a1:67:ac:d8:af:03:43:5f:c4:75:ca:d5:2b:6e:a1:4e: f8:68:87:de:cf:42:e6:20:9c:c9:0f:d2:46:ab:b7:72:23:57: 89:98:9a:45:1e:7d:a5:49:5a:5b:b5:81:e8:17:2d:ad:18:1b: 81:3b:42:90:d0:96:8d:05:fe:74:fa:2f:df:d4:36:16:12:3c: 88:4b:a1:19 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICXQMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTA5MTMw MzA2MzFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEJEMDE4QzJENzJBRTNF MjgyQUVDQjY2OEY4RkFGQjYzRDYyMjMzRTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/ajrDIAnNFeZTDN6D+ld7wE9SIG2NuoI9Pp2lO850B3gG/St3 Yl/1RBm/Dq+YE1aoqoPZUBF3xMBkWyMhdVbNtSC3FO/DITPwmU39b6XT6VdF7CyY ywtU1CTqpP648wZRHNx/3vN7VJNZyKI1eiISycJ5tMXb9nYEkyl9LukG0tYBV94d DD1h6Fg3OqhrJFvqkOl33NfpOTFZcWVVl7pJPk1FSscSRFOTWSnzHiuCBFqRmu1/ 0ouL1Uvp7ChUWjMRVfUYngkfzVBfxZnZcAFrxie1vgHms6+bc5uroNiT0R1y5C3b sX6+kI6ufHeUtIWMFwnmU/bdM1UZZzDFbVg1AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUvQGMLXKuPigq7LZo+Pr7Y9YiM+cwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvdlFHTUxYS3VQaWdx N0xaby1QcjdZOVlpTS1jLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEASviMjANBgkqhkiG9w0BAQsFAAOCAQEAI5Yo61X06mygUvPD1Hm+KAcns/mw L8GCaA+a59EH6BZI+Tast/SigBxxe1eTJW9XySorsJVoY9+0Rpqp5YrH0VDAEjMB OMRZE6nr0nGQ/lJo5DrETrw2nEDt+9SHZIWqqhYDkxiQ9qmhtcf1YYU9/pCKdFIj PV0pbbRS7g7+CoICkl3JEacNxwYvS9GBTVhr7IKPs3BbYG/TeN3PIJ2hLzZlLgzl bctnSLwohjscJ03ZXsqMBsGhZ6zYrwNDX8R1ytUrbqFO+GiH3s9C5iCcyQ/SRqu3 ciNXiZiaRR59pUlaW7WB6BctrRgbgTtCkNCWjQX+dPov39Q2FhI8iEuhGQ== -----END CERTIFICATE-----Generated at Mon Oct 20 08:42:54 2025 by rpki-client