$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1823/PiAO1v8jnMnY9e87HdvS9NXotqg.roa File: PiAO1v8jnMnY9e87HdvS9NXotqg.roa (raw, json) Hash identifier: 90WlczYrnFxGi5QzQBqF1fxcMsXvHLSLiqJGOJQf0NU= Subject key identifier: 3E:20:0E:D6:FF:23:9C:C9:D8:F5:EF:3B:1D:DB:D2:F4:D5:E8:B6:A8 Certificate issuer: /CN=46E7400FC97FC7A2093E054CF0DF42CB77564023 Certificate serial: 06DA Authority key identifier: 46:E7:40:0F:C9:7F:C7:A2:09:3E:05:4C:F0:DF:42:CB:77:56:40:23 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RudAD8l_x6IJPgVM8N9Cy3dWQCM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/PiAO1v8jnMnY9e87HdvS9NXotqg.roa Signing time: Sat 13 Sep 2025 03:07:47 +0000 ROA not before: Sat 13 Sep 2025 03:07:47 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59065 IP address blocks: 103.59.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/RudAD8l_x6IJPgVM8N9Cy3dWQCM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/RudAD8l_x6IJPgVM8N9Cy3dWQCM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RudAD8l_x6IJPgVM8N9Cy3dWQCM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:36:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1754 (0x6da) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=46E7400FC97FC7A2093E054CF0DF42CB77564023 Validity Not Before: Sep 13 03:07:47 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3E200ED6FF239CC9D8F5EF3B1DDBD2F4D5E8B6A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:93:77:1a:57:30:81:06:e7:d9:9a:80:d4:c8: 48:5e:d4:b5:21:95:3b:14:81:c6:db:45:26:33:db: b7:cf:b7:c3:a1:d0:bc:e4:75:1a:88:ac:e0:b0:8c: 80:8b:7f:25:51:af:dd:64:dc:79:d4:e2:62:8c:4f: 8c:d1:38:ac:c5:26:a4:23:33:4d:b7:07:03:85:60: b9:64:85:89:b4:2c:f9:80:92:df:c5:d4:de:da:7f: db:e6:56:39:b2:49:44:46:66:99:11:58:47:9c:44: 25:13:da:ed:80:f8:f8:b1:55:cf:fd:68:9a:df:22: 87:2b:4c:5f:91:6a:56:f6:a6:97:91:67:87:76:ed: bd:0b:d9:c5:33:b9:94:d0:29:b7:bf:34:8e:24:7c: 6d:e6:28:26:00:35:a3:a2:7e:6f:db:6f:b9:32:ec: 64:c1:72:00:65:83:3d:ab:d3:ff:40:1a:24:e9:4a: 29:e5:90:b3:78:80:ab:84:b0:a7:5e:f7:34:2c:74: f2:65:ea:36:a9:c9:66:e0:b8:66:84:22:d6:cd:f3: fe:9b:c6:2a:e9:99:cd:71:8e:00:44:65:00:c7:99: f1:5c:25:70:10:9b:ca:7b:39:ab:b5:27:af:d3:3c: 2c:31:16:6a:3f:7f:0f:aa:f1:99:14:42:c2:ed:28: 53:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:20:0E:D6:FF:23:9C:C9:D8:F5:EF:3B:1D:DB:D2:F4:D5:E8:B6:A8 X509v3 Authority Key Identifier: keyid:46:E7:40:0F:C9:7F:C7:A2:09:3E:05:4C:F0:DF:42:CB:77:56:40:23 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/RudAD8l_x6IJPgVM8N9Cy3dWQCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RudAD8l_x6IJPgVM8N9Cy3dWQCM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/PiAO1v8jnMnY9e87HdvS9NXotqg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.59.123.0/24 Signature Algorithm: sha256WithRSAEncryption 26:b6:f7:fd:50:32:a6:6b:74:5c:54:dd:a1:fb:37:5c:03:97: ab:5a:db:60:a3:14:e6:d4:c7:51:9d:82:33:da:0b:c3:6c:38: f8:a6:bc:e4:34:64:a8:83:94:13:66:db:78:08:a8:d7:57:99: e7:44:87:04:31:48:a2:c0:48:2c:5c:0c:8b:63:94:04:d1:2f: 8d:99:d5:94:31:99:46:61:51:39:6b:e6:90:3b:d7:4f:bb:f5: 2e:ca:d1:b2:ec:06:30:62:0f:06:75:e7:df:3c:b1:86:56:8e: 2e:b7:df:43:28:ca:38:d1:fb:a4:f9:b5:6d:1e:bc:31:e6:77: 09:9e:91:11:21:83:73:71:1a:cf:d8:5d:af:0b:f6:88:28:9c: 43:98:d6:1f:bc:61:c1:dd:a7:53:27:d7:6f:81:18:9e:c8:ef: da:4f:01:0a:94:d9:64:70:07:5a:e4:a0:03:49:58:ed:25:fa: 52:96:76:c0:13:e9:13:4c:cd:cc:fa:99:4b:60:7f:4a:73:e0: f7:95:55:82:d6:de:eb:e5:94:84:d1:b2:6e:56:6a:25:31:bf: db:60:5a:e9:da:39:e0:01:f3:e7:7a:2b:57:92:a9:27:76:04: 5a:7a:71:fa:ab:30:9c:55:e8:ea:79:e7:32:72:c2:b4:5e:3c: 07:f2:99:92 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBtowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDZF NzQwMEZDOTdGQzdBMjA5M0UwNTRDRjBERjQyQ0I3NzU2NDAyMzAeFw0yNTA5MTMw MzA3NDdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDNFMjAwRUQ2RkYyMzlD QzlEOEY1RUYzQjFEREJEMkY0RDVFOEI2QTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDek3caVzCBBufZmoDUyEhe1LUhlTsUgcbbRSYz27fPt8Oh0Lzk dRqIrOCwjICLfyVRr91k3HnU4mKMT4zROKzFJqQjM023BwOFYLlkhYm0LPmAkt/F 1N7af9vmVjmySURGZpkRWEecRCUT2u2A+PixVc/9aJrfIocrTF+Ralb2ppeRZ4d2 7b0L2cUzuZTQKbe/NI4kfG3mKCYANaOifm/bb7ky7GTBcgBlgz2r0/9AGiTpSinl kLN4gKuEsKde9zQsdPJl6japyWbguGaEItbN8/6bxirpmc1xjgBEZQDHmfFcJXAQ m8p7Oau1J6/TPCwxFmo/fw+q8ZkUQsLtKFP3AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUPiAO1v8jnMnY9e87HdvS9NXotqgwHwYDVR0jBBgwFoAURudAD8l/x6IJPgVM 8N9Cy3dWQCMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTgy My9SdWRBRDhsX3g2SUpQZ1ZNOE45Q3kzZFdRQ00uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1J1ZEFEOGxfeDZJSlBnVk04TjlDeTNkV1FDTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE4MjMvUGlBTzF2OGpuTW5Z OWU4N0hkdlM5TlhvdHFnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGc7ezANBgkqhkiG9w0BAQsFAAOCAQEAJrb3/VAypmt0XFTdofs3XAOXq1rb YKMU5tTHUZ2CM9oLw2w4+Ka85DRkqIOUE2bbeAio11eZ50SHBDFIosBILFwMi2OU BNEvjZnVlDGZRmFROWvmkDvXT7v1LsrRsuwGMGIPBnXn3zyxhlaOLrffQyjKONH7 pPm1bR68MeZ3CZ6RESGDc3Eaz9hdrwv2iCicQ5jWH7xhwd2nUyfXb4EYnsjv2k8B CpTZZHAHWuSgA0lY7SX6UpZ2wBPpE0zNzPqZS2B/SnPg95VVgtbe6+WUhNGyblZq JTG/22Ba6do54AHz53orV5KpJ3YEWnpx+qswnFXo6nnnMnLCtF48B/KZkg== -----END CERTIFICATE-----Generated at Mon Oct 20 13:31:51 2025 by rpki-client