$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2358/QJumW8JVOTIBPSJm600tKrKrEFU.roa File: QJumW8JVOTIBPSJm600tKrKrEFU.roa (raw, json) Hash identifier: frjTXPXRplruxuvW/Y/CAhH4DknwM2tPMCNNSkv/bOY= Subject key identifier: 40:9B:A6:5B:C2:55:39:32:01:3D:22:66:EB:4D:2D:2A:B2:AB:10:55 Certificate issuer: /CN=4C0430E3518A5AF51BC0DF62567E0D157CA523C1 Certificate serial: 4B Authority key identifier: 4C:04:30:E3:51:8A:5A:F5:1B:C0:DF:62:56:7E:0D:15:7C:A5:23:C1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TAQw41GKWvUbwN9iVn4NFXylI8E.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2358/QJumW8JVOTIBPSJm600tKrKrEFU.roa Signing time: Fri 26 Sep 2025 02:33:17 +0000 ROA not before: Fri 26 Sep 2025 02:33:17 +0000 ROA not after: Tue 15 Sep 2026 07:06:43 +0000 asID: 131539 IP address blocks: 110.42.13.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2358/TAQw41GKWvUbwN9iVn4NFXylI8E.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2358/TAQw41GKWvUbwN9iVn4NFXylI8E.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TAQw41GKWvUbwN9iVn4NFXylI8E.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 08:34:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75 (0x4b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4C0430E3518A5AF51BC0DF62567E0D157CA523C1 Validity Not Before: Sep 26 02:33:17 2025 GMT Not After : Sep 15 07:06:43 2026 GMT Subject: CN=409BA65BC2553932013D2266EB4D2D2AB2AB1055 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:9b:92:3b:83:8f:5f:5e:a2:68:be:9d:b0:97: 40:65:99:78:61:5f:87:8f:e5:cf:37:06:91:9f:7d: 7a:6c:e8:28:28:6b:e4:2e:42:29:91:86:97:4d:6d: df:76:23:72:65:22:2a:80:4a:3e:f8:7b:29:93:d2: a7:2c:d4:70:81:f6:65:b1:93:da:7a:e4:94:65:12: 4c:45:25:f0:99:9d:bd:01:cc:d1:f8:f0:12:01:d6: 3f:6c:b1:29:95:bf:fe:f4:79:87:72:13:73:fc:b2: 1c:f4:a8:92:78:c6:51:23:be:76:81:36:2e:ce:90: 26:b8:0d:6b:01:3a:4b:39:ac:d6:2e:52:b7:77:ba: a3:f0:6a:28:5d:5c:d3:f3:67:bb:0e:a2:1b:f8:da: b6:4f:4a:b4:1a:2e:8a:54:89:80:f6:46:26:31:82: 1a:d0:16:e4:12:de:69:c0:be:7e:49:5a:95:fd:d5: 4c:ca:3b:38:96:13:6f:74:3a:61:5d:07:37:66:30: 1a:0c:bb:4d:a9:a4:ed:aa:aa:fd:d0:7a:99:f8:e6: 37:72:c2:5b:6d:d0:53:18:84:8b:e9:51:96:08:78: 7f:f8:4e:31:98:86:77:7f:f3:8d:ed:df:44:81:76: 8d:25:f5:8f:39:d6:51:46:01:79:6c:5e:97:c7:c9: 82:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:9B:A6:5B:C2:55:39:32:01:3D:22:66:EB:4D:2D:2A:B2:AB:10:55 X509v3 Authority Key Identifier: keyid:4C:04:30:E3:51:8A:5A:F5:1B:C0:DF:62:56:7E:0D:15:7C:A5:23:C1 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2358/TAQw41GKWvUbwN9iVn4NFXylI8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TAQw41GKWvUbwN9iVn4NFXylI8E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2358/QJumW8JVOTIBPSJm600tKrKrEFU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.42.13.0/24 Signature Algorithm: sha256WithRSAEncryption 12:cf:8f:5d:97:35:02:fb:ec:8a:64:05:c2:1b:8c:b4:64:17: 2e:7d:82:a5:7a:fd:54:e8:99:5f:e4:60:60:05:68:3d:7c:90: 59:2a:3a:81:8a:26:1f:a5:46:a6:37:01:da:6d:c1:75:b6:5f: b0:23:0e:05:ec:82:9e:fa:15:c5:47:e0:12:ad:4d:92:06:ca: ce:4d:6f:01:a8:63:6e:9f:a6:c5:d4:ea:c0:dc:68:11:1c:70: 64:ca:c3:93:85:57:cd:79:80:a5:50:05:0e:ce:a5:94:f7:14: 3a:db:4a:9b:d4:e0:b9:f1:3d:e0:a8:2b:1e:2a:65:a4:89:9a: ef:6b:bf:e5:de:5d:9e:10:03:48:6d:d8:df:92:2d:4d:a0:6c: 6d:ae:12:79:e7:17:ed:1b:75:1c:b1:53:53:5b:52:8f:bb:ee: d5:8c:53:94:75:4f:12:a4:2f:d7:62:09:22:63:a3:24:8b:fd: ce:0c:11:7f:e0:f0:87:33:71:4a:c6:bf:ab:8a:2d:e8:8a:52: b2:55:95:79:20:69:e2:62:d5:8f:25:7d:49:a2:50:32:3f:43: c4:a5:fa:8a:16:7d:1c:06:d7:67:f3:23:38:d1:78:1a:01:e4: 77:9b:9c:f9:a7:10:94:a5:cb:a0:d8:b2:05:d0:84:83:91:e1: 47:c1:82:00 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0QzA0 MzBFMzUxOEE1QUY1MUJDMERGNjI1NjdFMEQxNTdDQTUyM0MxMB4XDTI1MDkyNjAy MzMxN1oXDTI2MDkxNTA3MDY0M1owMzExMC8GA1UEAxMoNDA5QkE2NUJDMjU1Mzkz MjAxM0QyMjY2RUI0RDJEMkFCMkFCMTA1NTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALmbkjuDj19eomi+nbCXQGWZeGFfh4/lzzcGkZ99emzoKChr5C5C KZGGl01t33YjcmUiKoBKPvh7KZPSpyzUcIH2ZbGT2nrklGUSTEUl8JmdvQHM0fjw EgHWP2yxKZW//vR5h3ITc/yyHPSoknjGUSO+doE2Ls6QJrgNawE6Szms1i5St3e6 o/BqKF1c0/Nnuw6iG/jatk9KtBouilSJgPZGJjGCGtAW5BLeacC+fklalf3VTMo7 OJYTb3Q6YV0HN2YwGgy7Tamk7aqq/dB6mfjmN3LCW23QUxiEi+lRlgh4f/hOMZiG d3/zje3fRIF2jSX1jznWUUYBeWxel8fJgucCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBRAm6ZbwlU5MgE9ImbrTS0qsqsQVTAfBgNVHSMEGDAWgBRMBDDjUYpa9RvA32JW fg0VfKUjwTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yMzU4 L1RBUXc0MUdLV3ZVYndOOWlWbjRORlh5bEk4RS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvVEFRdzQxR0tXdlVid045aVZuNE5GWHlsSThFLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjM1OC9RSnVtVzhKVk9USUJQ U0ptNjAwdEtyS3JFRlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAbioNMA0GCSqGSIb3DQEBCwUAA4IBAQASz49dlzUC++yKZAXCG4y0ZBcufYKl ev1U6Jlf5GBgBWg9fJBZKjqBiiYfpUamNwHabcF1tl+wIw4F7IKe+hXFR+ASrU2S BsrOTW8BqGNun6bF1OrA3GgRHHBkysOThVfNeYClUAUOzqWU9xQ620qb1OC58T3g qCseKmWkiZrva7/l3l2eEANIbdjfki1NoGxtrhJ55xftG3UcsVNTW1KPu+7VjFOU dU8SpC/XYgkiY6Mki/3ODBF/4PCHM3FKxr+rii3oilKyVZV5IGniYtWPJX1JolAy P0PEpfqKFn0cBtdn8yM40XgaAeR3m5z5pxCUpcug2LIF0ISDkeFHwYIA -----END CERTIFICATE-----Generated at Mon Oct 20 05:45:58 2025 by rpki-client