$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2508/TpMs6bPK4cf4uW7n5qAsxrDULkQ.roa File: TpMs6bPK4cf4uW7n5qAsxrDULkQ.roa (raw, json) Hash identifier: a25ZsZM5E4CFJKKQWF0XfZcd9CLN7AqD+nYr1/0kCs8= Subject key identifier: 4E:93:2C:E9:B3:CA:E1:C7:F8:B9:6E:E7:E6:A0:2C:C6:B0:D4:2E:44 Certificate issuer: /CN=FB78391367C8AD97D1A9C21A353285AD5E688D1C Certificate serial: 18CC Authority key identifier: FB:78:39:13:67:C8:AD:97:D1:A9:C2:1A:35:32:85:AD:5E:68:8D:1C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-3g5E2fIrZfRqcIaNTKFrV5ojRw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2508/TpMs6bPK4cf4uW7n5qAsxrDULkQ.roa Signing time: Fri 19 Sep 2025 19:33:45 +0000 ROA not before: Fri 19 Sep 2025 19:33:45 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55991 IP address blocks: 103.44.144.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2508/-3g5E2fIrZfRqcIaNTKFrV5ojRw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2508/-3g5E2fIrZfRqcIaNTKFrV5ojRw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-3g5E2fIrZfRqcIaNTKFrV5ojRw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 00:35:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6348 (0x18cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FB78391367C8AD97D1A9C21A353285AD5E688D1C Validity Not Before: Sep 19 19:33:45 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4E932CE9B3CAE1C7F8B96EE7E6A02CC6B0D42E44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:76:d9:70:89:43:46:ce:2a:2c:96:c0:f2:95: 3d:29:38:fa:94:f6:7f:72:a5:c4:0c:bf:b4:45:19: 8e:65:e8:44:fd:6f:a0:be:6c:02:91:89:8b:f6:66: 28:06:ad:32:e5:9c:a2:e9:76:51:0e:d3:1c:0e:b9: d9:08:3e:47:6a:19:fc:27:7d:40:3e:f5:9f:99:f1: a2:5c:3f:24:f8:0e:d6:7c:17:c3:e7:42:35:2c:00: cf:fc:6a:9a:a6:fa:6d:00:03:05:15:5f:fd:46:ca: a1:66:cf:c8:20:d0:f5:7d:fd:9e:33:07:3b:b6:c6: 00:1f:cf:86:72:94:36:59:94:22:26:f9:d4:7a:1b: 7d:29:48:ec:05:46:0d:dd:d4:1b:b7:21:47:d4:08: 5c:f2:5d:8e:4f:b0:a8:61:0c:1f:12:23:ce:42:1b: bd:b8:5d:45:29:98:1e:45:43:0a:85:de:e7:3f:d2: 84:9a:e1:8c:a9:d9:4c:92:96:f5:ae:10:4b:58:bc: 78:44:df:cc:0a:eb:ea:7e:75:ac:58:57:c3:ed:d2: aa:ab:56:11:53:da:29:41:7b:55:a2:3a:02:2b:56: 6a:ac:ba:94:9a:be:b3:a1:0f:fa:b8:0c:d2:ff:f4: d2:22:15:ee:23:f5:40:37:38:a9:12:a8:7c:bb:fa: 4b:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:93:2C:E9:B3:CA:E1:C7:F8:B9:6E:E7:E6:A0:2C:C6:B0:D4:2E:44 X509v3 Authority Key Identifier: keyid:FB:78:39:13:67:C8:AD:97:D1:A9:C2:1A:35:32:85:AD:5E:68:8D:1C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2508/-3g5E2fIrZfRqcIaNTKFrV5ojRw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-3g5E2fIrZfRqcIaNTKFrV5ojRw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2508/TpMs6bPK4cf4uW7n5qAsxrDULkQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.44.144.0/22 Signature Algorithm: sha256WithRSAEncryption b6:ab:ae:e9:01:fd:62:20:df:92:4a:75:f7:39:f0:1b:2f:cd: 6e:a6:e0:6a:dd:2e:9e:de:f3:0b:f2:14:d8:23:93:37:8b:cd: 74:38:9f:e3:65:63:bc:bf:8e:3e:27:db:af:03:6a:27:ed:f5: f2:e2:48:f0:73:e9:56:12:41:72:45:d4:0c:70:cf:71:58:ab: 6f:cf:37:d8:2e:02:b9:ee:29:87:f4:dd:23:ab:8a:ea:19:d3: bc:68:bd:63:bb:de:62:47:4c:f2:4c:87:76:37:f9:39:d9:ee: cb:01:f1:57:11:b0:17:40:37:7f:51:28:3c:38:5a:f4:dd:0a: b9:44:99:31:f5:d3:6c:3c:79:0d:1b:7d:a0:f9:b9:f9:78:97: 27:68:70:b0:b9:f9:78:be:c3:f5:a2:6b:43:19:d3:c0:39:f6: 34:49:84:f6:b9:02:52:94:34:73:c5:87:0c:7e:8c:4d:77:a1: b9:27:21:f3:ad:5a:fd:d4:a1:21:8b:5b:dc:07:30:15:c1:eb: 45:17:f8:41:f4:c0:37:7e:fb:28:2b:2f:6b:6f:60:0e:79:0c: ca:80:76:dc:d6:c2:e0:fd:4e:4d:bb:81:72:53:6c:72:c9:ed: f4:80:66:e9:c7:58:0c:e6:62:fe:d8:67:cc:53:29:8a:f4:b2: 33:a1:31:96 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGMwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkI3 ODM5MTM2N0M4QUQ5N0QxQTlDMjFBMzUzMjg1QUQ1RTY4OEQxQzAeFw0yNTA5MTkx OTMzNDVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDRFOTMyQ0U5QjNDQUUx QzdGOEI5NkVFN0U2QTAyQ0M2QjBENDJFNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGdtlwiUNGzioslsDylT0pOPqU9n9ypcQMv7RFGY5l6ET9b6C+ bAKRiYv2ZigGrTLlnKLpdlEO0xwOudkIPkdqGfwnfUA+9Z+Z8aJcPyT4DtZ8F8Pn QjUsAM/8apqm+m0AAwUVX/1GyqFmz8gg0PV9/Z4zBzu2xgAfz4ZylDZZlCIm+dR6 G30pSOwFRg3d1Bu3IUfUCFzyXY5PsKhhDB8SI85CG724XUUpmB5FQwqF3uc/0oSa 4Yyp2UySlvWuEEtYvHhE38wK6+p+daxYV8Pt0qqrVhFT2ilBe1WiOgIrVmqsupSa vrOhD/q4DNL/9NIiFe4j9UA3OKkSqHy7+kvjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUTpMs6bPK4cf4uW7n5qAsxrDULkQwHwYDVR0jBBgwFoAU+3g5E2fIrZfRqcIa NTKFrV5ojRwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUw OC8tM2c1RTJmSXJaZlJxY0lhTlRLRnJWNW9qUncuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLy0zZzVFMmZJclpmUnFjSWFOVEtGclY1b2pSdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MDgvVHBNczZiUEs0Y2Y0 dVc3bjVxQXN4ckRVTGtRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmcskDANBgkqhkiG9w0BAQsFAAOCAQEAtquu6QH9YiDfkkp19znwGy/Nbqbg at0unt7zC/IU2COTN4vNdDif42VjvL+OPifbrwNqJ+318uJI8HPpVhJBckXUDHDP cVirb8832C4Cue4ph/TdI6uK6hnTvGi9Y7veYkdM8kyHdjf5OdnuywHxVxGwF0A3 f1EoPDha9N0KuUSZMfXTbDx5DRt9oPm5+XiXJ2hwsLn5eL7D9aJrQxnTwDn2NEmE 9rkCUpQ0c8WHDH6MTXehuSch861a/dShIYtb3AcwFcHrRRf4QfTAN377KCsva29g DnkMyoB23NbC4P1OTbuBclNscsnt9IBm6cdYDOZi/thnzFMpivSyM6Exlg== -----END CERTIFICATE-----Generated at Mon Oct 20 23:28:41 2025 by rpki-client