$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2618/2ZNG3G15upo8DORIFiVyLWoui78.roa File: 2ZNG3G15upo8DORIFiVyLWoui78.roa (raw, json) Hash identifier: /g1ANhvVUUwRjtioqGKC6HhkujrV1TiAQQd00tluKNY= Subject key identifier: D9:93:46:DC:6D:79:BA:9A:3C:0C:E4:48:16:25:72:2D:6A:2E:8B:BF Certificate issuer: /CN=0136041A2F53F26B420D6BD4FD0E9C2D77320971 Certificate serial: 4F8C Authority key identifier: 01:36:04:1A:2F:53:F2:6B:42:0D:6B:D4:FD:0E:9C:2D:77:32:09:71 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/2ZNG3G15upo8DORIFiVyLWoui78.roa Signing time: Sat 13 Sep 2025 03:02:34 +0000 ROA not before: Sat 13 Sep 2025 03:02:34 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63603 IP address blocks: 163.53.47.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 15:00:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20364 (0x4f8c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0136041A2F53F26B420D6BD4FD0E9C2D77320971 Validity Not Before: Sep 13 03:02:34 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D99346DC6D79BA9A3C0CE4481625722D6A2E8BBF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:6a:58:6b:b7:d4:69:54:a5:b8:c6:3e:61:19: 49:c4:63:7d:c0:89:28:15:11:03:f5:cb:3a:82:3a: a7:6d:07:f2:fb:00:06:e3:98:b6:bf:52:61:35:11: 56:f6:fa:22:41:4b:41:99:02:7c:83:33:10:02:d6: 17:0a:7e:15:b5:fa:03:73:f1:21:86:7e:e0:4a:b4: 7b:1a:31:14:29:fb:f4:f7:06:26:4f:2e:cc:89:0f: 45:61:f2:26:c2:bc:fb:fe:df:3a:d6:03:59:92:19: 32:c8:82:69:d9:4c:79:8b:9b:23:cd:1a:56:f3:44: 03:b3:77:2e:2a:88:ec:25:e8:18:5a:2c:2d:6d:f4: 51:cd:d1:52:b5:05:21:60:35:a3:08:8b:e8:83:0a: 5b:77:dc:95:b3:18:10:62:a7:53:ed:52:0c:94:24: be:e6:18:f3:1e:ba:f7:1e:af:ab:87:bb:dd:f0:ee: 0c:a6:9c:2b:bf:c0:49:30:33:c2:e1:90:72:8d:89: 71:aa:4e:18:09:c3:ca:c6:3f:da:a8:5b:f1:e1:27: cc:60:d5:9d:1a:e9:d9:57:16:47:eb:6d:64:9e:8d: c6:bc:c7:75:1e:b2:6a:50:13:83:80:67:b6:14:8e: a8:fc:7c:86:52:e1:1c:3c:2f:e1:b2:83:73:46:00: 1a:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:93:46:DC:6D:79:BA:9A:3C:0C:E4:48:16:25:72:2D:6A:2E:8B:BF X509v3 Authority Key Identifier: keyid:01:36:04:1A:2F:53:F2:6B:42:0D:6B:D4:FD:0E:9C:2D:77:32:09:71 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/2ZNG3G15upo8DORIFiVyLWoui78.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 163.53.47.0/24 Signature Algorithm: sha256WithRSAEncryption 4f:60:3a:69:0b:93:b0:8e:1d:ee:9a:d3:26:e3:23:bc:51:80: e2:6b:3f:b2:88:b7:f9:cb:a0:d3:d9:4f:00:d3:86:49:42:63: 2e:64:69:fc:ef:b8:a7:a9:53:b3:0a:41:e8:1d:db:78:04:07: 18:c0:07:0f:b0:3f:d7:0d:db:52:56:d7:59:45:ee:28:df:c5: aa:e1:86:4d:0d:89:50:78:d4:02:51:db:de:b3:4c:07:7b:a7: b9:3d:1f:ce:c0:85:e8:46:b2:fe:1b:62:39:2f:a0:2d:52:ba: 1c:a7:ed:8a:14:36:38:26:ac:bf:b1:e0:7b:67:3e:4d:ab:25: 2c:a9:07:11:bb:5d:d8:04:ec:d4:d6:2b:db:c8:1f:1f:2e:f2: d4:03:5d:2f:b6:1e:64:ce:64:6c:ac:ce:e6:45:e2:3f:54:cd: fa:cd:8e:74:f9:9a:6a:dd:c3:b5:de:a8:de:16:91:48:73:b2: e1:70:9b:f3:94:6a:b8:a4:87:64:11:70:c9:3e:74:ad:46:03: 0b:30:a9:de:0d:7c:75:05:ed:0c:91:c4:4b:55:d3:db:f9:d0: 70:b8:fa:ec:a1:23:36:18:76:fc:95:2d:8c:18:98:94:26:55: f4:ff:5b:d2:86:1e:f5:5e:48:73:16:c1:bc:ae:2e:69:db:c0: 5f:b0:0d:6e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICT4wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEz NjA0MUEyRjUzRjI2QjQyMEQ2QkQ0RkQwRTlDMkQ3NzMyMDk3MTAeFw0yNTA5MTMw MzAyMzRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQ5OTM0NkRDNkQ3OUJB OUEzQzBDRTQ0ODE2MjU3MjJENkEyRThCQkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCjalhrt9RpVKW4xj5hGUnEY33AiSgVEQP1yzqCOqdtB/L7AAbj mLa/UmE1EVb2+iJBS0GZAnyDMxAC1hcKfhW1+gNz8SGGfuBKtHsaMRQp+/T3BiZP LsyJD0Vh8ibCvPv+3zrWA1mSGTLIgmnZTHmLmyPNGlbzRAOzdy4qiOwl6BhaLC1t 9FHN0VK1BSFgNaMIi+iDClt33JWzGBBip1PtUgyUJL7mGPMeuvcer6uHu93w7gym nCu/wEkwM8LhkHKNiXGqThgJw8rGP9qoW/HhJ8xg1Z0a6dlXFkfrbWSejca8x3Ue smpQE4OAZ7YUjqj8fIZS4Rw8L+Gyg3NGABrbAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU2ZNG3G15upo8DORIFiVyLWoui78wHwYDVR0jBBgwFoAUATYEGi9T8mtCDWvU /Q6cLXcyCXEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYx OC9BVFlFR2k5VDhtdENEV3ZVX1E2Y0xYY3lDWEUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FUWUVHaTlUOG10Q0RXdlVfUTZjTFhjeUNYRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MTgvMlpORzNHMTV1cG84 RE9SSUZpVnlMV291aTc4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAKM1LzANBgkqhkiG9w0BAQsFAAOCAQEAT2A6aQuTsI4d7prTJuMjvFGA4ms/ soi3+cug09lPANOGSUJjLmRp/O+4p6lTswpB6B3beAQHGMAHD7A/1w3bUlbXWUXu KN/FquGGTQ2JUHjUAlHb3rNMB3unuT0fzsCF6Eay/htiOS+gLVK6HKftihQ2OCas v7Hge2c+TaslLKkHEbtd2ATs1NYr28gfHy7y1ANdL7YeZM5kbKzO5kXiP1TN+s2O dPmaat3Dtd6o3haRSHOy4XCb85RquKSHZBFwyT50rUYDCzCp3g18dQXtDJHES1XT 2/nQcLj67KEjNhh2/JUtjBiYlCZV9P9b0oYe9V5IcxbBvK4uadvAX7ANbg== -----END CERTIFICATE-----Generated at Tue Oct 21 13:28:00 2025 by rpki-client