$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2618/LRJECCnX55OdUvyz3ONAzIkv5nI.roa File: LRJECCnX55OdUvyz3ONAzIkv5nI.roa (raw, json) Hash identifier: 3zSjtIJYi9xVkXkHnSqHSf/dmCG1ykp7G9yOBv7E9MM= Subject key identifier: 2D:12:44:08:29:D7:E7:93:9D:52:FC:B3:DC:E3:40:CC:89:2F:E6:72 Certificate issuer: /CN=0136041A2F53F26B420D6BD4FD0E9C2D77320971 Certificate serial: 4F91 Authority key identifier: 01:36:04:1A:2F:53:F2:6B:42:0D:6B:D4:FD:0E:9C:2D:77:32:09:71 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/LRJECCnX55OdUvyz3ONAzIkv5nI.roa Signing time: Sat 13 Sep 2025 03:02:35 +0000 ROA not before: Sat 13 Sep 2025 03:02:35 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63603 IP address blocks: 103.102.197.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 15:00:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20369 (0x4f91) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0136041A2F53F26B420D6BD4FD0E9C2D77320971 Validity Not Before: Sep 13 03:02:35 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=2D12440829D7E7939D52FCB3DCE340CC892FE672 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:fb:63:b1:98:b9:bf:9c:6b:4a:1c:74:4b:14: 87:10:96:dd:15:f0:bc:e8:45:8c:58:ac:c9:9a:0a: 62:a2:66:15:ed:b1:1b:c9:89:82:bd:28:22:13:51: df:15:10:38:c2:37:bd:ca:f1:14:bf:3e:4b:25:96: ec:6f:4c:6e:b5:fc:c0:67:e1:02:80:6b:59:09:a6: 57:c4:77:12:a8:81:e4:1d:14:7d:f8:dd:0a:64:dc: 36:c5:8e:b9:ce:19:30:5e:ca:75:0b:84:2a:e0:b1: 93:f9:41:22:b0:a1:a5:4d:e5:e3:c1:96:f4:5e:d9: a5:a7:09:a3:0d:ef:77:e1:0d:1d:ba:92:2c:74:40: ce:ca:dc:8d:88:43:a4:e1:29:22:e3:0c:08:4c:8e: 24:26:a6:a0:57:84:78:a3:cd:83:5e:6a:a0:35:fc: 01:7e:0f:e5:96:9d:cc:92:6b:1b:d8:69:a9:67:5a: 06:18:7c:07:d3:df:70:2f:60:70:a4:f8:8f:51:33: 86:ec:49:82:80:d8:53:3b:c9:bf:74:22:e8:49:59: db:2a:40:52:f1:89:ae:61:d4:10:30:5e:a0:4b:bb: 46:75:2c:06:c5:2c:e0:40:47:3b:f1:33:ee:db:58: 41:68:9d:c8:c5:10:fd:4f:69:fc:5f:35:87:a5:fa: 0e:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:12:44:08:29:D7:E7:93:9D:52:FC:B3:DC:E3:40:CC:89:2F:E6:72 X509v3 Authority Key Identifier: keyid:01:36:04:1A:2F:53:F2:6B:42:0D:6B:D4:FD:0E:9C:2D:77:32:09:71 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/LRJECCnX55OdUvyz3ONAzIkv5nI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.102.197.0/24 Signature Algorithm: sha256WithRSAEncryption c0:6e:ac:02:29:b0:bf:50:6c:79:a1:e8:d6:6c:ea:80:9d:c2: ae:81:70:0d:e4:ec:b5:7a:75:3f:52:70:ea:2f:58:b1:4b:37: 1c:cf:e7:1f:99:f5:15:51:c4:1c:03:2d:28:ff:30:d9:e9:76: 07:b9:7d:54:ec:09:c8:ae:91:1a:8f:a7:ae:70:c8:24:81:e0: 1b:20:54:e1:80:82:19:57:5c:e5:d7:c2:1b:06:27:86:29:f5: 64:89:72:5e:c3:fb:9c:11:37:c2:04:5e:d6:0f:aa:68:79:3b: 28:a3:86:e2:51:45:86:a4:51:cd:69:32:4d:cc:a0:35:3c:b4: 8e:1b:bb:9e:a4:84:86:dc:36:da:44:05:1f:e5:69:96:fe:03: 10:8a:c8:5e:5f:d2:85:12:0c:f5:8d:4b:ee:d6:65:6a:11:53: 67:0c:0e:4a:90:eb:93:fe:a3:39:8b:f4:be:12:9b:f4:70:0e: 70:99:78:f9:9f:d3:f4:4f:fc:36:1b:99:ed:4e:cb:36:c7:9a: 5c:45:33:53:71:0a:cb:d0:f1:cc:ac:9a:8f:19:0b:46:4f:a5: a8:0d:80:98:4e:67:71:a5:09:54:34:e0:23:e6:ca:c4:91:22: c7:0e:c1:ec:86:c2:55:c1:15:d2:1c:e8:e0:c4:56:0e:f7:54: 06:67:c0:36 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICT5EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEz NjA0MUEyRjUzRjI2QjQyMEQ2QkQ0RkQwRTlDMkQ3NzMyMDk3MTAeFw0yNTA5MTMw MzAyMzVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDJEMTI0NDA4MjlEN0U3 OTM5RDUyRkNCM0RDRTM0MENDODkyRkU2NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQ+2OxmLm/nGtKHHRLFIcQlt0V8LzoRYxYrMmaCmKiZhXtsRvJ iYK9KCITUd8VEDjCN73K8RS/PkslluxvTG61/MBn4QKAa1kJplfEdxKogeQdFH34 3Qpk3DbFjrnOGTBeynULhCrgsZP5QSKwoaVN5ePBlvRe2aWnCaMN73fhDR26kix0 QM7K3I2IQ6ThKSLjDAhMjiQmpqBXhHijzYNeaqA1/AF+D+WWncySaxvYaalnWgYY fAfT33AvYHCk+I9RM4bsSYKA2FM7yb90IuhJWdsqQFLxia5h1BAwXqBLu0Z1LAbF LOBARzvxM+7bWEFoncjFEP1PafxfNYel+g51AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQULRJECCnX55OdUvyz3ONAzIkv5nIwHwYDVR0jBBgwFoAUATYEGi9T8mtCDWvU /Q6cLXcyCXEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYx OC9BVFlFR2k5VDhtdENEV3ZVX1E2Y0xYY3lDWEUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FUWUVHaTlUOG10Q0RXdlVfUTZjTFhjeUNYRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MTgvTFJKRUNDblg1NU9k VXZ5ejNPTkF6SWt2NW5JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGdmxTANBgkqhkiG9w0BAQsFAAOCAQEAwG6sAimwv1BseaHo1mzqgJ3CroFw DeTstXp1P1Jw6i9YsUs3HM/nH5n1FVHEHAMtKP8w2el2B7l9VOwJyK6RGo+nrnDI JIHgGyBU4YCCGVdc5dfCGwYnhin1ZIlyXsP7nBE3wgRe1g+qaHk7KKOG4lFFhqRR zWkyTcygNTy0jhu7nqSEhtw22kQFH+Vplv4DEIrIXl/ShRIM9Y1L7tZlahFTZwwO SpDrk/6jOYv0vhKb9HAOcJl4+Z/T9E/8NhuZ7U7LNseaXEUzU3EKy9DxzKyajxkL Rk+lqA2AmE5ncaUJVDTgI+bKxJEixw7B7IbCVcEV0hzo4MRWDvdUBmfANg== -----END CERTIFICATE-----Generated at Tue Oct 21 13:28:00 2025 by rpki-client