$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2618/fTnsAq-nYxMPC2yJwoC13w2UuLk.roa File: fTnsAq-nYxMPC2yJwoC13w2UuLk.roa (raw, json) Hash identifier: jFmHe4BkqyRGfRC3sFzmFBQojOAoAG2h4AXZKCXK/MQ= Subject key identifier: 7D:39:EC:02:AF:A7:63:13:0F:0B:6C:89:C2:80:B5:DF:0D:94:B8:B9 Certificate issuer: /CN=0136041A2F53F26B420D6BD4FD0E9C2D77320971 Certificate serial: 4F8F Authority key identifier: 01:36:04:1A:2F:53:F2:6B:42:0D:6B:D4:FD:0E:9C:2D:77:32:09:71 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/fTnsAq-nYxMPC2yJwoC13w2UuLk.roa Signing time: Sat 13 Sep 2025 03:02:35 +0000 ROA not before: Sat 13 Sep 2025 03:02:35 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63603 IP address blocks: 103.102.198.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 15:00:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20367 (0x4f8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0136041A2F53F26B420D6BD4FD0E9C2D77320971 Validity Not Before: Sep 13 03:02:35 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=7D39EC02AFA763130F0B6C89C280B5DF0D94B8B9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:fc:df:56:34:54:cc:6a:6b:a1:5f:0e:ff:c7: c8:d1:a4:8a:e5:57:85:0b:a3:ac:9a:a0:5e:8e:f2: 71:b5:d2:da:3e:94:e8:66:98:81:d5:ce:7e:a5:bb: 09:88:e8:ab:26:d3:a2:51:d9:4b:32:51:c4:1d:0a: a2:50:8e:08:37:93:08:5e:62:04:a7:81:8e:56:f2: a9:15:3c:fb:02:2e:9d:d5:37:d7:bb:53:af:b3:bf: 69:1b:ab:76:b5:c4:e7:8e:f5:70:ed:36:be:a9:c4: fd:58:5b:31:a0:84:25:51:3f:3e:59:ce:cd:57:61: 63:c5:ea:09:e7:88:6c:4c:99:8b:3a:c8:11:01:4c: b8:f5:0f:86:90:7e:ad:e9:d5:9a:33:b5:e3:4d:1d: bc:dc:0f:76:d1:4f:05:77:41:92:33:88:74:21:bd: ff:e8:6b:eb:ee:ac:20:7b:43:d4:6a:7b:15:31:1b: 51:a9:59:77:76:59:55:39:32:7b:13:61:bf:f9:5a: 90:a8:5a:e3:b1:ad:99:cc:94:57:c0:9d:39:1b:99: 65:52:25:f0:76:24:3f:18:01:4b:a4:ca:11:29:8b: 29:c7:34:89:5d:40:73:80:2d:59:e8:e4:b7:9c:79: 8d:8e:70:1b:62:e6:ef:df:85:cb:31:58:88:12:c5: ef:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:39:EC:02:AF:A7:63:13:0F:0B:6C:89:C2:80:B5:DF:0D:94:B8:B9 X509v3 Authority Key Identifier: keyid:01:36:04:1A:2F:53:F2:6B:42:0D:6B:D4:FD:0E:9C:2D:77:32:09:71 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/fTnsAq-nYxMPC2yJwoC13w2UuLk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.102.198.0/24 Signature Algorithm: sha256WithRSAEncryption 38:3f:c3:59:87:20:2d:68:f2:54:a3:05:b9:fe:32:2c:4b:20: 7b:e4:86:cf:a4:36:36:55:b5:bb:a7:88:90:b1:03:9b:ce:9a: 76:40:a5:4f:23:33:34:00:d2:98:42:01:87:32:1b:22:db:13: 72:d1:d1:52:20:62:d0:a7:8c:00:1c:5c:f2:2d:1a:e0:15:fd: 8c:96:28:09:e7:63:06:16:00:d1:3b:1c:81:ba:61:ba:61:5d: 74:e7:25:f9:75:85:73:65:22:bf:cd:1a:a3:28:ac:01:43:52: b7:a3:a7:2b:42:ec:d5:85:52:ce:b4:2f:6f:44:f5:09:14:6a: 92:2d:e3:45:99:09:6a:ad:07:24:6a:d1:d1:78:58:fb:f9:4e: 3a:b8:4b:15:24:8f:d6:e9:ca:3c:29:64:45:64:a1:90:bc:cb: ef:ec:94:96:16:e2:77:04:c4:c2:8a:4c:81:39:e1:61:63:14: 42:78:55:cf:92:a7:20:1f:33:01:2d:0b:44:65:6d:4b:32:59: f1:05:a9:88:41:e4:b2:81:6f:00:e7:47:1e:44:fe:75:69:ed: 06:58:6b:95:ba:e1:90:12:b8:1c:86:e1:19:8b:27:ba:2d:b7: 56:9c:37:1d:d7:43:22:39:f5:b1:e2:1e:21:73:5d:36:69:a2: f1:f9:d3:f5 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICT48wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEz NjA0MUEyRjUzRjI2QjQyMEQ2QkQ0RkQwRTlDMkQ3NzMyMDk3MTAeFw0yNTA5MTMw MzAyMzVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDdEMzlFQzAyQUZBNzYz MTMwRjBCNkM4OUMyODBCNURGMEQ5NEI4QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCS/N9WNFTMamuhXw7/x8jRpIrlV4ULo6yaoF6O8nG10to+lOhm mIHVzn6luwmI6Ksm06JR2UsyUcQdCqJQjgg3kwheYgSngY5W8qkVPPsCLp3VN9e7 U6+zv2kbq3a1xOeO9XDtNr6pxP1YWzGghCVRPz5Zzs1XYWPF6gnniGxMmYs6yBEB TLj1D4aQfq3p1ZozteNNHbzcD3bRTwV3QZIziHQhvf/oa+vurCB7Q9RqexUxG1Gp WXd2WVU5MnsTYb/5WpCoWuOxrZnMlFfAnTkbmWVSJfB2JD8YAUukyhEpiynHNIld QHOALVno5LeceY2OcBti5u/fhcsxWIgSxe/HAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUfTnsAq+nYxMPC2yJwoC13w2UuLkwHwYDVR0jBBgwFoAUATYEGi9T8mtCDWvU /Q6cLXcyCXEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYx OC9BVFlFR2k5VDhtdENEV3ZVX1E2Y0xYY3lDWEUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FUWUVHaTlUOG10Q0RXdlVfUTZjTFhjeUNYRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MTgvZlRuc0FxLW5ZeE1Q QzJ5SndvQzEzdzJVdUxrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGdmxjANBgkqhkiG9w0BAQsFAAOCAQEAOD/DWYcgLWjyVKMFuf4yLEsge+SG z6Q2NlW1u6eIkLEDm86adkClTyMzNADSmEIBhzIbItsTctHRUiBi0KeMABxc8i0a 4BX9jJYoCedjBhYA0TscgbphumFddOcl+XWFc2Uiv80aoyisAUNSt6OnK0Ls1YVS zrQvb0T1CRRqki3jRZkJaq0HJGrR0XhY+/lOOrhLFSSP1unKPClkRWShkLzL7+yU lhbidwTEwopMgTnhYWMUQnhVz5KnIB8zAS0LRGVtSzJZ8QWpiEHksoFvAOdHHkT+ dWntBlhrlbrhkBK4HIbhGYsnui23Vpw3HddDIjn1seIeIXNdNmmi8fnT9Q== -----END CERTIFICATE-----Generated at Tue Oct 21 13:28:00 2025 by rpki-client