$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2618/mfehLdMxOl0f-IZiSB9uOhDcYeY.roa File: mfehLdMxOl0f-IZiSB9uOhDcYeY.roa (raw, json) Hash identifier: n6lU7gobMpe3yBX3oBWMDem6twM0TGI2lZ6jEGt5qbc= Subject key identifier: 99:F7:A1:2D:D3:31:3A:5D:1F:F8:86:62:48:1F:6E:3A:10:DC:61:E6 Certificate issuer: /CN=0136041A2F53F26B420D6BD4FD0E9C2D77320971 Certificate serial: 4F8D Authority key identifier: 01:36:04:1A:2F:53:F2:6B:42:0D:6B:D4:FD:0E:9C:2D:77:32:09:71 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/mfehLdMxOl0f-IZiSB9uOhDcYeY.roa Signing time: Sat 13 Sep 2025 03:02:34 +0000 ROA not before: Sat 13 Sep 2025 03:02:34 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63603 IP address blocks: 163.53.46.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 15:00:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20365 (0x4f8d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0136041A2F53F26B420D6BD4FD0E9C2D77320971 Validity Not Before: Sep 13 03:02:34 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=99F7A12DD3313A5D1FF88662481F6E3A10DC61E6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:9b:55:88:ca:47:25:e0:26:a4:8e:2b:73:62: c2:a1:a6:9b:60:fd:7e:e9:e4:7b:fa:ed:14:ef:33: 25:f2:c1:91:80:e4:19:4a:36:9d:0e:99:fb:0c:40: 40:31:57:95:4e:15:da:a0:7a:0f:70:a4:22:65:b5: 2a:62:e4:d4:7b:58:b0:4c:9c:4c:72:f7:21:80:99: cb:85:0d:b1:7d:05:18:80:f4:a3:95:1f:ea:e9:2b: d6:e1:67:d4:ae:5d:29:06:a8:ca:32:62:82:d9:4d: b3:00:b7:0e:e4:c3:54:5d:fa:07:e1:52:c4:9c:c5: d4:b4:bc:9a:bd:40:fe:47:10:c5:1f:c5:1f:18:63: 7c:30:27:c0:6e:ed:da:73:bb:dc:b2:e8:21:78:dd: 0a:d9:9f:a8:72:03:c3:c0:4a:7e:5f:83:04:16:98: 4e:db:ed:39:15:3a:94:9f:6f:df:03:2f:df:7c:eb: 2e:c9:7a:de:90:17:66:62:44:cd:ef:f2:92:32:05: 66:bb:d5:5f:d1:2d:b0:5f:fd:2e:f7:63:2d:e2:99: 0a:e0:8c:49:0a:bc:b5:7e:54:b5:02:01:da:15:4b: 00:12:52:7d:6a:5c:2c:c9:b0:dc:69:5f:3f:98:04: c4:74:ec:5b:83:a7:b5:68:25:8f:f6:5b:92:76:c9: ea:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:F7:A1:2D:D3:31:3A:5D:1F:F8:86:62:48:1F:6E:3A:10:DC:61:E6 X509v3 Authority Key Identifier: keyid:01:36:04:1A:2F:53:F2:6B:42:0D:6B:D4:FD:0E:9C:2D:77:32:09:71 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ATYEGi9T8mtCDWvU_Q6cLXcyCXE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2618/mfehLdMxOl0f-IZiSB9uOhDcYeY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 163.53.46.0/24 Signature Algorithm: sha256WithRSAEncryption 0e:27:33:83:ef:f0:86:ee:23:8c:ff:1a:23:c0:71:6f:97:59: 29:7a:60:e4:fd:94:d9:e1:b1:53:f4:22:6a:4b:ee:4c:e0:1b: ad:b9:c8:a6:d3:19:40:b1:a9:1b:21:11:4a:02:e6:de:cf:9b: 5a:14:4f:f4:e6:20:54:83:4c:3b:97:61:16:cd:e9:d9:b1:47: 7f:fb:82:7e:c7:1c:26:6d:45:88:93:5f:18:ff:b3:57:0d:06: c5:26:59:fd:1b:9d:8b:6f:42:4a:72:ce:6c:fe:96:1e:d7:ea: de:54:81:36:ef:e2:42:40:59:8c:7c:68:e0:8a:fe:42:89:4c: 9a:fb:6c:d1:53:e6:b5:87:6b:aa:fc:dc:f0:a5:1d:32:20:5d: bc:2b:64:8d:71:f4:ca:a1:00:5c:a0:71:89:50:e8:dc:99:d3: d0:d9:26:1f:92:8f:71:c8:8b:58:fe:8a:c0:2d:4a:cb:dd:f2: 5a:24:c2:af:7e:30:22:30:57:d5:0e:18:26:38:d5:48:a1:4e: c2:f6:e6:fc:29:67:27:9a:46:a6:c3:df:73:8e:bc:c0:80:11: e0:df:d3:7c:3e:0d:24:61:bd:7f:c1:4c:02:2d:11:53:88:78: 0a:de:3a:62:f2:eb:f2:9b:b5:d5:e7:4b:4d:86:7b:37:67:e8: ad:fe:ce:ee -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICT40wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEz NjA0MUEyRjUzRjI2QjQyMEQ2QkQ0RkQwRTlDMkQ3NzMyMDk3MTAeFw0yNTA5MTMw MzAyMzRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDk5RjdBMTJERDMzMTNB NUQxRkY4ODY2MjQ4MUY2RTNBMTBEQzYxRTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4m1WIykcl4CakjitzYsKhpptg/X7p5Hv67RTvMyXywZGA5BlK Np0OmfsMQEAxV5VOFdqgeg9wpCJltSpi5NR7WLBMnExy9yGAmcuFDbF9BRiA9KOV H+rpK9bhZ9SuXSkGqMoyYoLZTbMAtw7kw1Rd+gfhUsScxdS0vJq9QP5HEMUfxR8Y Y3wwJ8Bu7dpzu9yy6CF43QrZn6hyA8PASn5fgwQWmE7b7TkVOpSfb98DL9986y7J et6QF2ZiRM3v8pIyBWa71V/RLbBf/S73Yy3imQrgjEkKvLV+VLUCAdoVSwASUn1q XCzJsNxpXz+YBMR07FuDp7VoJY/2W5J2yeqHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUmfehLdMxOl0f+IZiSB9uOhDcYeYwHwYDVR0jBBgwFoAUATYEGi9T8mtCDWvU /Q6cLXcyCXEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYx OC9BVFlFR2k5VDhtdENEV3ZVX1E2Y0xYY3lDWEUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FUWUVHaTlUOG10Q0RXdlVfUTZjTFhjeUNYRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MTgvbWZlaExkTXhPbDBm LUlaaVNCOXVPaERjWWVZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAKM1LjANBgkqhkiG9w0BAQsFAAOCAQEADiczg+/whu4jjP8aI8Bxb5dZKXpg 5P2U2eGxU/QiakvuTOAbrbnIptMZQLGpGyERSgLm3s+bWhRP9OYgVINMO5dhFs3p 2bFHf/uCfsccJm1FiJNfGP+zVw0GxSZZ/Rudi29CSnLObP6WHtfq3lSBNu/iQkBZ jHxo4Ir+QolMmvts0VPmtYdrqvzc8KUdMiBdvCtkjXH0yqEAXKBxiVDo3JnT0Nkm H5KPcciLWP6KwC1Ky93yWiTCr34wIjBX1Q4YJjjVSKFOwvbm/ClnJ5pGpsPfc468 wIAR4N/TfD4NJGG9f8FMAi0RU4h4Ct46YvLr8pu11edLTYZ7N2forf7O7g== -----END CERTIFICATE-----Generated at Tue Oct 21 13:27:59 2025 by rpki-client