$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/y5Q6HA5D5GRz6BmwK7FhJJIsJ5Q.roa File: y5Q6HA5D5GRz6BmwK7FhJJIsJ5Q.roa (raw, json) Hash identifier: Y+vesANaLlontYNQRMtnp1uxSgTzZMGCOsbIQKg1hEU= Subject key identifier: CB:94:3A:1C:0E:43:E4:64:73:E8:19:B0:2B:B1:61:24:92:2C:27:94 Certificate issuer: /CN=CDEF7111DE98BD756D92B34D394DA2D39EFF9B8E Certificate serial: 1753 Authority key identifier: CD:EF:71:11:DE:98:BD:75:6D:92:B3:4D:39:4D:A2:D3:9E:FF:9B:8E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ze9xEd6YvXVtkrNNOU2i057_m44.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/y5Q6HA5D5GRz6BmwK7FhJJIsJ5Q.roa Signing time: Sat 13 Sep 2025 03:03:33 +0000 ROA not before: Sat 13 Sep 2025 03:03:33 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 58593 IP address blocks: 42.159.0.0/16 maxlen: 24 42.159.0.0/18 maxlen: 24 42.159.64.0/18 maxlen: 24 42.159.128.0/18 maxlen: 24 42.159.128.0/24 maxlen: 24 42.159.192.0/18 maxlen: 24 103.9.8.0/22 maxlen: 24 103.9.8.0/23 maxlen: 24 103.9.8.0/24 maxlen: 24 103.9.10.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/ze9xEd6YvXVtkrNNOU2i057_m44.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/ze9xEd6YvXVtkrNNOU2i057_m44.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ze9xEd6YvXVtkrNNOU2i057_m44.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 03:36:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5971 (0x1753) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CDEF7111DE98BD756D92B34D394DA2D39EFF9B8E Validity Not Before: Sep 13 03:03:33 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CB943A1C0E43E46473E819B02BB16124922C2794 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:92:b5:cd:42:02:6d:f5:a0:5d:b2:12:36:92: aa:d9:fa:5d:ea:03:95:28:24:21:e6:6e:2a:a3:d5: 3e:25:3c:ab:1f:af:a7:5f:1d:95:97:f0:a9:e7:29: 8e:cc:9c:9c:d2:51:9a:4f:46:50:38:ef:d5:91:cc: da:de:2f:dd:ae:c9:7a:c0:f6:03:20:23:d3:f5:67: 2c:41:38:b3:49:3b:9f:fc:7f:d9:ae:33:f0:2f:4d: d6:71:ab:98:79:9a:e0:1a:4d:b3:81:e2:b7:6c:9b: bc:b2:fc:4d:81:5f:3e:b9:b9:e6:8e:ce:81:e7:78: 08:81:4f:18:1e:d7:94:b8:59:4c:57:a4:85:2e:cf: 31:07:8f:32:6b:04:82:45:47:c8:21:07:dc:64:97: ab:e5:00:af:88:cf:27:8c:f2:cd:3a:01:ac:e8:1a: b2:82:de:2d:ec:31:32:4d:43:58:b1:21:c1:d4:9c: 2e:a9:77:18:33:76:ba:88:af:d2:a0:d7:0c:29:4a: 23:f5:49:4e:d0:fa:11:17:62:cd:31:cd:2a:ef:ac: 96:92:b7:57:d9:13:e8:95:2f:b9:31:b9:02:5b:37: d9:e2:f9:bf:4c:93:86:88:dc:b5:f7:e8:af:35:d5: 39:1a:84:3d:b9:5f:4a:0a:d0:5e:5c:eb:c3:f2:e4: fe:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:94:3A:1C:0E:43:E4:64:73:E8:19:B0:2B:B1:61:24:92:2C:27:94 X509v3 Authority Key Identifier: keyid:CD:EF:71:11:DE:98:BD:75:6D:92:B3:4D:39:4D:A2:D3:9E:FF:9B:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/ze9xEd6YvXVtkrNNOU2i057_m44.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ze9xEd6YvXVtkrNNOU2i057_m44.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/y5Q6HA5D5GRz6BmwK7FhJJIsJ5Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 42.159.0.0/16 103.9.8.0/22 Signature Algorithm: sha256WithRSAEncryption 6f:2b:54:b4:40:9d:5a:85:0c:00:bd:a3:25:66:99:88:c6:7f: d2:0c:45:85:06:8c:36:20:9c:5f:5e:3c:e5:8a:c7:a7:ff:96: 85:12:4d:6c:f6:07:52:32:5c:7a:f1:cb:b1:5d:7a:ad:ab:ee: b1:64:f3:af:f2:60:00:80:f7:a9:df:67:1b:e5:06:4e:aa:92: 97:bc:80:3d:1b:13:be:7c:81:2f:18:bb:50:d5:7e:02:4e:83: 93:3c:89:66:c0:68:a1:8e:22:0c:5a:59:fb:8f:16:3c:82:2e: 57:72:a1:1b:eb:92:f9:01:1c:21:d4:57:c1:ce:3b:f4:54:20: cf:8b:a5:33:b3:8e:8a:67:0a:3b:46:a8:8e:1c:a1:75:38:c4: 03:82:5a:e8:6d:83:b3:9a:14:87:7d:ff:a5:c7:78:34:99:79: 14:a4:2f:e1:26:40:d6:cb:96:03:86:37:67:fa:71:5f:28:93: c8:8b:04:29:36:04:21:e2:60:c3:5d:b7:17:a3:2b:83:09:31: 1b:96:d7:c2:7a:23:5a:91:41:91:75:b9:55:1d:d7:1c:7f:b4: f6:8b:c5:7d:3b:f2:50:2a:0b:c7:10:a0:a3:69:66:ae:b1:e3: 7b:5a:46:6e:a3:16:5a:34:0d:01:33:9b:5b:ff:9d:d4:f6:93: d1:99:12:29 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgICF1MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0RF RjcxMTFERTk4QkQ3NTZEOTJCMzREMzk0REEyRDM5RUZGOUI4RTAeFw0yNTA5MTMw MzAzMzNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENCOTQzQTFDMEU0M0U0 NjQ3M0U4MTlCMDJCQjE2MTI0OTIyQzI3OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKkrXNQgJt9aBdshI2kqrZ+l3qA5UoJCHmbiqj1T4lPKsfr6df HZWX8KnnKY7MnJzSUZpPRlA479WRzNreL92uyXrA9gMgI9P1ZyxBOLNJO5/8f9mu M/AvTdZxq5h5muAaTbOB4rdsm7yy/E2BXz65ueaOzoHneAiBTxge15S4WUxXpIUu zzEHjzJrBIJFR8ghB9xkl6vlAK+IzyeM8s06AazoGrKC3i3sMTJNQ1ixIcHUnC6p dxgzdrqIr9Kg1wwpSiP1SU7Q+hEXYs0xzSrvrJaSt1fZE+iVL7kxuQJbN9ni+b9M k4aI3LX36K811TkahD25X0oK0F5c68Py5P7nAgMBAAGjggH4MIIB9DAdBgNVHQ4E FgQUy5Q6HA5D5GRz6BmwK7FhJJIsJ5QwHwYDVR0jBBgwFoAUze9xEd6YvXVtkrNN OU2i057/m44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy MC96ZTl4RWQ2WXZYVnRrck5OT1UyaTA1N19tNDQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3plOXhFZDZZdlhWdGtyTk5PVTJpMDU3X200NC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAveTVRNkhBNUQ1R1J6 NkJtd0s3RmhKSklzSjVRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAkBggrBgEFBQcBBwEB/wQVMBMwEQQCAAEw CwMDACqfAwQCZwkIMA0GCSqGSIb3DQEBCwUAA4IBAQBvK1S0QJ1ahQwAvaMlZpmI xn/SDEWFBow2IJxfXjzlisen/5aFEk1s9gdSMlx68cuxXXqtq+6xZPOv8mAAgPep 32cb5QZOqpKXvIA9GxO+fIEvGLtQ1X4CToOTPIlmwGihjiIMWln7jxY8gi5XcqEb 65L5ARwh1FfBzjv0VCDPi6Uzs46KZwo7RqiOHKF1OMQDglrobYOzmhSHff+lx3g0 mXkUpC/hJkDWy5YDhjdn+nFfKJPIiwQpNgQh4mDDXbcXoyuDCTEbltfCeiNakUGR dblVHdccf7T2i8V9O/JQKgvHEKCjaWauseN7WkZuoxZaNA0BM5tb/53U9pPRmRIp -----END CERTIFICATE-----Generated at Tue Oct 21 01:04:52 2025 by rpki-client