$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2625/B4VakvjmikOE0cZukdRqw0KrCTI.roa File: B4VakvjmikOE0cZukdRqw0KrCTI.roa (raw, json) Hash identifier: L9vozjtlPeTyphy2by0sIiAgYomNTYPFBsvoKjJcz0g= Subject key identifier: 07:85:5A:92:F8:E6:8A:43:84:D1:C6:6E:91:D4:6A:C3:42:AB:09:32 Certificate issuer: /CN=C3DAFDFF828F3B435D127064A956F5DD53A2BC3D Certificate serial: 18 Authority key identifier: C3:DA:FD:FF:82:8F:3B:43:5D:12:70:64:A9:56:F5:DD:53:A2:BC:3D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/w9r9_4KPO0NdEnBkqVb13VOivD0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/B4VakvjmikOE0cZukdRqw0KrCTI.roa Signing time: Mon 01 Sep 2025 02:34:51 +0000 ROA not before: Mon 01 Sep 2025 02:34:51 +0000 ROA not after: Fri 28 Aug 2026 02:37:23 +0000 asID: 131541 IP address blocks: 103.103.36.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/w9r9_4KPO0NdEnBkqVb13VOivD0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:36:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24 (0x18) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3DAFDFF828F3B435D127064A956F5DD53A2BC3D Validity Not Before: Sep 1 02:34:51 2025 GMT Not After : Aug 28 02:37:23 2026 GMT Subject: CN=07855A92F8E68A4384D1C66E91D46AC342AB0932 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:ce:e3:e2:b3:45:80:37:f2:86:70:59:86:d6: cf:30:04:8e:d5:44:db:3a:d3:24:45:e2:77:ec:f9: 21:e4:bb:0a:83:eb:59:ca:82:14:ab:0a:88:9d:6a: dc:ea:be:7c:f3:7d:41:1a:5c:eb:10:e1:3a:a3:10: 47:0e:b3:34:f5:52:0e:19:3e:52:b7:70:b8:2f:09: 4e:02:d8:9c:ad:af:10:49:e1:9f:3d:c4:7c:ae:cf: 78:f6:be:7b:e4:07:0e:79:7a:65:45:b6:11:05:38: 45:45:17:c2:49:93:09:57:ff:cf:c5:22:6e:66:bc: e2:99:27:3e:c3:c7:9f:c0:32:28:25:53:57:3f:87: 83:58:29:2b:e5:b8:6c:47:7c:d3:1c:ef:fa:15:68: aa:e9:19:b8:62:b7:7f:47:cf:58:94:6e:21:fa:f2: f3:79:2a:45:c5:d5:12:8e:55:1a:fb:a3:7f:c3:81: 6b:c5:1e:02:97:82:4b:f6:dd:44:f0:b0:33:02:e9: 9e:99:c2:10:e4:67:2b:d3:49:9f:dc:b4:e0:e8:db: 72:40:9a:8c:44:fa:f2:25:94:46:86:63:9c:6a:9c: 95:b3:bc:d5:c4:25:96:85:10:1f:66:ad:67:ef:10: c6:52:5c:da:2b:6e:59:ee:5b:61:8b:6b:13:3b:51: 56:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:85:5A:92:F8:E6:8A:43:84:D1:C6:6E:91:D4:6A:C3:42:AB:09:32 X509v3 Authority Key Identifier: keyid:C3:DA:FD:FF:82:8F:3B:43:5D:12:70:64:A9:56:F5:DD:53:A2:BC:3D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/w9r9_4KPO0NdEnBkqVb13VOivD0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/B4VakvjmikOE0cZukdRqw0KrCTI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.103.36.0/22 Signature Algorithm: sha256WithRSAEncryption 02:fe:64:4a:4a:b6:b2:76:6c:5a:84:9a:49:ce:85:db:a8:1e: b4:1d:31:02:98:02:a4:7b:b6:4d:68:b9:69:1e:b5:7d:ce:10: 30:73:2e:4a:90:61:a1:fc:e3:42:77:b8:b9:54:ca:46:a9:58: 5e:b4:23:25:d1:ed:91:9b:19:85:95:49:5d:ff:5e:21:cc:9f: 9a:3e:75:47:6c:04:3c:7c:d1:c3:89:ea:e2:92:ef:54:5d:36: aa:2d:73:21:e3:85:52:46:f4:48:2f:28:ce:31:f4:8c:aa:d7: b9:3f:5b:95:36:79:a0:b9:e4:2c:b9:40:f4:5f:79:43:62:c0: fc:2c:c6:91:4e:cd:19:1c:7f:8c:31:8f:59:ee:0f:d3:cf:df: 2b:7f:3f:eb:05:a3:02:32:16:2c:89:6f:5d:28:60:b6:87:d3: 06:d6:33:7a:57:13:4b:43:8d:17:4f:ab:fd:1e:a6:ad:6f:85: d7:9c:ba:57:3b:2e:6c:69:22:5f:5a:39:66:cc:1c:62:3d:26: 32:a3:45:64:b0:e2:09:f6:08:8f:95:1c:f8:11:a1:cb:b7:8c: cc:54:3e:30:8e:8d:40:36:b3:4a:38:d0:72:e7:46:b7:9a:3b: 40:99:ea:a1:26:a0:04:78:e7:6e:1e:ca:a9:45:7e:4c:36:a2: 3e:0b:bf:13 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhDM0RB RkRGRjgyOEYzQjQzNUQxMjcwNjRBOTU2RjVERDUzQTJCQzNEMB4XDTI1MDkwMTAy MzQ1MVoXDTI2MDgyODAyMzcyM1owMzExMC8GA1UEAxMoMDc4NTVBOTJGOEU2OEE0 Mzg0RDFDNjZFOTFENDZBQzM0MkFCMDkzMjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANPO4+KzRYA38oZwWYbWzzAEjtVE2zrTJEXid+z5IeS7CoPrWcqC FKsKiJ1q3Oq+fPN9QRpc6xDhOqMQRw6zNPVSDhk+UrdwuC8JTgLYnK2vEEnhnz3E fK7PePa+e+QHDnl6ZUW2EQU4RUUXwkmTCVf/z8Uibma84pknPsPHn8AyKCVTVz+H g1gpK+W4bEd80xzv+hVoqukZuGK3f0fPWJRuIfry83kqRcXVEo5VGvujf8OBa8Ue ApeCS/bdRPCwMwLpnpnCEORnK9NJn9y04OjbckCajET68iWURoZjnGqclbO81cQl loUQH2atZ+8QxlJc2ituWe5bYYtrEztRVr8CAwEAAaOCAfMwggHvMB0GA1UdDgQW BBQHhVqS+OaKQ4TRxm6R1GrDQqsJMjAfBgNVHSMEGDAWgBTD2v3/go87Q10ScGSp VvXdU6K8PTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjI1 L3c5cjlfNEtQTzBOZEVuQmtxVmIxM1ZPaXZEMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdzlyOV80S1BPME5kRW5Ca3FWYjEzVk9pdkQwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYyNS9CNFZha3ZqbWlrT0Uw Y1p1a2RScXcwS3JDVEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ2ckMA0GCSqGSIb3DQEBCwUAA4IBAQAC/mRKSraydmxahJpJzoXbqB60HTEC mAKke7ZNaLlpHrV9zhAwcy5KkGGh/ONCd7i5VMpGqVhetCMl0e2RmxmFlUld/14h zJ+aPnVHbAQ8fNHDieriku9UXTaqLXMh44VSRvRILyjOMfSMqte5P1uVNnmgueQs uUD0X3lDYsD8LMaRTs0ZHH+MMY9Z7g/Tz98rfz/rBaMCMhYsiW9dKGC2h9MG1jN6 VxNLQ40XT6v9Hqatb4XXnLpXOy5saSJfWjlmzBxiPSYyo0VksOIJ9giPlRz4EaHL t4zMVD4wjo1ANrNKONBy50a3mjtAmeqhJqAEeOduHsqpRX5MNqI+C78T -----END CERTIFICATE-----Generated at Mon Oct 20 11:23:45 2025 by rpki-client