$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2671/cqFqWP_u8PMUgu7Wa-ZJA_XHnQQ.roa File: cqFqWP_u8PMUgu7Wa-ZJA_XHnQQ.roa (raw, json) Hash identifier: LrTEljujW0Atd0a1+D8Fc6IgbT9Dits51r67dMvR4wQ= Subject key identifier: 72:A1:6A:58:FF:EE:F0:F3:14:82:EE:D6:6B:E6:49:03:F5:C7:9D:04 Certificate issuer: /CN=DD58B8DEE77B8AFE6E291A5B8205B1313169784F Certificate serial: 21CD Authority key identifier: DD:58:B8:DE:E7:7B:8A:FE:6E:29:1A:5B:82:05:B1:31:31:69:78:4F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3Vi43ud7iv5uKRpbggWxMTFpeE8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2671/cqFqWP_u8PMUgu7Wa-ZJA_XHnQQ.roa Signing time: Sat 13 Sep 2025 03:07:53 +0000 ROA not before: Sat 13 Sep 2025 03:07:53 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 62387 IP address blocks: 103.108.164.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2671/3Vi43ud7iv5uKRpbggWxMTFpeE8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2671/3Vi43ud7iv5uKRpbggWxMTFpeE8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3Vi43ud7iv5uKRpbggWxMTFpeE8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Oct 2025 23:36:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8653 (0x21cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DD58B8DEE77B8AFE6E291A5B8205B1313169784F Validity Not Before: Sep 13 03:07:53 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=72A16A58FFEEF0F31482EED66BE64903F5C79D04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:c0:c8:90:ba:20:8f:f5:36:d8:2e:89:d0:53: 83:65:53:ff:9c:8d:32:15:cd:41:2c:22:81:cd:9b: 6c:1f:df:b8:3c:50:b3:4b:db:50:c4:35:65:ef:b8: a3:5f:5d:d8:d4:33:96:57:1d:fa:ce:d0:70:ba:b0: 2f:f0:89:b9:4c:7c:b2:1e:10:96:ef:d9:14:e3:f7: 19:f9:e1:4a:9f:d4:a3:63:5f:47:cf:f1:04:c6:c7: e1:03:9b:cd:68:7f:6f:16:00:2b:1e:f4:98:79:b9: 96:39:c3:65:d7:bf:74:49:c1:da:0e:72:11:e1:15: a7:9c:65:bd:3c:db:0b:ac:25:90:0c:53:2f:88:48: 62:bf:c4:2f:0e:79:0c:b9:07:5a:02:12:d5:40:d6: 6d:9c:e3:c7:b6:c3:70:52:43:c4:dd:65:f7:66:1f: 3c:30:76:e8:63:42:c4:36:2d:1a:90:13:9e:dc:6a: d6:f9:d5:fd:e2:08:66:96:24:d4:fd:b6:ef:01:8c: 7b:31:3d:70:a5:32:6e:77:84:f0:6e:2c:55:f9:7e: 5c:a3:65:06:7d:2e:da:0c:78:92:f9:78:2f:34:66: 6e:27:df:66:40:45:9a:bf:f6:f6:50:c2:88:b3:e2: cb:51:21:f9:4c:60:9b:64:95:39:75:0d:07:c3:f3: 43:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:A1:6A:58:FF:EE:F0:F3:14:82:EE:D6:6B:E6:49:03:F5:C7:9D:04 X509v3 Authority Key Identifier: keyid:DD:58:B8:DE:E7:7B:8A:FE:6E:29:1A:5B:82:05:B1:31:31:69:78:4F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2671/3Vi43ud7iv5uKRpbggWxMTFpeE8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3Vi43ud7iv5uKRpbggWxMTFpeE8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2671/cqFqWP_u8PMUgu7Wa-ZJA_XHnQQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.108.164.0/22 Signature Algorithm: sha256WithRSAEncryption 83:ae:82:e0:8d:42:09:d5:be:2a:b1:e0:37:ae:d2:48:ba:5f: 63:4f:43:ef:f9:3f:e6:8f:7e:11:d6:c3:00:a3:e5:7c:2b:5f: e3:c9:7b:d4:f3:2b:c9:bf:b5:43:0b:13:6b:3c:14:30:eb:39: 64:b4:59:26:41:8a:44:4c:21:b3:7e:81:41:86:6d:be:81:67: 42:4f:38:60:f9:68:06:15:c0:53:a1:ad:26:bb:ff:4c:ff:cf: bd:19:da:dc:e0:3f:a1:3d:59:23:4a:63:44:5e:4c:2c:68:22: 53:e2:af:54:6a:10:7a:0e:23:d1:bd:c5:0f:0e:67:e8:59:22: 0d:92:0f:b9:e6:65:4e:68:40:27:ae:16:67:3a:84:5e:11:c2: 7a:cf:f4:92:45:79:25:92:56:19:da:7a:26:9d:14:cf:a3:a0: 43:ca:e8:d3:b5:d7:fa:1a:8a:b6:31:d8:cb:37:eb:dd:b3:d1: 5b:ae:aa:67:32:8f:65:49:84:5b:a5:f3:94:65:8d:e3:c5:a4: 84:47:04:14:7b:34:e9:0c:96:80:bc:ba:22:9c:b7:bb:a4:fc: e7:71:21:00:8c:32:c2:aa:c6:93:e9:79:99:0e:b3:c1:ed:48: 26:ab:47:25:6d:95:1d:2c:6c:95:7b:1f:fe:56:8c:d2:c9:58: c0:dd:9f:61 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIc0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREQ1 OEI4REVFNzdCOEFGRTZFMjkxQTVCODIwNUIxMzEzMTY5Nzg0RjAeFw0yNTA5MTMw MzA3NTNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDcyQTE2QTU4RkZFRUYw RjMxNDgyRUVENjZCRTY0OTAzRjVDNzlEMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD3wMiQuiCP9TbYLonQU4NlU/+cjTIVzUEsIoHNm2wf37g8ULNL 21DENWXvuKNfXdjUM5ZXHfrO0HC6sC/wiblMfLIeEJbv2RTj9xn54Uqf1KNjX0fP 8QTGx+EDm81of28WACse9Jh5uZY5w2XXv3RJwdoOchHhFaecZb082wusJZAMUy+I SGK/xC8OeQy5B1oCEtVA1m2c48e2w3BSQ8TdZfdmHzwwduhjQsQ2LRqQE57catb5 1f3iCGaWJNT9tu8BjHsxPXClMm53hPBuLFX5flyjZQZ9LtoMeJL5eC80Zm4n32ZA RZq/9vZQwoiz4stRIflMYJtklTl1DQfD80OlAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUcqFqWP/u8PMUgu7Wa+ZJA/XHnQQwHwYDVR0jBBgwFoAU3Vi43ud7iv5uKRpb ggWxMTFpeE8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3 MS8zVmk0M3VkN2l2NXVLUnBiZ2dXeE1URnBlRTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzNWaTQzdWQ3aXY1dUtScGJnZ1d4TVRGcGVFOC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzEvY3FGcVdQX3U4UE1V Z3U3V2EtWkpBX1hIblFRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdspDANBgkqhkiG9w0BAQsFAAOCAQEAg66C4I1CCdW+KrHgN67SSLpfY09D 7/k/5o9+EdbDAKPlfCtf48l71PMryb+1QwsTazwUMOs5ZLRZJkGKREwhs36BQYZt voFnQk84YPloBhXAU6GtJrv/TP/PvRna3OA/oT1ZI0pjRF5MLGgiU+KvVGoQeg4j 0b3FDw5n6FkiDZIPueZlTmhAJ64WZzqEXhHCes/0kkV5JZJWGdp6Jp0Uz6OgQ8ro 07XX+hqKtjHYyzfr3bPRW66qZzKPZUmEW6XzlGWN48WkhEcEFHs06QyWgLy6Ipy3 u6T853EhAIwywqrGk+l5mQ6zwe1IJqtHJW2VHSxslXsf/laM0slYwN2fYQ== -----END CERTIFICATE-----Generated at Sun Oct 19 23:14:25 2025 by rpki-client