$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2802/1neWwmzR--g99Cya7mh6N7c7bEA.roa File: 1neWwmzR--g99Cya7mh6N7c7bEA.roa (raw, json) Hash identifier: KRsi3bsx6h3cXPXZYsiX+V9AXVPR9KStjshlTQiWGms= Subject key identifier: D6:77:96:C2:6C:D1:FB:E8:3D:F4:2C:9A:EE:68:7A:37:B7:3B:6C:40 Certificate issuer: /CN=4FCA8BCB6EB3EC61032F88D26FC02B05224D4718 Certificate serial: 5061 Authority key identifier: 4F:CA:8B:CB:6E:B3:EC:61:03:2F:88:D2:6F:C0:2B:05:22:4D:47:18 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/1neWwmzR--g99Cya7mh6N7c7bEA.roa Signing time: Sat 13 Sep 2025 03:09:58 +0000 ROA not before: Sat 13 Sep 2025 03:09:58 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 9392 IP address blocks: 103.122.242.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20577 (0x5061) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4FCA8BCB6EB3EC61032F88D26FC02B05224D4718 Validity Not Before: Sep 13 03:09:58 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D67796C26CD1FBE83DF42C9AEE687A37B73B6C40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:d4:89:d2:59:7d:b3:8c:63:f7:2b:8c:54:b4: 9f:85:7b:3f:a3:e4:25:f1:ab:96:6f:3e:8e:a7:e4: ab:19:47:7c:60:42:00:08:82:cf:ad:9e:70:7e:9f: 22:4f:a4:5a:9a:61:56:e3:e5:76:11:93:d8:f8:f8: aa:87:16:43:2d:94:61:59:57:8c:77:71:64:2f:3e: f6:27:be:7d:4f:68:88:eb:1a:3f:a6:66:52:6c:be: ce:e1:18:8f:d5:4f:d1:47:d8:f8:22:70:35:ef:e3: 5d:c1:fb:06:88:2a:ec:df:35:46:ae:a6:40:f3:b5: 38:e8:21:5f:17:bd:9f:dc:3a:29:0a:79:6c:ae:e4: 03:78:62:5c:9f:c9:ae:02:f0:62:7f:4a:00:de:e2: 3a:96:d4:39:22:a5:b9:18:c1:3d:a4:55:90:e9:3c: 26:fb:b3:5e:0d:f6:84:3b:c5:5f:ce:e1:3c:8b:db: 2b:26:86:2e:26:19:9d:42:7c:ae:9c:df:98:d0:a9: 4f:9f:09:c6:84:24:03:23:85:48:d6:c8:05:f5:aa: b7:ce:e2:12:c3:d8:de:c5:c6:bb:37:87:61:08:74: e0:ad:93:a3:ba:df:1e:ef:35:6e:41:28:d9:18:d1: a7:61:5d:3a:86:a3:29:28:ad:1a:c8:27:31:d7:ec: 49:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:77:96:C2:6C:D1:FB:E8:3D:F4:2C:9A:EE:68:7A:37:B7:3B:6C:40 X509v3 Authority Key Identifier: keyid:4F:CA:8B:CB:6E:B3:EC:61:03:2F:88:D2:6F:C0:2B:05:22:4D:47:18 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/1neWwmzR--g99Cya7mh6N7c7bEA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.122.242.0/24 Signature Algorithm: sha256WithRSAEncryption 26:25:01:3e:72:30:76:a6:a8:bd:3c:cf:e1:e7:e3:b0:6b:f4: 89:91:3f:6d:e3:62:a2:13:ae:19:26:ad:f3:7b:cc:b0:d1:d3: 06:3b:85:26:c2:88:bb:b2:c4:2d:c7:22:de:80:e8:ea:61:e2: 6a:3d:77:27:2a:2e:ab:a4:1f:0c:8e:a3:fe:3b:ab:1d:96:bd: 33:e4:72:f4:9c:b7:23:50:7b:9a:89:3d:93:ba:ef:a4:11:2b: ec:b2:15:59:b3:a7:49:74:0e:13:aa:f3:2b:4a:5f:05:05:15: af:bd:48:4c:ce:f2:3b:73:b8:6e:98:35:7f:49:fd:c0:ef:3a: d7:6e:db:e0:31:bb:62:2a:39:7d:32:c5:d3:c2:3f:1c:a9:a9: 30:a9:6f:bd:16:7f:73:45:ad:00:57:ef:aa:d2:ff:f4:80:b0: 2d:9d:17:61:65:26:e3:29:ee:9d:68:04:0c:ba:3a:83:b0:90: 30:71:7d:d4:b0:0c:1d:59:b2:71:ef:9d:dc:2a:30:10:cb:69: 7b:c8:8e:c0:df:dd:2a:7d:c6:ef:be:59:f2:af:d1:f2:a0:f9: 5a:99:a5:00:ba:34:a3:91:fc:68:cb:e7:55:0e:30:f4:3a:fb: e0:68:27:e1:44:ec:09:66:c1:1d:78:5c:a4:f4:5e:23:6b:72: 8e:79:ae:5a -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICUGEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZD QThCQ0I2RUIzRUM2MTAzMkY4OEQyNkZDMDJCMDUyMjRENDcxODAeFw0yNTA5MTMw MzA5NThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQ2Nzc5NkMyNkNEMUZC RTgzREY0MkM5QUVFNjg3QTM3QjczQjZDNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDD1InSWX2zjGP3K4xUtJ+Fez+j5CXxq5ZvPo6n5KsZR3xgQgAI gs+tnnB+nyJPpFqaYVbj5XYRk9j4+KqHFkMtlGFZV4x3cWQvPvYnvn1PaIjrGj+m ZlJsvs7hGI/VT9FH2PgicDXv413B+waIKuzfNUaupkDztTjoIV8XvZ/cOikKeWyu 5AN4Ylyfya4C8GJ/SgDe4jqW1DkipbkYwT2kVZDpPCb7s14N9oQ7xV/O4TyL2ysm hi4mGZ1CfK6c35jQqU+fCcaEJAMjhUjWyAX1qrfO4hLD2N7Fxrs3h2EIdOCtk6O6 3x7vNW5BKNkY0adhXTqGoykorRrIJzHX7EnTAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU1neWwmzR++g99Cya7mh6N7c7bEAwHwYDVR0jBBgwFoAUT8qLy26z7GEDL4jS b8ArBSJNRxgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgw Mi9UOHFMeTI2ejdHRURMNGpTYjhBckJTSk5SeGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1Q4cUx5MjZ6N0dFREw0alNiOEFyQlNKTlJ4Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MDIvMW5lV3dtelItLWc5 OUN5YTdtaDZON2M3YkVBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGd68jANBgkqhkiG9w0BAQsFAAOCAQEAJiUBPnIwdqaovTzP4efjsGv0iZE/ beNiohOuGSat83vMsNHTBjuFJsKIu7LELcci3oDo6mHiaj13Jyouq6QfDI6j/jur HZa9M+Ry9Jy3I1B7mok9k7rvpBEr7LIVWbOnSXQOE6rzK0pfBQUVr71ITM7yO3O4 bpg1f0n9wO86127b4DG7Yio5fTLF08I/HKmpMKlvvRZ/c0WtAFfvqtL/9ICwLZ0X YWUm4ynunWgEDLo6g7CQMHF91LAMHVmyce+d3CowEMtpe8iOwN/dKn3G775Z8q/R 8qD5WpmlALo0o5H8aMvnVQ4w9Dr74Ggn4UTsCWbBHXhcpPReI2tyjnmuWg== -----END CERTIFICATE-----Generated at Mon Oct 20 22:19:24 2025 by rpki-client