$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2802/5q4IYvRpbO1Hqja3EDMxP-S8164.roa File: 5q4IYvRpbO1Hqja3EDMxP-S8164.roa (raw, json) Hash identifier: AbryuiVzACnoSmFOGRQu3zKBJSjHecM0ofnbf2FdqTA= Subject key identifier: E6:AE:08:62:F4:69:6C:ED:47:AA:36:B7:10:33:31:3F:E4:BC:D7:AE Certificate issuer: /CN=4FCA8BCB6EB3EC61032F88D26FC02B05224D4718 Certificate serial: 505E Authority key identifier: 4F:CA:8B:CB:6E:B3:EC:61:03:2F:88:D2:6F:C0:2B:05:22:4D:47:18 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/5q4IYvRpbO1Hqja3EDMxP-S8164.roa Signing time: Sat 13 Sep 2025 02:34:52 +0000 ROA not before: Sat 13 Sep 2025 02:34:52 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 9392 IP address blocks: 103.122.241.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20574 (0x505e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4FCA8BCB6EB3EC61032F88D26FC02B05224D4718 Validity Not Before: Sep 13 02:34:52 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=E6AE0862F4696CED47AA36B71033313FE4BCD7AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a9:4a:9d:3a:7d:6d:ad:3e:ed:e4:89:58:54: d4:2e:8d:25:f7:90:69:36:15:33:25:2e:c7:ae:62: df:11:00:53:9c:9b:4d:bd:a4:84:66:4a:be:4a:3e: e3:e2:49:b1:00:ec:50:ab:17:07:ca:1b:4f:4f:df: 48:cd:57:bf:63:9b:e0:c2:42:a7:3f:2e:31:21:7e: 97:c1:98:1a:d3:04:bf:ec:c4:6e:a4:7c:96:70:ee: c6:ce:8d:5f:75:43:13:a8:bb:dd:83:0a:21:46:ad: 6c:bf:0d:7b:01:49:a7:57:11:e4:75:b9:67:ae:d7: 93:a8:7d:09:3c:07:e0:3d:f0:7b:81:58:fe:11:f8: e3:c7:f0:90:6f:93:ef:a3:f1:b7:8f:cf:93:4b:86: 5c:92:7b:24:ec:81:53:b1:4d:d4:a3:3b:dc:4a:52: f4:7d:6c:ef:de:00:94:bf:57:53:97:3c:00:50:4f: 66:11:ce:0d:22:74:6e:c2:ae:68:1d:4e:3a:da:70: 6e:c9:a8:72:67:f1:09:ff:3a:a9:d8:1d:c6:00:94: 81:bd:84:5f:21:bb:47:87:1c:2a:91:bd:16:ec:0b: f6:e0:df:f0:8e:5c:34:1c:3d:27:44:63:0f:7d:b9: 7e:12:87:98:57:97:0c:5a:5a:e4:cc:f5:cf:a2:39: f9:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:AE:08:62:F4:69:6C:ED:47:AA:36:B7:10:33:31:3F:E4:BC:D7:AE X509v3 Authority Key Identifier: keyid:4F:CA:8B:CB:6E:B3:EC:61:03:2F:88:D2:6F:C0:2B:05:22:4D:47:18 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/5q4IYvRpbO1Hqja3EDMxP-S8164.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.122.241.0/24 Signature Algorithm: sha256WithRSAEncryption 7c:20:d2:37:04:36:37:9c:72:55:d5:b3:e6:2d:e4:93:d0:66: a7:a4:0a:01:3b:9e:7d:c3:4f:c0:d2:e8:cc:1f:1e:28:f0:40: 8a:c7:8e:eb:26:75:82:58:19:a4:9f:a3:f6:1c:e2:f0:77:a8: 19:84:4e:0c:6c:b6:11:3e:17:b0:2d:eb:f2:47:38:db:16:15: db:52:e5:76:a6:26:3f:11:ee:99:28:5e:8e:99:82:00:74:e5: 20:48:23:1d:17:86:c7:8c:da:95:e4:35:c4:1a:0a:07:a4:a5: 08:3b:c0:c9:bc:05:a0:0a:37:09:1c:27:47:6f:f2:fc:f0:81: f4:72:7b:16:13:50:70:21:03:d3:1c:b3:c9:5e:cb:96:3e:96: 56:9b:44:61:c7:20:87:a4:9e:0e:99:82:a8:bc:83:93:15:f3: 18:66:57:a2:cf:8d:a9:a0:44:44:df:9b:14:6d:47:2f:61:b1: aa:3c:3b:72:91:83:9b:7b:f0:fa:35:bf:31:03:40:70:98:b0: 0e:d0:05:28:72:93:7e:a9:fc:66:d2:6d:a5:c3:3a:6e:0d:d2: f9:ca:f3:9e:00:22:49:20:59:d3:9c:a6:39:f1:e7:73:48:23: 47:f3:2c:84:b6:bf:4f:fb:f2:71:06:14:43:95:c5:22:32:79: a1:a9:f5:7a -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICUF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZD QThCQ0I2RUIzRUM2MTAzMkY4OEQyNkZDMDJCMDUyMjRENDcxODAeFw0yNTA5MTMw MjM0NTJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEU2QUUwODYyRjQ2OTZD RUQ0N0FBMzZCNzEwMzMzMTNGRTRCQ0Q3QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyqUqdOn1trT7t5IlYVNQujSX3kGk2FTMlLseuYt8RAFOcm029 pIRmSr5KPuPiSbEA7FCrFwfKG09P30jNV79jm+DCQqc/LjEhfpfBmBrTBL/sxG6k fJZw7sbOjV91QxOou92DCiFGrWy/DXsBSadXEeR1uWeu15OofQk8B+A98HuBWP4R +OPH8JBvk++j8bePz5NLhlySeyTsgVOxTdSjO9xKUvR9bO/eAJS/V1OXPABQT2YR zg0idG7CrmgdTjracG7JqHJn8Qn/OqnYHcYAlIG9hF8hu0eHHCqRvRbsC/bg3/CO XDQcPSdEYw99uX4Sh5hXlwxaWuTM9c+iOflfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU5q4IYvRpbO1Hqja3EDMxP+S8164wHwYDVR0jBBgwFoAUT8qLy26z7GEDL4jS b8ArBSJNRxgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgw Mi9UOHFMeTI2ejdHRURMNGpTYjhBckJTSk5SeGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1Q4cUx5MjZ6N0dFREw0alNiOEFyQlNKTlJ4Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MDIvNXE0SVl2UnBiTzFI cWphM0VETXhQLVM4MTY0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGd68TANBgkqhkiG9w0BAQsFAAOCAQEAfCDSNwQ2N5xyVdWz5i3kk9Bmp6QK ATuefcNPwNLozB8eKPBAiseO6yZ1glgZpJ+j9hzi8HeoGYRODGy2ET4XsC3r8kc4 2xYV21LldqYmPxHumShejpmCAHTlIEgjHReGx4zaleQ1xBoKB6SlCDvAybwFoAo3 CRwnR2/y/PCB9HJ7FhNQcCED0xyzyV7Llj6WVptEYccgh6SeDpmCqLyDkxXzGGZX os+NqaBERN+bFG1HL2Gxqjw7cpGDm3vw+jW/MQNAcJiwDtAFKHKTfqn8ZtJtpcM6 bg3S+crzngAiSSBZ05ymOfHnc0gjR/MshLa/T/vycQYUQ5XFIjJ5oan1eg== -----END CERTIFICATE-----Generated at Mon Oct 20 22:19:25 2025 by rpki-client