$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2802/WU8x-QLzVNU5aReJr1mk1RtF7F4.roa File: WU8x-QLzVNU5aReJr1mk1RtF7F4.roa (raw, json) Hash identifier: 7em4P1BDF8/UXjd4oel71YAdnoClwGBj7nhahixRavk= Subject key identifier: 59:4F:31:F9:02:F3:54:D5:39:69:17:89:AF:59:A4:D5:1B:45:EC:5E Certificate issuer: /CN=4FCA8BCB6EB3EC61032F88D26FC02B05224D4718 Certificate serial: 5060 Authority key identifier: 4F:CA:8B:CB:6E:B3:EC:61:03:2F:88:D2:6F:C0:2B:05:22:4D:47:18 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/WU8x-QLzVNU5aReJr1mk1RtF7F4.roa Signing time: Sat 13 Sep 2025 03:09:58 +0000 ROA not before: Sat 13 Sep 2025 03:09:58 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 9392 IP address blocks: 103.122.243.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 04:08:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20576 (0x5060) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4FCA8BCB6EB3EC61032F88D26FC02B05224D4718 Validity Not Before: Sep 13 03:09:58 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=594F31F902F354D539691789AF59A4D51B45EC5E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:97:53:c5:8e:8b:4c:61:32:d6:d1:ef:7f:70: 18:ab:c9:22:84:e7:67:d1:56:ce:85:14:b6:02:4a: 87:ab:53:df:15:9c:46:93:b8:2a:d5:7b:39:ae:13: 14:2b:0e:d0:c6:d1:20:7b:c5:8a:f4:88:f0:4f:9c: 7d:c3:12:a4:ad:35:51:7d:91:46:90:5c:87:c5:c0: 3c:fa:49:ed:5f:36:68:ff:54:9e:84:59:2b:c4:8f: 28:a2:8f:00:67:49:d0:af:5a:52:52:9e:fe:0e:4c: 15:e1:42:54:3b:1e:b8:55:fa:dc:3d:c9:2a:8a:a5: 69:2d:68:81:7f:f0:dc:45:89:ee:ec:45:46:00:e6: 30:a0:73:b2:e2:34:83:7f:3d:17:31:e2:03:dc:3b: 66:b2:2c:11:a3:cf:cd:4c:58:56:ea:a9:85:76:0b: b3:fd:cd:cd:50:33:f0:3f:e5:82:ab:88:aa:19:d5: 5b:f8:7a:83:73:f4:d3:8e:5e:97:ea:af:32:39:55: 5a:44:3b:f3:7b:64:49:9c:49:f4:d8:a3:63:5b:9f: d2:8a:cd:b3:d1:27:43:67:a4:ae:5e:65:93:2d:99: d5:08:7b:dc:b1:8d:5a:a3:6c:0b:3f:96:ab:d2:33: 53:8c:32:a1:c1:d9:c8:b8:19:0d:fe:d3:5c:f7:c7: ac:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:4F:31:F9:02:F3:54:D5:39:69:17:89:AF:59:A4:D5:1B:45:EC:5E X509v3 Authority Key Identifier: keyid:4F:CA:8B:CB:6E:B3:EC:61:03:2F:88:D2:6F:C0:2B:05:22:4D:47:18 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/WU8x-QLzVNU5aReJr1mk1RtF7F4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.122.243.0/24 Signature Algorithm: sha256WithRSAEncryption 50:d2:7e:ae:81:3b:be:ba:e9:e0:7b:90:ae:ff:3c:14:cd:b0: c0:5a:b5:4b:99:5c:04:29:fa:63:a3:72:8a:8a:62:a1:ae:c4: 27:d8:99:c7:f8:ee:ef:69:ed:b5:0c:1a:ea:8a:74:2c:9c:80: 75:26:7f:29:44:cc:84:66:8e:82:c3:3a:39:a4:97:91:aa:33: c6:b8:25:3a:17:d2:52:1f:31:28:e3:43:40:82:83:34:b2:e3: af:3b:36:63:6e:a0:f7:24:6a:8d:d6:f7:37:5b:9f:b4:72:18: 01:5d:54:d2:10:fe:d0:27:34:ad:6d:36:41:94:3e:46:cf:c5: b2:4f:85:eb:63:db:e6:62:1a:a4:01:ce:6f:48:c4:c4:25:d3: 1f:1d:64:71:65:91:c6:d3:29:9c:cf:11:2c:1c:0c:1f:80:5d: a2:97:1c:00:4f:c1:85:39:f0:77:9d:1f:04:f1:a1:a8:ff:4c: e6:9c:4c:87:de:b8:c7:00:d2:c4:da:2b:57:24:70:7e:c4:5c: 69:de:0e:34:85:9e:ab:c8:86:af:e4:64:73:62:a8:d2:17:88: ac:1f:4e:dd:da:7f:04:cd:69:8c:d3:2e:be:fa:1d:20:a9:2d: b1:34:a5:a3:e3:e7:7f:1b:92:42:32:fb:50:1c:7f:74:24:75: 12:20:a6:13 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICUGAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZD QThCQ0I2RUIzRUM2MTAzMkY4OEQyNkZDMDJCMDUyMjRENDcxODAeFw0yNTA5MTMw MzA5NThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDU5NEYzMUY5MDJGMzU0 RDUzOTY5MTc4OUFGNTlBNEQ1MUI0NUVDNUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOl1PFjotMYTLW0e9/cBirySKE52fRVs6FFLYCSoerU98VnEaT uCrVezmuExQrDtDG0SB7xYr0iPBPnH3DEqStNVF9kUaQXIfFwDz6Se1fNmj/VJ6E WSvEjyiijwBnSdCvWlJSnv4OTBXhQlQ7HrhV+tw9ySqKpWktaIF/8NxFie7sRUYA 5jCgc7LiNIN/PRcx4gPcO2ayLBGjz81MWFbqqYV2C7P9zc1QM/A/5YKriKoZ1Vv4 eoNz9NOOXpfqrzI5VVpEO/N7ZEmcSfTYo2Nbn9KKzbPRJ0NnpK5eZZMtmdUIe9yx jVqjbAs/lqvSM1OMMqHB2ci4GQ3+01z3x6xlAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUWU8x+QLzVNU5aReJr1mk1RtF7F4wHwYDVR0jBBgwFoAUT8qLy26z7GEDL4jS b8ArBSJNRxgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgw Mi9UOHFMeTI2ejdHRURMNGpTYjhBckJTSk5SeGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1Q4cUx5MjZ6N0dFREw0alNiOEFyQlNKTlJ4Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MDIvV1U4eC1RTHpWTlU1 YVJlSnIxbWsxUnRGN0Y0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGd68zANBgkqhkiG9w0BAQsFAAOCAQEAUNJ+roE7vrrp4HuQrv88FM2wwFq1 S5lcBCn6Y6Nyiopioa7EJ9iZx/ju72nttQwa6op0LJyAdSZ/KUTMhGaOgsM6OaSX kaozxrglOhfSUh8xKONDQIKDNLLjrzs2Y26g9yRqjdb3N1uftHIYAV1U0hD+0Cc0 rW02QZQ+Rs/Fsk+F62Pb5mIapAHOb0jExCXTHx1kcWWRxtMpnM8RLBwMH4Bdopcc AE/BhTnwd50fBPGhqP9M5pxMh964xwDSxNorVyRwfsRcad4ONIWeq8iGr+Rkc2Ko 0heIrB9O3dp/BM1pjNMuvvodIKktsTSlo+PnfxuSQjL7UBx/dCR1EiCmEw== -----END CERTIFICATE-----Generated at Tue Oct 21 03:00:43 2025 by rpki-client