$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2816/CENdEQXMmBxzvHQeQYtr8Ko78wM.roa File: CENdEQXMmBxzvHQeQYtr8Ko78wM.roa (raw, json) Hash identifier: 62/bt3Shl2iBMOcc2PN7VahUfzN5i01Om0bSegK5ukc= Subject key identifier: 08:43:5D:11:05:CC:98:1C:73:BC:74:1E:41:8B:6B:F0:AA:3B:F3:03 Certificate issuer: /CN=857BE9F90A5B737CA00E8E04B62C26E142D4A3BA Certificate serial: 1736 Authority key identifier: 85:7B:E9:F9:0A:5B:73:7C:A0:0E:8E:04:B6:2C:26:E1:42:D4:A3:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hXvp-Qpbc3ygDo4Etiwm4ULUo7o.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2816/CENdEQXMmBxzvHQeQYtr8Ko78wM.roa Signing time: Sat 13 Sep 2025 03:07:59 +0000 ROA not before: Sat 13 Sep 2025 03:07:59 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137768 IP address blocks: 103.131.36.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2816/hXvp-Qpbc3ygDo4Etiwm4ULUo7o.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2816/hXvp-Qpbc3ygDo4Etiwm4ULUo7o.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hXvp-Qpbc3ygDo4Etiwm4ULUo7o.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5942 (0x1736) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=857BE9F90A5B737CA00E8E04B62C26E142D4A3BA Validity Not Before: Sep 13 03:07:59 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=08435D1105CC981C73BC741E418B6BF0AA3BF303 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:99:b3:ce:48:0f:65:67:8b:c1:2d:3c:22:60: b5:e2:8d:47:3f:d5:14:be:6c:48:13:9e:85:bb:af: 86:d9:74:3e:fb:04:87:89:ec:4a:30:f7:5b:4f:cf: 70:a9:03:47:dd:c1:e0:64:32:aa:70:ba:8a:cd:18: 03:2c:56:0e:8c:8e:59:c7:ea:39:c7:4d:de:5d:b3: 4e:4e:e0:9d:d1:bd:ec:6b:ac:37:e1:10:68:e7:80: 83:d6:a3:fc:e5:77:ef:fe:ca:f9:33:32:16:fc:d0: cb:81:08:03:0e:e9:37:f1:8a:51:bf:43:de:ea:b0: ca:23:3c:d7:e2:75:50:05:6b:34:e2:41:cb:77:6e: 66:26:21:da:59:50:46:e3:69:d3:bc:56:fb:41:fa: 37:dd:5e:b1:c8:54:3b:1d:48:12:41:5f:8f:aa:8f: bc:61:8f:ce:51:ad:6f:57:f0:ba:19:db:f9:89:19: d6:7d:cc:b8:3f:84:9c:ca:95:e4:45:aa:3b:5d:de: 87:df:a1:4a:b5:4a:18:4e:eb:dd:64:0c:3a:76:f5: b4:3f:47:ab:e6:18:54:13:34:c9:10:7f:31:fc:4b: 67:b1:b5:92:ba:96:21:15:50:c6:e6:25:42:e7:0d: f6:b6:a5:1d:91:04:d7:d5:70:7d:b2:09:1f:7c:1e: d8:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:43:5D:11:05:CC:98:1C:73:BC:74:1E:41:8B:6B:F0:AA:3B:F3:03 X509v3 Authority Key Identifier: keyid:85:7B:E9:F9:0A:5B:73:7C:A0:0E:8E:04:B6:2C:26:E1:42:D4:A3:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2816/hXvp-Qpbc3ygDo4Etiwm4ULUo7o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hXvp-Qpbc3ygDo4Etiwm4ULUo7o.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2816/CENdEQXMmBxzvHQeQYtr8Ko78wM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.131.36.0/24 Signature Algorithm: sha256WithRSAEncryption 15:8b:b6:9f:ad:e9:c0:ce:9a:41:a6:34:be:ba:1b:26:1c:46: 30:9f:3e:e1:fd:14:1d:b6:81:eb:99:f4:1a:1c:c2:64:30:77: 1e:5d:ed:f9:b6:32:e4:b8:1a:e8:cb:c1:63:e3:5b:4b:ad:6d: eb:dc:f5:5a:f2:86:a5:83:76:7a:f3:23:7e:2d:61:03:cc:7d: 03:9d:12:48:b3:b2:23:d7:53:01:23:26:28:24:63:be:eb:b4: c0:e3:a4:f5:6a:d2:56:f9:6e:b2:c1:fe:6d:6b:ca:15:31:34: 5e:1d:37:25:77:38:c9:44:12:56:86:b4:d7:fc:5b:f7:ee:5b: 66:83:5a:3b:01:b3:36:44:95:78:54:72:1f:03:d3:f9:5b:62: 6d:a0:1c:74:d7:47:6f:81:0a:3c:66:1a:c8:4f:77:03:89:c1: 28:c9:78:58:59:5c:fc:e9:6b:5d:55:d9:43:62:92:3d:f9:07: 3e:87:6b:e0:24:53:38:81:5c:66:a4:9f:20:e4:8b:36:30:55: c3:2f:5f:09:46:e8:b1:c8:a9:45:0a:1c:81:66:78:c4:f1:ad: af:47:e1:09:22:d2:b9:cf:dd:e7:ea:af:28:6e:94:d9:f7:00: db:e0:ca:fe:33:87:be:af:74:f5:cc:39:37:c3:e2:4e:ab:07: a3:0e:a1:e1 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFzYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODU3 QkU5RjkwQTVCNzM3Q0EwMEU4RTA0QjYyQzI2RTE0MkQ0QTNCQTAeFw0yNTA5MTMw MzA3NTlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDA4NDM1RDExMDVDQzk4 MUM3M0JDNzQxRTQxOEI2QkYwQUEzQkYzMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBmbPOSA9lZ4vBLTwiYLXijUc/1RS+bEgTnoW7r4bZdD77BIeJ 7Eow91tPz3CpA0fdweBkMqpwuorNGAMsVg6MjlnH6jnHTd5ds05O4J3RvexrrDfh EGjngIPWo/zld+/+yvkzMhb80MuBCAMO6TfxilG/Q97qsMojPNfidVAFazTiQct3 bmYmIdpZUEbjadO8VvtB+jfdXrHIVDsdSBJBX4+qj7xhj85RrW9X8LoZ2/mJGdZ9 zLg/hJzKleRFqjtd3offoUq1ShhO691kDDp29bQ/R6vmGFQTNMkQfzH8S2extZK6 liEVUMbmJULnDfa2pR2RBNfVcH2yCR98HtjnAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUCENdEQXMmBxzvHQeQYtr8Ko78wMwHwYDVR0jBBgwFoAUhXvp+Qpbc3ygDo4E tiwm4ULUo7owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgx Ni9oWHZwLVFwYmMzeWdEbzRFdGl3bTRVTFVvN28uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2hYdnAtUXBiYzN5Z0RvNEV0aXdtNFVMVW83by5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MTYvQ0VOZEVRWE1tQnh6 dkhRZVFZdHI4S283OHdNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGeDJDANBgkqhkiG9w0BAQsFAAOCAQEAFYu2n63pwM6aQaY0vrobJhxGMJ8+ 4f0UHbaB65n0GhzCZDB3Hl3t+bYy5Lga6MvBY+NbS61t69z1WvKGpYN2evMjfi1h A8x9A50SSLOyI9dTASMmKCRjvuu0wOOk9WrSVvlussH+bWvKFTE0Xh03JXc4yUQS Voa01/xb9+5bZoNaOwGzNkSVeFRyHwPT+VtibaAcdNdHb4EKPGYayE93A4nBKMl4 WFlc/OlrXVXZQ2KSPfkHPodr4CRTOIFcZqSfIOSLNjBVwy9fCUboscipRQocgWZ4 xPGtr0fhCSLSuc/d5+qvKG6U2fcA2+DK/jOHvq909cw5N8PiTqsHow6h4Q== -----END CERTIFICATE-----Generated at Mon Oct 20 19:50:49 2025 by rpki-client