$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2823/Yiy2xhcHxXemOTW8SWrJ-9Ru0pU.roa File: Yiy2xhcHxXemOTW8SWrJ-9Ru0pU.roa (raw, json) Hash identifier: mh/M67I67u8AmY5D/oE8i3BVgQGl4Qj5XERk8W4K/xI= Subject key identifier: 62:2C:B6:C6:17:07:C5:77:A6:39:35:BC:49:6A:C9:FB:D4:6E:D2:95 Certificate issuer: /CN=6647DAB6455116964FAC00012CCC83174D4E46E1 Certificate serial: 173E Authority key identifier: 66:47:DA:B6:45:51:16:96:4F:AC:00:01:2C:CC:83:17:4D:4E:46:E1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZkfatkVRFpZPrAABLMyDF01ORuE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/Yiy2xhcHxXemOTW8SWrJ-9Ru0pU.roa Signing time: Sat 13 Sep 2025 03:03:05 +0000 ROA not before: Sat 13 Sep 2025 03:03:05 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137730 IP address blocks: 103.124.48.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/ZkfatkVRFpZPrAABLMyDF01ORuE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/ZkfatkVRFpZPrAABLMyDF01ORuE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZkfatkVRFpZPrAABLMyDF01ORuE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5950 (0x173e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6647DAB6455116964FAC00012CCC83174D4E46E1 Validity Not Before: Sep 13 03:03:05 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=622CB6C61707C577A63935BC496AC9FBD46ED295 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:fd:9d:b5:9a:bb:63:3b:37:f9:04:0f:3b:e7: e8:09:69:f6:88:8d:bd:2b:86:a7:04:9b:0d:86:57: dd:65:29:a9:43:93:60:6a:b3:d1:31:cc:10:59:53: f9:e6:65:ff:c4:a4:27:c1:e3:56:56:a1:b7:a8:63: e1:61:3f:d4:13:a6:7d:35:d6:10:61:ca:a3:1c:47: c1:b3:f4:11:9e:60:d6:5a:c0:84:3e:31:99:53:4e: 08:a8:42:cb:fd:6f:2c:1f:c0:46:be:1b:16:3d:b7: e0:e5:1a:47:67:af:70:a6:33:03:f7:2c:e6:6a:5a: 28:56:6d:9e:64:e2:3d:73:37:00:ac:d0:8a:e9:21: d7:1d:cc:a4:22:ea:07:cb:c2:8c:0b:cf:33:6c:b8: 2f:3e:c0:5c:13:0a:ab:10:90:3c:49:70:18:53:ac: de:fe:85:bc:e9:fb:45:e8:73:94:7c:d1:0b:b1:c2: 78:b8:9c:94:9e:37:cd:3c:b5:c1:6b:92:08:77:5e: 74:17:cb:7a:32:34:2c:69:81:00:07:4e:82:8a:12: e4:e0:69:13:d7:e9:5d:b0:0e:45:65:4a:09:0c:da: d4:2a:4c:88:7d:e9:5c:ff:24:6f:f0:03:cd:11:9a: 1b:01:d3:37:c6:b1:14:ca:65:d8:b0:28:01:07:04: fe:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:2C:B6:C6:17:07:C5:77:A6:39:35:BC:49:6A:C9:FB:D4:6E:D2:95 X509v3 Authority Key Identifier: keyid:66:47:DA:B6:45:51:16:96:4F:AC:00:01:2C:CC:83:17:4D:4E:46:E1 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/ZkfatkVRFpZPrAABLMyDF01ORuE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZkfatkVRFpZPrAABLMyDF01ORuE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/Yiy2xhcHxXemOTW8SWrJ-9Ru0pU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.124.48.0/24 Signature Algorithm: sha256WithRSAEncryption 2e:08:4d:0e:75:26:5c:b0:eb:6c:d2:66:88:16:41:24:65:03: 48:af:fe:40:36:ac:59:de:46:4a:b2:4e:8f:be:ca:60:15:55: 1b:d6:33:dc:29:67:3a:c9:11:26:ab:80:57:7f:83:6b:9d:29: 8b:26:10:95:be:6d:bc:5f:27:08:b9:5c:de:74:be:35:aa:37: 79:9f:d4:97:0c:11:34:ec:8a:e7:b3:60:36:f8:26:92:25:3b: cc:0c:3c:aa:6b:fc:fb:f6:3a:0c:8f:98:06:e1:f9:c7:28:7f: fd:0d:bd:1a:d4:6c:ca:6e:7b:0c:3b:0a:46:73:97:da:47:d6: 34:06:31:ee:75:11:d1:5a:51:dd:8c:8c:f0:5d:a4:da:c5:bd: f0:56:5f:1f:c1:c4:bc:29:25:21:ac:7f:55:53:3e:f0:b5:bb: 31:35:3a:9a:42:62:ae:5a:2a:d8:7c:40:59:48:f1:96:3f:75: 64:b5:92:81:8d:bc:4b:87:2f:63:f3:97:01:05:ce:c4:02:8e: 4d:bf:64:e1:51:b8:bb:81:2e:43:9c:b8:78:4b:1e:77:ae:b0: 00:2c:3a:86:1c:9d:b6:3c:ee:bf:39:81:22:93:25:00:ba:fc: 44:3c:05:c4:05:91:17:9f:cf:c0:34:aa:77:0e:58:12:de:b3: 93:79:94:2e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFz4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjY0 N0RBQjY0NTUxMTY5NjRGQUMwMDAxMkNDQzgzMTc0RDRFNDZFMTAeFw0yNTA5MTMw MzAzMDVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDYyMkNCNkM2MTcwN0M1 NzdBNjM5MzVCQzQ5NkFDOUZCRDQ2RUQyOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDa/Z21mrtjOzf5BA875+gJafaIjb0rhqcEmw2GV91lKalDk2Bq s9ExzBBZU/nmZf/EpCfB41ZWobeoY+FhP9QTpn011hBhyqMcR8Gz9BGeYNZawIQ+ MZlTTgioQsv9bywfwEa+GxY9t+DlGkdnr3CmMwP3LOZqWihWbZ5k4j1zNwCs0Irp IdcdzKQi6gfLwowLzzNsuC8+wFwTCqsQkDxJcBhTrN7+hbzp+0Xoc5R80Quxwni4 nJSeN808tcFrkgh3XnQXy3oyNCxpgQAHToKKEuTgaRPX6V2wDkVlSgkM2tQqTIh9 6Vz/JG/wA80RmhsB0zfGsRTKZdiwKAEHBP5LAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUYiy2xhcHxXemOTW8SWrJ+9Ru0pUwHwYDVR0jBBgwFoAUZkfatkVRFpZPrAAB LMyDF01ORuEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgy My9aa2ZhdGtWUkZwWlByQUFCTE15REYwMU9SdUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1prZmF0a1ZSRnBaUHJBQUJMTXlERjAxT1J1RS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MjMvWWl5MnhoY0h4WGVt T1RXOFNXckotOVJ1MHBVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGd8MDANBgkqhkiG9w0BAQsFAAOCAQEALghNDnUmXLDrbNJmiBZBJGUDSK/+ QDasWd5GSrJOj77KYBVVG9Yz3ClnOskRJquAV3+Da50piyYQlb5tvF8nCLlc3nS+ Nao3eZ/UlwwRNOyK57NgNvgmkiU7zAw8qmv8+/Y6DI+YBuH5xyh//Q29GtRsym57 DDsKRnOX2kfWNAYx7nUR0VpR3YyM8F2k2sW98FZfH8HEvCklIax/VVM+8LW7MTU6 mkJirloq2HxAWUjxlj91ZLWSgY28S4cvY/OXAQXOxAKOTb9k4VG4u4EuQ5y4eEse d66wACw6hhydtjzuvzmBIpMlALr8RDwFxAWRF5/PwDSqdw5YEt6zk3mULg== -----END CERTIFICATE-----Generated at Mon Oct 20 22:40:22 2025 by rpki-client