$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/BNeD18WLt0dsPE1QADKFQjyRzLs.roa File: BNeD18WLt0dsPE1QADKFQjyRzLs.roa (raw, json) Hash identifier: v34ccRxQdDkbHQaTbKeorVmUTQFMLUXK9smoMy634LM= Subject key identifier: 04:D7:83:D7:C5:8B:B7:47:6C:3C:4D:50:00:32:85:42:3C:91:CC:BB Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Certificate serial: 206F Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/BNeD18WLt0dsPE1QADKFQjyRzLs.roa Signing time: Sat 13 Sep 2025 03:09:26 +0000 ROA not before: Sat 13 Sep 2025 03:09:26 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139021 IP address blocks: 103.139.0.0/23 maxlen: 23 218.247.84.0/23 maxlen: 23 218.247.86.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8303 (0x206f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Validity Not Before: Sep 13 03:09:26 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=04D783D7C58BB7476C3C4D50003285423C91CCBB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:9f:05:38:07:47:28:40:c9:e1:96:85:f5:81: 5e:86:b8:cb:70:6a:d0:ca:89:43:9c:22:ba:de:82: bb:f8:02:52:17:21:0d:fe:b7:fd:72:84:03:d8:88: 2d:7d:a1:7d:1b:48:e8:c0:f2:85:e9:1e:c3:b9:13: f2:b6:fb:ee:a1:f7:90:ba:e3:15:3c:61:aa:24:ac: b2:40:19:83:c9:4d:57:25:15:81:38:25:47:3b:62: 08:7f:8c:fa:f4:34:36:82:4d:83:d1:55:49:60:ae: 05:ee:b4:a2:42:e9:2d:e2:46:95:51:15:35:cd:16: eb:f3:ba:01:0e:81:e6:db:44:1b:42:72:aa:ed:b4: 99:d9:06:60:1a:0b:ec:11:fd:0a:a2:30:04:f4:b5: 5e:1c:d7:51:28:5c:d0:de:db:4b:da:05:ae:61:38: 42:a8:1c:78:c4:fb:dc:40:3d:2f:e2:0a:c1:78:51: 89:ac:ab:b5:ad:b5:b4:96:59:f5:30:1b:9c:be:5b: cb:da:c0:b0:0b:c9:4b:94:75:5a:1c:31:91:a2:77: ac:aa:43:c8:49:5a:6f:eb:f8:d0:e9:1c:83:97:6a: c7:b6:81:fc:84:e9:de:c5:0c:01:f0:92:31:1a:b4: 74:fe:91:89:20:26:80:0a:d6:f5:46:fd:10:db:d8: 98:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:D7:83:D7:C5:8B:B7:47:6C:3C:4D:50:00:32:85:42:3C:91:CC:BB X509v3 Authority Key Identifier: keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/BNeD18WLt0dsPE1QADKFQjyRzLs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.139.0.0/23 218.247.84.0/22 Signature Algorithm: sha256WithRSAEncryption 0f:24:4f:b3:e8:bc:92:fe:d6:2d:d1:37:28:95:e6:3b:f4:7c: 6e:50:45:91:12:22:21:02:08:b2:27:c3:ae:dc:83:06:de:20: 0f:79:49:ba:92:49:9a:00:62:20:5d:e3:a9:41:46:ac:2e:85: a1:45:73:d3:7e:8a:d9:a2:84:d8:bd:9e:fe:d0:d2:84:29:fc: c4:2e:7b:b5:a3:88:47:88:bd:d3:72:84:e3:e1:de:b6:8d:12: c7:bd:41:61:5d:49:f0:95:e6:ac:67:80:3c:29:a6:74:33:72: e6:3d:75:7b:7f:51:83:5b:b7:27:dc:71:f2:46:62:15:51:8c: 87:1e:59:e7:dd:0c:2a:be:64:2e:65:47:c0:43:81:4a:9d:2a: bf:74:d3:14:be:b1:4c:d4:f7:43:d0:ed:19:5e:7e:e7:c5:d7: a4:f0:11:b7:4b:f7:7b:25:d7:ec:95:8a:be:63:65:22:62:24: 47:80:b2:45:a5:a7:79:67:75:bd:7b:c3:2e:08:aa:d1:14:91: 6f:6d:c7:6f:b7:2b:2b:50:1f:cb:41:49:a8:36:c6:15:89:a4: a0:7b:7d:33:27:03:7d:a1:6a:52:aa:08:68:3d:08:f4:51:94: b4:7b:0b:b2:24:d1:04:69:c2:9e:af:35:a6:2e:2a:17:a3:68: ca:df:30:df -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgICIG8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNTA5MTMw MzA5MjZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDA0RDc4M0Q3QzU4QkI3 NDc2QzNDNEQ1MDAwMzI4NTQyM0M5MUNDQkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCnwU4B0coQMnhloX1gV6GuMtwatDKiUOcIrregrv4AlIXIQ3+ t/1yhAPYiC19oX0bSOjA8oXpHsO5E/K2++6h95C64xU8YaokrLJAGYPJTVclFYE4 JUc7Ygh/jPr0NDaCTYPRVUlgrgXutKJC6S3iRpVRFTXNFuvzugEOgebbRBtCcqrt tJnZBmAaC+wR/QqiMAT0tV4c11EoXNDe20vaBa5hOEKoHHjE+9xAPS/iCsF4UYms q7WttbSWWfUwG5y+W8vawLALyUuUdVocMZGid6yqQ8hJWm/r+NDpHIOXase2gfyE 6d7FDAHwkjEatHT+kYkgJoAK1vVG/RDb2JjXAgMBAAGjggH5MIIB9TAdBgNVHQ4E FgQUBNeD18WLt0dsPE1QADKFQjyRzLswHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4 OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvQk5lRDE4V0x0MGRz UEUxUUFES0ZRanlSekxzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw DAMEAWeLAAMEAtr3VDANBgkqhkiG9w0BAQsFAAOCAQEADyRPs+i8kv7WLdE3KJXm O/R8blBFkRIiIQIIsifDrtyDBt4gD3lJupJJmgBiIF3jqUFGrC6FoUVz036K2aKE 2L2e/tDShCn8xC57taOIR4i903KE4+Heto0Sx71BYV1J8JXmrGeAPCmmdDNy5j11 e39Rg1u3J9xx8kZiFVGMhx5Z590MKr5kLmVHwEOBSp0qv3TTFL6xTNT3Q9DtGV5+ 58XXpPARt0v3eyXX7JWKvmNlImIkR4CyRaWneWd1vXvDLgiq0RSRb23Hb7crK1Af y0FJqDbGFYmkoHt9MycDfaFqUqoIaD0I9FGUtHsLsiTRBGnCnq81pi4qF6Noyt8w 3w== -----END CERTIFICATE-----Generated at Mon Oct 20 08:33:56 2025 by rpki-client