$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2898/7zzMdB7u5ay_vYvE83MicNjj9Xo.roa File: 7zzMdB7u5ay_vYvE83MicNjj9Xo.roa (raw, json) Hash identifier: R1FUwvHwObQjJ297J+3nwp+8OpaE6qSBQinj4OuqmMY= Subject key identifier: EF:3C:CC:74:1E:EE:E5:AC:BF:BD:8B:C4:F3:73:22:70:D8:E3:F5:7A Certificate issuer: /CN=2F39D6C238893451A06EB34C52D77ABC18906BE0 Certificate serial: 2067 Authority key identifier: 2F:39:D6:C2:38:89:34:51:A0:6E:B3:4C:52:D7:7A:BC:18:90:6B:E0 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LznWwjiJNFGgbrNMUtd6vBiQa-A.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2898/7zzMdB7u5ay_vYvE83MicNjj9Xo.roa Signing time: Sat 13 Sep 2025 03:10:15 +0000 ROA not before: Sat 13 Sep 2025 03:10:15 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 17621 IP address blocks: 103.140.14.0/23 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2898/LznWwjiJNFGgbrNMUtd6vBiQa-A.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2898/LznWwjiJNFGgbrNMUtd6vBiQa-A.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LznWwjiJNFGgbrNMUtd6vBiQa-A.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8295 (0x2067) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F39D6C238893451A06EB34C52D77ABC18906BE0 Validity Not Before: Sep 13 03:10:15 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=EF3CCC741EEEE5ACBFBD8BC4F3732270D8E3F57A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:d0:44:b6:58:ff:e0:d1:4e:d9:37:c5:f1:62: f5:0f:6a:23:c3:2e:b4:b6:ef:84:35:c6:57:d0:2a: 45:2d:1a:28:4b:c5:93:46:46:61:28:46:6c:44:cc: e8:42:f3:33:7d:aa:d4:04:d2:30:60:ac:d0:6c:7f: c7:ae:a2:6b:59:dd:26:e2:49:4e:6b:f2:38:0a:70: 15:9c:3e:98:93:6c:8b:be:b5:1a:b6:d0:b3:a1:d0: bb:f9:bb:da:e9:a8:b6:15:77:d3:6b:26:34:2c:e8: 5e:02:5e:e0:83:ba:e9:0e:62:9e:b1:63:85:2d:1a: 6e:d7:73:1c:44:fc:86:23:5e:22:01:42:94:ab:76: c5:ac:be:8f:12:2f:e3:17:82:d9:43:22:e8:59:d6: 8b:18:ac:2f:8f:de:ba:b0:99:ad:06:a5:47:ad:43: a3:0d:91:f4:7a:51:fd:a2:6f:df:0d:6a:c7:a6:c8: dc:28:35:c6:51:4a:43:15:3f:18:b3:d9:e3:20:b9: 85:45:f6:d6:2e:3c:e8:28:e4:06:f1:67:14:0c:b5: ae:b6:39:13:27:22:b9:8c:c6:43:ab:31:83:e4:5c: 35:89:ef:7e:e5:17:cd:45:ab:89:ec:a4:e6:25:82: f5:51:e0:ed:30:8b:18:3a:4b:a5:4e:9a:23:21:5d: 62:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:3C:CC:74:1E:EE:E5:AC:BF:BD:8B:C4:F3:73:22:70:D8:E3:F5:7A X509v3 Authority Key Identifier: keyid:2F:39:D6:C2:38:89:34:51:A0:6E:B3:4C:52:D7:7A:BC:18:90:6B:E0 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2898/LznWwjiJNFGgbrNMUtd6vBiQa-A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LznWwjiJNFGgbrNMUtd6vBiQa-A.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2898/7zzMdB7u5ay_vYvE83MicNjj9Xo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.140.14.0/23 Signature Algorithm: sha256WithRSAEncryption 78:d7:12:6d:0e:0d:1d:b2:c7:ad:26:be:c2:9c:2d:bc:a9:3d: a8:e7:8e:68:99:9e:7d:00:bd:6f:f8:1f:b6:ef:bb:a7:64:ce: 05:e3:88:0d:2b:e7:50:8c:16:bd:31:a2:ef:41:f4:0e:88:fc: 4b:f7:c9:47:1b:2d:8c:69:6c:c2:42:2c:93:13:68:a8:e1:8c: 65:a8:68:ed:b5:71:d0:90:cb:a3:ed:7a:82:93:a5:f8:ca:e8: e5:ca:84:19:29:34:7b:a6:23:67:03:6b:50:cc:9b:73:79:af: a3:3d:ae:51:f8:90:ab:be:e9:84:8f:2f:7b:bf:b2:cd:e7:8b: c7:ef:01:8a:4d:fa:c6:c9:d5:d8:d9:4b:c6:32:bf:31:3f:aa: 8e:e4:51:e0:a2:eb:b8:77:e4:9b:08:e1:e4:08:12:c0:b0:64: 7e:f6:b6:9a:5d:2f:7d:d6:c2:3a:7c:e1:7a:92:1b:4c:22:7d: c7:73:e4:3d:5f:c1:ff:21:e6:1b:9a:b2:2d:5b:9f:c5:ae:f6: d0:5e:dc:e2:9a:8b:e7:89:14:61:c0:0f:5d:c4:a3:40:bf:17: f2:48:88:d8:dd:70:20:62:f7:69:e5:ce:6a:56:79:ea:17:db: 2a:32:7f:35:88:59:cd:45:73:24:17:23:af:02:7a:d9:13:75: bc:47:1b:2f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIGcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYz OUQ2QzIzODg5MzQ1MUEwNkVCMzRDNTJENzdBQkMxODkwNkJFMDAeFw0yNTA5MTMw MzEwMTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEVGM0NDQzc0MUVFRUU1 QUNCRkJEOEJDNEYzNzMyMjcwRDhFM0Y1N0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC40ES2WP/g0U7ZN8XxYvUPaiPDLrS274Q1xlfQKkUtGihLxZNG RmEoRmxEzOhC8zN9qtQE0jBgrNBsf8euomtZ3SbiSU5r8jgKcBWcPpiTbIu+tRq2 0LOh0Lv5u9rpqLYVd9NrJjQs6F4CXuCDuukOYp6xY4UtGm7XcxxE/IYjXiIBQpSr dsWsvo8SL+MXgtlDIuhZ1osYrC+P3rqwma0GpUetQ6MNkfR6Uf2ib98NasemyNwo NcZRSkMVPxiz2eMguYVF9tYuPOgo5AbxZxQMta62ORMnIrmMxkOrMYPkXDWJ737l F81Fq4nspOYlgvVR4O0wixg6S6VOmiMhXWLzAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU7zzMdB7u5ay/vYvE83MicNjj9XowHwYDVR0jBBgwFoAULznWwjiJNFGgbrNM Utd6vBiQa+AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg5 OC9Mem5Xd2ppSk5GR2dick5NVXRkNnZCaVFhLUEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0x6bld3amlKTkZHZ2JyTk1VdGQ2dkJpUWEtQS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4OTgvN3p6TWRCN3U1YXlf dll2RTgzTWljTmpqOVhvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWeMDjANBgkqhkiG9w0BAQsFAAOCAQEAeNcSbQ4NHbLHrSa+wpwtvKk9qOeO aJmefQC9b/gftu+7p2TOBeOIDSvnUIwWvTGi70H0Doj8S/fJRxstjGlswkIskxNo qOGMZaho7bVx0JDLo+16gpOl+Mro5cqEGSk0e6YjZwNrUMybc3mvoz2uUfiQq77p hI8ve7+yzeeLx+8Bik36xsnV2NlLxjK/MT+qjuRR4KLruHfkmwjh5AgSwLBkfva2 ml0vfdbCOnzhepIbTCJ9x3PkPV/B/yHmG5qyLVufxa720F7c4pqL54kUYcAPXcSj QL8X8kiI2N1wIGL3aeXOalZ56hfbKjJ/NYhZzUVzJBcjrwJ62RN1vEcbLw== -----END CERTIFICATE-----Generated at Mon Oct 20 16:08:34 2025 by rpki-client