$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/4UrDTuI3fRzxDkq9jmbrDmI-UHA.roa File: 4UrDTuI3fRzxDkq9jmbrDmI-UHA.roa (raw, json) Hash identifier: oZG+CE81ah9aXVNLu38K4yiAAENpfLNqjhEmoyhOSrs= Subject key identifier: E1:4A:C3:4E:E2:37:7D:1C:F1:0E:4A:BD:8E:66:EB:0E:62:3E:50:70 Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB Certificate serial: 2681 Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/4UrDTuI3fRzxDkq9jmbrDmI-UHA.roa Signing time: Sat 13 Sep 2025 03:08:54 +0000 ROA not before: Sat 13 Sep 2025 03:08:54 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139139 IP address blocks: 103.152.186.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 04:07:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9857 (0x2681) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB Validity Not Before: Sep 13 03:08:54 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=E14AC34EE2377D1CF10E4ABD8E66EB0E623E5070 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:77:82:7a:45:91:13:8e:74:bf:e5:32:f7:5d: af:c6:d6:2f:21:e3:ba:9f:24:96:b4:02:05:b1:60: 14:eb:60:b7:29:28:c5:8d:b4:17:3f:f2:14:91:55: 19:9f:fc:11:5e:0a:ad:26:8d:ab:fa:56:b3:93:fc: bf:42:29:37:cf:80:83:41:e2:f7:3a:94:a6:c5:cf: 99:92:ae:90:f3:a8:16:20:c5:23:16:91:ca:91:0c: f0:68:3c:cc:44:00:98:a0:44:e2:d3:af:05:2e:c9: 4c:e2:58:64:e3:6d:d4:1e:5c:65:e4:4c:e1:61:a3: 0b:9c:d4:73:f7:e1:8c:03:2c:b9:d9:34:ae:e1:9c: 2d:c6:39:bf:5a:75:80:69:b0:a3:ae:1f:41:f2:b4: 88:c3:a9:c2:37:33:ce:f7:ac:8d:e1:e3:27:30:8b: ab:8d:80:13:25:59:ba:68:3a:5d:0e:d8:de:00:33: 32:d4:0e:4c:8d:28:ae:04:a5:f2:a6:b2:63:44:f5: 87:fb:e6:21:4c:cc:c5:21:d2:bb:1f:9d:69:c2:c1: a9:1d:1d:ef:63:a5:cc:d3:0a:59:eb:00:8d:75:5e: 9c:28:7a:80:42:4b:10:ce:aa:bb:1c:80:9f:b6:74: a5:9e:fe:28:a1:29:a8:b5:a4:c0:e9:c8:f5:bb:01: a2:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:4A:C3:4E:E2:37:7D:1C:F1:0E:4A:BD:8E:66:EB:0E:62:3E:50:70 X509v3 Authority Key Identifier: keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/4UrDTuI3fRzxDkq9jmbrDmI-UHA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.152.186.0/23 Signature Algorithm: sha256WithRSAEncryption 9a:59:55:c2:55:a9:e9:1a:2a:e3:10:ac:a8:fc:70:96:5f:d4: 26:48:94:bd:a7:21:4e:9a:91:0e:e8:85:b9:44:6d:4b:ec:aa: 62:5e:5a:9a:e6:c8:b2:c3:33:94:f5:40:28:a8:ea:3b:f2:f7: f6:91:ec:26:88:7e:9c:8c:0c:37:0a:79:c7:9b:6d:0e:2c:bc: ea:1b:8a:ef:a6:a3:c0:e8:87:7e:1f:79:44:3e:c6:73:dc:0a: 7d:ac:6e:de:83:5c:8a:30:06:bc:1d:0c:10:22:98:97:08:9d: b4:57:e4:65:de:02:fc:b7:a2:fa:47:2a:1e:a5:fd:09:4d:03: a3:c1:7e:ba:7b:60:a8:4c:96:d1:c0:63:ef:14:24:a7:3b:02: 07:8a:19:ee:df:74:04:12:c0:73:4f:26:37:f9:76:2c:b5:2c: b3:03:ae:a5:11:f2:06:19:43:de:e6:f4:b1:55:fd:1c:2d:05: b0:00:25:74:23:5f:53:c5:19:67:86:bb:57:3f:7b:0a:3f:a7: 9c:df:fc:08:f6:cd:dc:44:71:e8:bb:f6:0a:c2:49:c7:11:f4: 73:c0:33:21:1c:40:b3:95:4f:0e:8c:18:49:40:9c:a4:ba:ba: 79:da:51:98:f9:11:ae:c9:17:9c:5e:71:bb:d2:d9:0a:e6:c6: 37:8d:bf:0c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICJoEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNTA5MTMw MzA4NTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEUxNEFDMzRFRTIzNzdE MUNGMTBFNEFCRDhFNjZFQjBFNjIzRTUwNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNd4J6RZETjnS/5TL3Xa/G1i8h47qfJJa0AgWxYBTrYLcpKMWN tBc/8hSRVRmf/BFeCq0mjav6VrOT/L9CKTfPgINB4vc6lKbFz5mSrpDzqBYgxSMW kcqRDPBoPMxEAJigROLTrwUuyUziWGTjbdQeXGXkTOFhowuc1HP34YwDLLnZNK7h nC3GOb9adYBpsKOuH0HytIjDqcI3M873rI3h4ycwi6uNgBMlWbpoOl0O2N4AMzLU DkyNKK4EpfKmsmNE9Yf75iFMzMUh0rsfnWnCwakdHe9jpczTClnrAI11XpwoeoBC SxDOqrscgJ+2dKWe/iihKai1pMDpyPW7AaLfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU4UrDTuI3fRzxDkq9jmbrDmI+UHAwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4 OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvNFVyRFR1STNmUnp4 RGtxOWptYnJEbUktVUhBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWeYujANBgkqhkiG9w0BAQsFAAOCAQEAmllVwlWp6Roq4xCsqPxwll/UJkiU vachTpqRDuiFuURtS+yqYl5amubIssMzlPVAKKjqO/L39pHsJoh+nIwMNwp5x5tt Diy86huK76ajwOiHfh95RD7Gc9wKfaxu3oNcijAGvB0MECKYlwidtFfkZd4C/Lei +kcqHqX9CU0Do8F+untgqEyW0cBj7xQkpzsCB4oZ7t90BBLAc08mN/l2LLUsswOu pRHyBhlD3ub0sVX9HC0FsAAldCNfU8UZZ4a7Vz97Cj+nnN/8CPbN3ERx6Lv2CsJJ xxH0c8AzIRxAs5VPDowYSUCcpLq6edpRmPkRrskXnF5xu9LZCubGN42/DA== -----END CERTIFICATE-----Generated at Tue Oct 21 02:28:21 2025 by rpki-client