$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/QWNPUriuPTu9mMN7kkS5vSl3FpQ.roa File: QWNPUriuPTu9mMN7kkS5vSl3FpQ.roa (raw, json) Hash identifier: wpNrPvLlM/Y/pcvk+2/pS1oFpwzKcTWyZzPhM+/WiEw= Subject key identifier: 41:63:4F:52:B8:AE:3D:3B:BD:98:C3:7B:92:44:B9:BD:29:77:16:94 Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB Certificate serial: 267D Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/QWNPUriuPTu9mMN7kkS5vSl3FpQ.roa Signing time: Sat 13 Sep 2025 03:08:54 +0000 ROA not before: Sat 13 Sep 2025 03:08:54 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4538 IP address blocks: 103.152.186.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9853 (0x267d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB Validity Not Before: Sep 13 03:08:54 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=41634F52B8AE3D3BBD98C37B9244B9BD29771694 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:35:ac:7c:ee:45:25:f9:dc:cb:13:de:fc:9d: 14:1b:73:b6:d4:5a:9f:02:02:d8:f3:0e:b6:16:1e: fe:90:93:f0:34:6e:67:f6:28:e9:a6:a5:6f:cf:d3: d3:bd:28:88:54:cb:02:fa:53:1c:79:3a:3b:b9:da: 29:3c:c4:6e:a8:ac:d9:88:69:ea:e4:20:d7:81:21: 90:45:08:e8:de:0e:5a:0d:7c:6f:3e:31:4b:3c:b6: 90:9d:03:fb:8c:19:10:64:94:67:e8:0e:52:1a:70: 77:ec:58:a7:34:da:7f:0d:ef:ce:03:a7:26:5f:01: 3f:4c:31:f6:6d:30:f7:3e:ba:95:1c:47:e7:bb:7a: 27:d1:22:5d:a6:16:82:d8:d5:28:c2:10:71:c5:05: 09:05:57:ed:92:1a:21:1b:4e:a0:95:94:b8:59:33: 74:97:76:a1:41:29:b4:5a:04:7a:55:25:b1:0c:17: 42:12:cd:b6:95:57:65:48:e5:23:e7:19:da:19:57: e8:9d:ab:2a:08:8b:5e:cf:5d:96:25:ea:f9:d0:fd: 92:ae:35:f1:a3:06:41:25:81:c4:9c:90:3e:e2:13: b6:1a:85:2b:d8:e8:79:9b:fb:df:61:60:c5:5b:10: 1e:69:43:cb:ae:04:55:bb:13:c9:99:24:55:c0:b5: 12:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:63:4F:52:B8:AE:3D:3B:BD:98:C3:7B:92:44:B9:BD:29:77:16:94 X509v3 Authority Key Identifier: keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/QWNPUriuPTu9mMN7kkS5vSl3FpQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.152.186.0/23 Signature Algorithm: sha256WithRSAEncryption 41:52:21:94:3f:36:89:1b:06:1a:c2:e9:08:42:34:6b:24:bc: 4f:2c:51:f0:97:9d:4b:61:44:f4:d2:7b:03:37:a4:74:fe:e0: 43:c1:00:4e:bf:ce:be:da:ca:9a:98:8c:46:34:62:91:0d:87: c6:1e:92:f4:75:86:a1:9b:4d:1a:76:38:9d:76:84:9c:d3:8d: 47:91:f6:a5:c3:12:08:ff:2a:0a:99:f9:fa:d5:78:be:04:10: ac:0d:32:3f:af:b1:10:0a:3f:a5:63:c4:86:57:dd:cb:c8:27: 08:c9:48:7f:99:0e:7d:1d:2a:17:c9:ea:51:ca:9b:5b:07:d9: ec:dd:c0:57:8d:e5:eb:d3:03:6a:e5:ed:e6:31:d5:aa:90:5a: a2:11:c2:38:30:f1:dd:8d:e6:c0:7d:9b:90:ea:9b:ce:91:03: 4e:0d:0b:48:f6:2d:20:84:aa:6b:b0:5f:53:29:15:d9:45:27: 07:da:87:ce:b4:00:9d:67:eb:24:3c:d3:07:fd:df:78:91:c7: a7:a8:80:b1:69:22:e1:f9:c9:e3:79:25:95:c8:e1:d2:48:6d: 40:d9:bc:f0:0f:3d:30:9e:2c:99:5d:85:9e:53:aa:84:0b:b8: 80:87:96:9f:1f:03:ec:08:df:98:e5:06:78:b8:29:f6:83:82: 65:80:45:78 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICJn0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNTA5MTMw MzA4NTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQxNjM0RjUyQjhBRTNE M0JCRDk4QzM3QjkyNDRCOUJEMjk3NzE2OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDcNax87kUl+dzLE978nRQbc7bUWp8CAtjzDrYWHv6Qk/A0bmf2 KOmmpW/P09O9KIhUywL6Uxx5Oju52ik8xG6orNmIaerkINeBIZBFCOjeDloNfG8+ MUs8tpCdA/uMGRBklGfoDlIacHfsWKc02n8N784DpyZfAT9MMfZtMPc+upUcR+e7 eifRIl2mFoLY1SjCEHHFBQkFV+2SGiEbTqCVlLhZM3SXdqFBKbRaBHpVJbEMF0IS zbaVV2VI5SPnGdoZV+idqyoIi17PXZYl6vnQ/ZKuNfGjBkElgcSckD7iE7YahSvY 6Hmb+99hYMVbEB5pQ8uuBFW7E8mZJFXAtRLHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUQWNPUriuPTu9mMN7kkS5vSl3FpQwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4 OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvUVdOUFVyaXVQVHU5 bU1ON2trUzV2U2wzRnBRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWeYujANBgkqhkiG9w0BAQsFAAOCAQEAQVIhlD82iRsGGsLpCEI0ayS8TyxR 8JedS2FE9NJ7AzekdP7gQ8EATr/OvtrKmpiMRjRikQ2Hxh6S9HWGoZtNGnY4nXaE nNONR5H2pcMSCP8qCpn5+tV4vgQQrA0yP6+xEAo/pWPEhlfdy8gnCMlIf5kOfR0q F8nqUcqbWwfZ7N3AV43l69MDauXt5jHVqpBaohHCODDx3Y3mwH2bkOqbzpEDTg0L SPYtIISqa7BfUykV2UUnB9qHzrQAnWfrJDzTB/3feJHHp6iAsWki4fnJ43kllcjh 0khtQNm88A89MJ4smV2FnlOqhAu4gIeWnx8D7AjfmOUGeLgp9oOCZYBFeA== -----END CERTIFICATE-----Generated at Mon Oct 20 17:57:50 2025 by rpki-client