$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/aekWbbTAGrNHbz8lLX-GB4mJ8ik.roa File: aekWbbTAGrNHbz8lLX-GB4mJ8ik.roa (raw, json) Hash identifier: FkyXPmVJ+75fAa1b8K1Ig0vIl03U88Oy2qI2mnVkFoA= Subject key identifier: 69:E9:16:6D:B4:C0:1A:B3:47:6F:3F:25:2D:7F:86:07:89:89:F2:29 Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB Certificate serial: 2683 Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/aekWbbTAGrNHbz8lLX-GB4mJ8ik.roa Signing time: Sat 13 Sep 2025 03:08:54 +0000 ROA not before: Sat 13 Sep 2025 03:08:54 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4538 IP address blocks: 103.152.186.0/24 maxlen: 24 103.152.187.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9859 (0x2683) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB Validity Not Before: Sep 13 03:08:54 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=69E9166DB4C01AB3476F3F252D7F86078989F229 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:89:06:57:25:73:67:e1:68:40:dc:6b:b8:56: 3d:f2:90:21:98:cc:b1:0e:9f:af:97:0a:44:ad:e2: 66:de:3c:13:fb:de:5b:34:28:48:a5:d6:57:c6:8d: 4c:72:80:96:07:29:c9:52:37:a5:32:d7:81:84:08: 21:d7:2a:fd:69:84:c3:c2:4a:89:08:09:76:f4:fc: e6:97:57:6d:9b:5e:7c:8f:f7:4d:44:ff:4f:1c:2d: 34:e1:78:8a:c0:cd:98:4c:31:6c:87:00:fa:e8:22: f1:60:7c:b6:be:1e:47:e9:5a:43:f4:80:1f:50:28: 1d:8d:18:82:5e:63:0d:d8:b1:0a:1c:50:fc:9f:25: 0e:16:20:9b:28:e5:9e:4a:89:12:8e:84:18:4c:11: 8e:e5:6e:b4:32:be:18:62:6e:bf:cd:d3:57:f4:bc: fc:0c:a6:42:d8:d4:ad:f4:f5:0c:10:e1:34:e9:4e: 6f:cf:15:d8:1e:92:b6:d7:af:b4:c0:af:68:49:46: 56:8a:49:01:af:33:a2:8a:0a:ee:75:57:fd:0d:46: 42:c3:17:ac:a8:0b:92:24:c3:40:9b:0b:28:58:22: 1a:1a:dc:18:68:63:79:96:ae:5a:13:85:c5:5f:be: 49:74:ef:e1:cc:69:70:a4:e7:d2:b6:0e:1e:c5:05: 80:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:E9:16:6D:B4:C0:1A:B3:47:6F:3F:25:2D:7F:86:07:89:89:F2:29 X509v3 Authority Key Identifier: keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/aekWbbTAGrNHbz8lLX-GB4mJ8ik.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.152.186.0/23 Signature Algorithm: sha256WithRSAEncryption 6a:36:e1:97:79:bf:59:8c:bb:da:3b:77:8f:f7:e5:04:12:b2: eb:90:93:b0:00:7f:3d:f8:83:dc:c6:e9:48:8e:c8:ed:8f:6a: b5:c3:4e:8d:f8:8c:2f:ad:c4:00:f1:ae:27:74:ba:b4:68:f5: f4:6e:b7:b1:99:28:3e:5a:6f:5d:5d:73:43:d5:97:02:a9:23: 9a:0f:69:41:6b:9f:f2:f5:0e:05:25:7d:d9:2a:95:35:e3:2a: c8:c1:3a:83:a2:63:43:dd:c6:bb:8a:c5:4b:83:3c:95:3b:8b: 2f:70:ad:29:58:88:62:0f:9c:af:53:f7:2c:27:13:1e:11:f0: 35:e6:71:7d:70:6c:26:b9:a8:4a:05:5e:3b:e7:b3:20:8f:19: d1:ab:f4:57:71:c4:36:7f:99:3c:9d:32:b1:c0:cf:0b:d3:73: 44:0f:4c:0b:b0:4d:42:d8:3d:79:40:6e:60:7f:65:8d:15:e1: d9:a7:83:95:74:04:bd:74:85:c6:65:b1:f2:7e:a2:83:98:7c: 2c:2a:39:77:61:e9:ab:61:e9:ba:ec:aa:7e:79:aa:2c:15:22: a4:4f:89:f7:6c:c3:fe:8e:04:3f:f7:71:18:b4:6d:73:6d:26: bb:50:db:ae:5e:ec:6a:ce:bf:e4:34:d4:64:bb:f0:1d:b2:f8: 2c:3d:df:47 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICJoMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNTA5MTMw MzA4NTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDY5RTkxNjZEQjRDMDFB QjM0NzZGM0YyNTJEN0Y4NjA3ODk4OUYyMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDciQZXJXNn4WhA3Gu4Vj3ykCGYzLEOn6+XCkSt4mbePBP73ls0 KEil1lfGjUxygJYHKclSN6Uy14GECCHXKv1phMPCSokICXb0/OaXV22bXnyP901E /08cLTTheIrAzZhMMWyHAProIvFgfLa+HkfpWkP0gB9QKB2NGIJeYw3YsQocUPyf JQ4WIJso5Z5KiRKOhBhMEY7lbrQyvhhibr/N01f0vPwMpkLY1K309QwQ4TTpTm/P FdgekrbXr7TAr2hJRlaKSQGvM6KKCu51V/0NRkLDF6yoC5Ikw0CbCyhYIhoa3Bho Y3mWrloThcVfvkl07+HMaXCk59K2Dh7FBYCVAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUaekWbbTAGrNHbz8lLX+GB4mJ8ikwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4 OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvYWVrV2JiVEFHck5I Yno4bExYLUdCNG1KOGlrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWeYujANBgkqhkiG9w0BAQsFAAOCAQEAajbhl3m/WYy72jt3j/flBBKy65CT sAB/PfiD3MbpSI7I7Y9qtcNOjfiML63EAPGuJ3S6tGj19G63sZkoPlpvXV1zQ9WX Aqkjmg9pQWuf8vUOBSV92SqVNeMqyME6g6JjQ93Gu4rFS4M8lTuLL3CtKViIYg+c r1P3LCcTHhHwNeZxfXBsJrmoSgVeO+ezII8Z0av0V3HENn+ZPJ0yscDPC9NzRA9M C7BNQtg9eUBuYH9ljRXh2aeDlXQEvXSFxmWx8n6ig5h8LCo5d2Hpq2Hpuuyqfnmq LBUipE+J92zD/o4EP/dxGLRtc20mu1Dbrl7sas6/5DTUZLvwHbL4LD3fRw== -----END CERTIFICATE-----Generated at Mon Oct 20 17:57:41 2025 by rpki-client