$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2994/Ydhaj_TAAbcwkOTWoK0pY9cYh3g.roa File: Ydhaj_TAAbcwkOTWoK0pY9cYh3g.roa (raw, json) Hash identifier: 5KFsPmMUx5QzZ0N7JDhHHwC6nZ0kXxl38h6lp7xZLzY= Subject key identifier: 61:D8:5A:8F:F4:C0:01:B7:30:90:E4:D6:A0:AD:29:63:D7:18:87:78 Certificate issuer: /CN=17599D99A531F81B15D7BD9EF2D4689831F0D85D Certificate serial: 0712 Authority key identifier: 17:59:9D:99:A5:31:F8:1B:15:D7:BD:9E:F2:D4:68:98:31:F0:D8:5D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/F1mdmaUx-BsV172e8tRomDHw2F0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/Ydhaj_TAAbcwkOTWoK0pY9cYh3g.roa Signing time: Sat 13 Sep 2025 03:03:16 +0000 ROA not before: Sat 13 Sep 2025 03:03:16 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 152475 IP address blocks: 103.152.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F1mdmaUx-BsV172e8tRomDHw2F0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F1mdmaUx-BsV172e8tRomDHw2F0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/F1mdmaUx-BsV172e8tRomDHw2F0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:04:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1810 (0x712) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=17599D99A531F81B15D7BD9EF2D4689831F0D85D Validity Not Before: Sep 13 03:03:16 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=61D85A8FF4C001B73090E4D6A0AD2963D7188778 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:4c:2f:39:4f:f7:78:a1:a8:b7:bc:f4:00:f2: 54:49:0f:6f:1b:4a:c8:31:d9:39:d0:35:38:61:09: 92:3a:42:84:11:0f:5a:5a:84:ba:8f:16:fb:6b:6e: 36:e6:46:6e:68:a6:ac:83:94:e8:72:c6:3b:9e:c9: e9:f1:70:fc:1d:c9:68:38:44:40:8d:1c:5e:dd:c2: d2:56:10:12:ff:19:b6:14:58:2d:37:6b:a6:90:57: ff:32:dc:5b:51:ef:42:d1:ab:89:e0:2c:cd:5c:c2: 32:2a:18:cf:e7:59:58:19:c4:b1:1b:bf:8e:98:8d: 88:01:82:76:64:13:13:c9:e9:6a:9d:b1:b0:10:ac: 24:1f:22:2f:80:53:9d:32:f6:f2:1c:a1:91:8c:58: a3:ab:02:ce:93:3f:a3:bc:f0:80:34:e5:16:a4:b3: 77:56:b6:4a:dc:16:f2:f7:12:21:83:5e:f8:a5:97: 69:d4:f1:8a:85:f0:d5:cd:bd:4a:73:9f:a2:e0:74: 86:c8:35:fd:d0:b6:fd:50:79:55:00:2b:cc:24:1b: ca:b7:10:da:ea:a3:db:ca:11:7c:55:3a:b9:27:42: 6c:b8:56:ab:a9:28:bb:dd:70:b6:37:8b:1a:8f:74: 73:a8:d4:e3:33:06:38:36:7a:42:35:dd:30:98:eb: d6:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:D8:5A:8F:F4:C0:01:B7:30:90:E4:D6:A0:AD:29:63:D7:18:87:78 X509v3 Authority Key Identifier: keyid:17:59:9D:99:A5:31:F8:1B:15:D7:BD:9E:F2:D4:68:98:31:F0:D8:5D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F1mdmaUx-BsV172e8tRomDHw2F0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/F1mdmaUx-BsV172e8tRomDHw2F0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/Ydhaj_TAAbcwkOTWoK0pY9cYh3g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.152.247.0/24 Signature Algorithm: sha256WithRSAEncryption af:64:20:0d:c6:25:e1:d3:e6:4c:28:90:ef:3a:a1:b7:8a:a0: 3b:2b:40:eb:fe:12:a1:40:e0:5a:26:56:c5:65:2a:39:62:0a: d2:3d:bb:53:9e:19:6a:c1:ee:27:f7:3a:dc:ef:6a:dc:3f:36: 28:f9:34:33:ff:16:bf:b3:b8:24:61:e7:87:e6:d9:6d:a6:48: 9a:e7:a7:65:f4:87:29:68:a4:38:eb:6a:b7:e5:c8:25:01:48: 69:01:65:c4:61:c1:84:a4:cc:ef:07:c3:d7:39:8d:3d:13:95: bb:06:d5:35:4f:b1:50:d6:c3:cf:ad:c8:ec:b0:bc:0e:7f:c8: 86:52:c4:0e:91:55:af:87:15:0a:b3:03:6c:bc:2e:17:df:af: 65:ff:00:4d:d6:c0:0b:3e:e2:c8:22:f4:6d:c9:8c:26:96:32: 0d:c4:90:59:4f:8c:e2:8c:4f:64:f2:79:14:0b:b9:61:64:ed: d6:23:23:55:90:55:f3:e7:aa:7a:18:1a:0e:d7:89:01:72:6c: d3:c5:9b:e5:b0:73:c5:ce:40:df:b7:f9:cd:8d:21:b2:c8:93: 8f:87:f7:56:da:9f:34:ba:e1:54:3e:e6:7e:7a:ec:60:98:51: 6a:5f:c0:23:f3:23:3f:03:ed:ba:7c:e4:6f:fd:75:51:5c:05: 4e:b1:47:9a -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBxIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTc1 OTlEOTlBNTMxRjgxQjE1RDdCRDlFRjJENDY4OTgzMUYwRDg1RDAeFw0yNTA5MTMw MzAzMTZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDYxRDg1QThGRjRDMDAx QjczMDkwRTRENkEwQUQyOTYzRDcxODg3NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+TC85T/d4oai3vPQA8lRJD28bSsgx2TnQNThhCZI6QoQRD1pa hLqPFvtrbjbmRm5opqyDlOhyxjueyenxcPwdyWg4RECNHF7dwtJWEBL/GbYUWC03 a6aQV/8y3FtR70LRq4ngLM1cwjIqGM/nWVgZxLEbv46YjYgBgnZkExPJ6WqdsbAQ rCQfIi+AU50y9vIcoZGMWKOrAs6TP6O88IA05Raks3dWtkrcFvL3EiGDXvill2nU 8YqF8NXNvUpzn6LgdIbINf3Qtv1QeVUAK8wkG8q3ENrqo9vKEXxVOrknQmy4Vqup KLvdcLY3ixqPdHOo1OMzBjg2ekI13TCY69ZXAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUYdhaj/TAAbcwkOTWoK0pY9cYh3gwHwYDVR0jBBgwFoAUF1mdmaUx+BsV172e 8tRomDHw2F0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk5 NC9GMW1kbWFVeC1Cc1YxNzJlOHRSb21ESHcyRjAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0YxbWRtYVV4LUJzVjE3MmU4dFJvbURIdzJGMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5OTQvWWRoYWpfVEFBYmN3 a09UV29LMHBZOWNZaDNnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGeY9zANBgkqhkiG9w0BAQsFAAOCAQEAr2QgDcYl4dPmTCiQ7zqht4qgOytA 6/4SoUDgWiZWxWUqOWIK0j27U54ZasHuJ/c63O9q3D82KPk0M/8Wv7O4JGHnh+bZ baZImuenZfSHKWikOOtqt+XIJQFIaQFlxGHBhKTM7wfD1zmNPROVuwbVNU+xUNbD z63I7LC8Dn/IhlLEDpFVr4cVCrMDbLwuF9+vZf8ATdbACz7iyCL0bcmMJpYyDcSQ WU+M4oxPZPJ5FAu5YWTt1iMjVZBV8+eqehgaDteJAXJs08Wb5bBzxc5A37f5zY0h ssiTj4f3VtqfNLrhVD7mfnrsYJhRal/AI/MjPwPtunzkb/11UVwFTrFHmg== -----END CERTIFICATE-----Generated at Mon Oct 20 14:31:05 2025 by rpki-client