$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3051/qdfiI2Y17pKUSM8_poz1SVLUglM.roa File: qdfiI2Y17pKUSM8_poz1SVLUglM.roa (raw, json) Hash identifier: Qt1HJ94TCNTNrlkYIPGsR9ES/pRyt3LS1fuaFkyaClY= Subject key identifier: A9:D7:E2:23:66:35:EE:92:94:48:CF:3F:A6:8C:F5:49:52:D4:82:53 Certificate issuer: /CN=FC03F2F966F62BFDC66B041562E9BA40032DA09E Certificate serial: 21C9 Authority key identifier: FC:03:F2:F9:66:F6:2B:FD:C6:6B:04:15:62:E9:BA:40:03:2D:A0:9E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_APy-Wb2K_3GawQVYum6QAMtoJ4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3051/qdfiI2Y17pKUSM8_poz1SVLUglM.roa Signing time: Sat 13 Sep 2025 03:03:31 +0000 ROA not before: Sat 13 Sep 2025 03:03:31 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 24409 IP address blocks: 111.223.8.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3051/_APy-Wb2K_3GawQVYum6QAMtoJ4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3051/_APy-Wb2K_3GawQVYum6QAMtoJ4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_APy-Wb2K_3GawQVYum6QAMtoJ4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8649 (0x21c9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FC03F2F966F62BFDC66B041562E9BA40032DA09E Validity Not Before: Sep 13 03:03:31 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=A9D7E2236635EE929448CF3FA68CF54952D48253 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:c7:d2:09:96:38:40:24:52:6c:26:a9:f0:40: 6b:d5:e9:37:14:7b:67:34:ba:bf:32:8d:e3:9a:52: 72:3e:6d:cf:84:f3:94:86:1a:e5:a6:b6:0a:11:c1: 6b:6c:b8:60:f3:e5:86:bd:51:fe:ec:eb:98:70:57: b9:01:25:13:ff:19:bf:d1:28:be:15:5c:e8:d8:2d: e4:d1:c0:d9:5a:90:6d:85:f5:01:8f:ef:70:34:b6: 1e:9f:ea:0f:eb:c4:2c:dc:59:60:ef:cb:71:28:04: ef:31:d0:66:09:dc:90:66:9f:c6:b0:bb:ab:49:54: 53:3b:03:e4:d9:72:29:43:d1:77:8e:22:2a:32:79: 9a:61:cb:fd:ea:6e:63:98:ac:24:3b:fe:ec:2d:01: fc:22:e2:13:49:58:98:a7:15:f3:3f:d4:0a:75:59: 6f:41:27:78:9b:eb:ea:31:0c:fc:26:56:01:8e:83: 1d:86:ff:ae:fc:3a:30:8c:2e:dc:63:70:75:a7:fa: b5:67:2e:f5:5f:89:93:bc:1a:c6:78:ad:e0:5f:b8: ef:a7:97:74:6a:8a:f2:31:13:f7:28:0c:b2:75:37: e3:8d:ea:a7:7f:c4:80:e3:18:e9:e8:a7:1a:d7:fe: 9c:e8:d3:07:4f:b3:1d:16:b0:89:32:6f:f5:b6:ee: e8:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:D7:E2:23:66:35:EE:92:94:48:CF:3F:A6:8C:F5:49:52:D4:82:53 X509v3 Authority Key Identifier: keyid:FC:03:F2:F9:66:F6:2B:FD:C6:6B:04:15:62:E9:BA:40:03:2D:A0:9E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3051/_APy-Wb2K_3GawQVYum6QAMtoJ4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_APy-Wb2K_3GawQVYum6QAMtoJ4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3051/qdfiI2Y17pKUSM8_poz1SVLUglM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 111.223.8.0/22 Signature Algorithm: sha256WithRSAEncryption 47:ec:cc:80:ac:74:87:d2:4f:ec:a5:f5:fd:b2:9c:b2:b2:c6: c0:f3:39:9d:7a:f4:3c:b1:db:95:b5:d2:bd:73:5a:e0:69:da: 56:0e:9f:c4:6c:25:fc:6d:4e:82:0d:a5:70:10:59:aa:48:05: f2:95:4c:ad:ab:9e:a6:fc:82:c0:bf:fe:cd:42:df:c0:fe:0f: e3:30:5d:b3:e2:25:d3:03:8c:e7:6f:12:8a:61:0d:d5:05:e3: 10:6a:f9:7a:1f:0c:3d:71:cf:64:8a:e8:9a:ad:49:24:57:fd: b9:73:13:18:2a:4f:1f:d7:72:c7:83:52:c2:b6:c4:0d:9f:ce: 78:9e:61:0b:a0:49:54:eb:9e:ca:8d:71:28:08:54:7c:fa:44: 9a:11:a0:e4:89:e4:7d:83:0e:59:4d:3a:1b:b6:b0:bd:60:30: 75:88:30:f5:3e:a0:fe:c2:a5:d6:e0:cb:08:3a:f0:a9:41:87: b6:80:0c:d0:17:4f:da:ce:a3:ac:1d:1c:f0:15:74:a9:dc:53: fe:ee:5d:83:3d:07:e1:aa:1e:9d:27:16:72:bf:5b:77:8a:08: db:07:86:95:c0:40:fa:30:d2:f5:08:74:07:ff:82:28:16:3a: ff:c9:13:72:eb:d5:b8:41:65:59:d3:f0:45:2a:a5:94:e8:ec: cb:65:fe:6b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkMw M0YyRjk2NkY2MkJGREM2NkIwNDE1NjJFOUJBNDAwMzJEQTA5RTAeFw0yNTA5MTMw MzAzMzFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEE5RDdFMjIzNjYzNUVF OTI5NDQ4Q0YzRkE2OENGNTQ5NTJENDgyNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDjx9IJljhAJFJsJqnwQGvV6TcUe2c0ur8yjeOaUnI+bc+E85SG GuWmtgoRwWtsuGDz5Ya9Uf7s65hwV7kBJRP/Gb/RKL4VXOjYLeTRwNlakG2F9QGP 73A0th6f6g/rxCzcWWDvy3EoBO8x0GYJ3JBmn8awu6tJVFM7A+TZcilD0XeOIioy eZphy/3qbmOYrCQ7/uwtAfwi4hNJWJinFfM/1Ap1WW9BJ3ib6+oxDPwmVgGOgx2G /678OjCMLtxjcHWn+rVnLvVfiZO8GsZ4reBfuO+nl3RqivIxE/coDLJ1N+ON6qd/ xIDjGOnopxrX/pzo0wdPsx0WsIkyb/W27uiPAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUqdfiI2Y17pKUSM8/poz1SVLUglMwHwYDVR0jBBgwFoAU/APy+Wb2K/3GawQV Yum6QAMtoJ4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA1 MS9fQVB5LVdiMktfM0dhd1FWWXVtNlFBTXRvSjQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL19BUHktV2IyS18zR2F3UVZZdW02UUFNdG9KNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNTEvcWRmaUkyWTE3cEtV U004X3BvejFTVkxVZ2xNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAm/fCDANBgkqhkiG9w0BAQsFAAOCAQEAR+zMgKx0h9JP7KX1/bKcsrLGwPM5 nXr0PLHblbXSvXNa4GnaVg6fxGwl/G1Ogg2lcBBZqkgF8pVMrauepvyCwL/+zULf wP4P4zBds+Il0wOM528SimEN1QXjEGr5eh8MPXHPZIromq1JJFf9uXMTGCpPH9dy x4NSwrbEDZ/OeJ5hC6BJVOueyo1xKAhUfPpEmhGg5InkfYMOWU06G7awvWAwdYgw 9T6g/sKl1uDLCDrwqUGHtoAM0BdP2s6jrB0c8BV0qdxT/u5dgz0H4aoenScWcr9b d4oI2weGlcBA+jDS9Qh0B/+CKBY6/8kTcuvVuEFlWdPwRSqllOjsy2X+aw== -----END CERTIFICATE-----Generated at Mon Oct 20 05:45:46 2025 by rpki-client