$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3072/kQqEoW2C1u_i74VNhvXX-Dr3YlQ.roa File: kQqEoW2C1u_i74VNhvXX-Dr3YlQ.roa (raw, json) Hash identifier: G8WqbzCL4FWPiGR2sonVxXYdCANJGBrvcs+bzJfvm80= Subject key identifier: 91:0A:84:A1:6D:82:D6:EF:E2:EF:85:4D:86:F5:D7:F8:3A:F7:62:54 Certificate issuer: /CN=C2BFB235F570652A8BCB0416F6FCC4443F658CA1 Certificate serial: 2100 Authority key identifier: C2:BF:B2:35:F5:70:65:2A:8B:CB:04:16:F6:FC:C4:44:3F:65:8C:A1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wr-yNfVwZSqLywQW9vzERD9ljKE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3072/kQqEoW2C1u_i74VNhvXX-Dr3YlQ.roa Signing time: Sat 13 Sep 2025 03:04:16 +0000 ROA not before: Sat 13 Sep 2025 03:04:16 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4837 IP address blocks: 103.163.180.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3072/wr-yNfVwZSqLywQW9vzERD9ljKE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3072/wr-yNfVwZSqLywQW9vzERD9ljKE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wr-yNfVwZSqLywQW9vzERD9ljKE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8448 (0x2100) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C2BFB235F570652A8BCB0416F6FCC4443F658CA1 Validity Not Before: Sep 13 03:04:16 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=910A84A16D82D6EFE2EF854D86F5D7F83AF76254 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:5f:db:2e:61:7e:68:c7:de:17:b5:48:51:b7: 22:07:82:d2:6c:e5:f4:29:16:7c:61:5a:29:f6:28: 25:a7:6b:dd:85:63:06:ac:bb:66:44:ab:c8:c6:29: 67:46:5e:87:51:1c:63:c3:66:ff:a6:90:33:9d:4f: ae:14:2b:8d:ba:11:9b:ef:ba:f5:84:77:b2:2b:9c: 92:d6:bf:e1:8d:3e:c4:a4:79:af:91:53:5c:4c:f7: 7d:48:d1:90:ae:3c:1e:84:8a:b6:f3:4c:3d:3d:d9: a4:52:c7:99:86:2d:1f:04:f1:61:36:16:91:db:11: 52:05:e9:3d:7e:ec:4f:68:23:29:09:eb:be:86:fd: 35:e7:df:4f:8f:78:49:7d:d2:51:2f:4a:af:8b:8d: 49:c3:7a:06:90:dc:76:74:28:6e:fb:ec:f9:8a:e6: b6:95:23:e8:c8:92:02:7c:de:44:0a:24:be:ba:08: 44:e8:1a:1a:0e:00:35:f9:8c:f1:73:ec:bc:2a:4c: 2e:89:77:fd:e8:21:36:75:61:f3:f4:62:28:89:f1: dc:4c:d5:e3:81:a8:95:19:5b:56:b7:ac:e5:ce:df: da:6b:82:1d:a5:31:87:a4:b1:b2:41:b4:a9:12:73: 39:16:39:69:00:5c:12:25:fd:0e:5c:7b:e2:6b:71: 63:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:0A:84:A1:6D:82:D6:EF:E2:EF:85:4D:86:F5:D7:F8:3A:F7:62:54 X509v3 Authority Key Identifier: keyid:C2:BF:B2:35:F5:70:65:2A:8B:CB:04:16:F6:FC:C4:44:3F:65:8C:A1 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3072/wr-yNfVwZSqLywQW9vzERD9ljKE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wr-yNfVwZSqLywQW9vzERD9ljKE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3072/kQqEoW2C1u_i74VNhvXX-Dr3YlQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.163.180.0/24 Signature Algorithm: sha256WithRSAEncryption 07:8c:ce:c6:b1:74:bc:62:bc:8b:26:72:ae:5e:1e:18:61:13: b2:0d:e2:06:49:b0:25:f4:3b:4b:3b:02:c4:a9:68:22:f5:a5: 21:00:69:b0:8e:54:47:bc:ac:3b:bf:c7:24:92:bf:03:a3:5e: b2:5b:e6:20:7c:28:34:1a:d1:15:65:b0:92:12:a9:ed:42:05: 66:70:a7:cc:0d:4b:30:60:41:02:89:72:02:38:bb:0e:6b:1f: a9:27:0c:94:19:6d:0d:7e:81:84:3c:02:db:0b:73:f6:4e:62: 87:9e:99:44:76:9c:41:9a:7b:25:9f:33:90:01:04:07:70:94: 81:00:f5:20:11:88:fc:0f:fe:3a:68:bc:f5:43:9f:7a:46:21: 3a:af:bc:00:8e:fa:59:06:25:92:11:33:57:5c:e5:09:36:4d: 42:d9:64:a7:0a:dd:d4:86:e6:70:e7:5e:48:23:7a:1b:9d:99: 95:00:94:80:62:c4:f2:33:b9:5b:7e:e9:9d:e7:bd:57:2c:81: 0c:03:13:65:1b:0e:71:ad:5b:a9:9f:20:52:01:0d:b7:9f:d4: 71:23:f8:f7:35:38:71:6e:4b:01:55:43:a4:e1:de:18:74:83: 2c:14:16:74:78:41:83:de:78:9f:a9:b1:22:a0:5d:a5:94:9a: 56:83:5b:0b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIQAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzJC RkIyMzVGNTcwNjUyQThCQ0IwNDE2RjZGQ0M0NDQzRjY1OENBMTAeFw0yNTA5MTMw MzA0MTZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDkxMEE4NEExNkQ4MkQ2 RUZFMkVGODU0RDg2RjVEN0Y4M0FGNzYyNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5X9suYX5ox94XtUhRtyIHgtJs5fQpFnxhWin2KCWna92FYwas u2ZEq8jGKWdGXodRHGPDZv+mkDOdT64UK426EZvvuvWEd7IrnJLWv+GNPsSkea+R U1xM931I0ZCuPB6EirbzTD092aRSx5mGLR8E8WE2FpHbEVIF6T1+7E9oIykJ676G /TXn30+PeEl90lEvSq+LjUnDegaQ3HZ0KG777PmK5raVI+jIkgJ83kQKJL66CETo GhoOADX5jPFz7LwqTC6Jd/3oITZ1YfP0YiiJ8dxM1eOBqJUZW1a3rOXO39prgh2l MYeksbJBtKkSczkWOWkAXBIl/Q5ce+JrcWO9AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUkQqEoW2C1u/i74VNhvXX+Dr3YlQwHwYDVR0jBBgwFoAUwr+yNfVwZSqLywQW 9vzERD9ljKEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA3 Mi93ci15TmZWd1pTcUx5d1FXOXZ6RVJEOWxqS0UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3dyLXlOZlZ3WlNxTHl3UVc5dnpFUkQ5bGpLRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNzIva1FxRW9XMkMxdV9p NzRWTmh2WFgtRHIzWWxRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGejtDANBgkqhkiG9w0BAQsFAAOCAQEAB4zOxrF0vGK8iyZyrl4eGGETsg3i BkmwJfQ7SzsCxKloIvWlIQBpsI5UR7ysO7/HJJK/A6NeslvmIHwoNBrRFWWwkhKp 7UIFZnCnzA1LMGBBAolyAji7DmsfqScMlBltDX6BhDwC2wtz9k5ih56ZRHacQZp7 JZ8zkAEEB3CUgQD1IBGI/A/+Omi89UOfekYhOq+8AI76WQYlkhEzV1zlCTZNQtlk pwrd1IbmcOdeSCN6G52ZlQCUgGLE8jO5W37pnee9VyyBDAMTZRsOca1bqZ8gUgEN t5/UcSP49zU4cW5LAVVDpOHeGHSDLBQWdHhBg954n6mxIqBdpZSaVoNbCw== -----END CERTIFICATE-----Generated at Mon Oct 20 05:45:34 2025 by rpki-client