$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/ABRRgXDPpSnnuYA80DMcwSONx50.roa File: ABRRgXDPpSnnuYA80DMcwSONx50.roa (raw, json) Hash identifier: KjyxlSh00ucaYIwSioIW4L844F+J9aDOBf1M1+DOEro= Subject key identifier: 00:14:51:81:70:CF:A5:29:E7:B9:80:3C:D0:33:1C:C1:23:8D:C7:9D Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Certificate serial: 0E13 Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/ABRRgXDPpSnnuYA80DMcwSONx50.roa Signing time: Sat 13 Sep 2025 03:04:09 +0000 ROA not before: Sat 13 Sep 2025 03:04:09 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 37968 IP address blocks: 103.2.164.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:05:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3603 (0xe13) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Validity Not Before: Sep 13 03:04:09 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=0014518170CFA529E7B9803CD0331CC1238DC79D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:b9:76:22:40:ec:69:53:20:72:57:4a:b3:2c: da:0d:32:b6:9b:6c:11:98:5b:3a:59:49:56:df:a6: bb:e4:26:7d:d4:c0:e9:3d:de:15:17:17:8b:6d:fc: c9:ec:19:aa:69:ac:47:b5:22:76:06:6b:1f:21:bd: 51:55:48:89:ff:fd:9c:aa:e9:5c:44:64:32:91:e2: 4f:a1:82:4a:29:2b:89:22:6d:ec:39:8e:48:2a:47: 6c:e3:b2:65:26:49:f3:80:a2:71:e0:cd:3f:6d:b7: 8f:6f:e5:9a:76:3c:2d:3b:98:8e:53:4a:ac:4b:b7: c3:5e:ca:a3:d7:51:5a:0c:6b:e6:5b:9e:29:40:11: 88:03:e0:4c:aa:25:9e:44:17:74:04:ec:b6:39:8b: 76:e7:f9:20:8b:17:5d:94:67:d3:52:40:fc:30:76: 10:d4:12:32:fe:2c:ee:6a:49:60:eb:03:40:ce:06: 71:20:ab:58:50:38:68:5a:9e:98:96:e6:92:5e:00: 44:81:4b:20:5b:cb:21:59:1b:5c:67:d8:67:2a:85: a1:04:1a:07:dd:bf:5d:76:1e:3f:3c:c2:1a:41:b7: bd:8c:f2:2e:15:d8:5d:b5:f4:a2:14:62:d2:69:d7: 6c:22:b1:36:08:e3:5f:d0:c9:46:89:aa:2d:11:94: 0e:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:14:51:81:70:CF:A5:29:E7:B9:80:3C:D0:33:1C:C1:23:8D:C7:9D X509v3 Authority Key Identifier: keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/ABRRgXDPpSnnuYA80DMcwSONx50.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.2.164.0/22 Signature Algorithm: sha256WithRSAEncryption 33:60:3e:4d:71:61:3b:6e:79:b0:58:82:16:c4:a6:cb:b7:b2: aa:46:bf:51:d2:96:18:05:e5:63:f3:a0:72:72:23:f6:b0:f4: 54:b3:d6:8d:66:ef:53:11:b8:26:09:4f:34:2d:a9:22:3b:24: f7:0c:09:53:e7:bd:a6:0a:40:37:50:83:62:49:4c:1d:fb:4b: d8:67:72:b8:65:a8:ac:cf:61:5d:79:38:d4:db:b9:75:7d:36: ef:c5:34:82:52:22:bc:5b:e6:91:d9:c1:a0:27:e3:ac:ed:dd: cd:e8:0f:b2:7c:7e:ed:df:60:d0:38:3b:41:0b:49:17:0f:bf: d8:ed:7c:b1:a7:d4:c7:eb:20:82:3b:dc:fa:17:7d:73:70:ef: 59:3d:b5:cc:bc:b4:42:e1:fa:0b:a3:5e:1d:ac:7b:45:f0:cf: 68:d4:1e:c4:7b:43:50:dd:4f:42:0a:13:1a:db:df:76:f0:fc: db:5c:3d:2b:09:52:32:24:1e:d0:20:97:a3:5a:4b:8d:b3:7c: a6:69:9e:97:15:6a:dd:36:8a:fe:54:1f:8a:ac:ac:55:71:80: 79:bc:e9:31:f3:30:96:e8:18:d4:69:02:84:77:49:34:4c:a2: 0b:cb:32:fb:48:88:eb:b2:6f:f3:36:ef:2d:d2:12:bb:d4:19: e6:6c:39:10 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDhMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNTA5MTMw MzA0MDlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDAwMTQ1MTgxNzBDRkE1 MjlFN0I5ODAzQ0QwMzMxQ0MxMjM4REM3OUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCquXYiQOxpUyByV0qzLNoNMrabbBGYWzpZSVbfprvkJn3UwOk9 3hUXF4tt/MnsGapprEe1InYGax8hvVFVSIn//Zyq6VxEZDKR4k+hgkopK4kibew5 jkgqR2zjsmUmSfOAonHgzT9tt49v5Zp2PC07mI5TSqxLt8NeyqPXUVoMa+ZbnilA EYgD4EyqJZ5EF3QE7LY5i3bn+SCLF12UZ9NSQPwwdhDUEjL+LO5qSWDrA0DOBnEg q1hQOGhanpiW5pJeAESBSyBbyyFZG1xn2GcqhaEEGgfdv112Hj88whpBt72M8i4V 2F219KIUYtJp12wisTYI41/QyUaJqi0RlA4rAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUABRRgXDPpSnnuYA80DMcwSONx50wHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b 3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvQUJSUmdYRFBwU25u dVlBODBETWN3U09OeDUwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmcCpDANBgkqhkiG9w0BAQsFAAOCAQEAM2A+TXFhO255sFiCFsSmy7eyqka/ UdKWGAXlY/OgcnIj9rD0VLPWjWbvUxG4JglPNC2pIjsk9wwJU+e9pgpAN1CDYklM HftL2GdyuGWorM9hXXk41Nu5dX0278U0glIivFvmkdnBoCfjrO3dzegPsnx+7d9g 0Dg7QQtJFw+/2O18safUx+sggjvc+hd9c3DvWT21zLy0QuH6C6NeHax7RfDPaNQe xHtDUN1PQgoTGtvfdvD821w9KwlSMiQe0CCXo1pLjbN8pmmelxVq3TaK/lQfiqys VXGAebzpMfMwlugY1GkChHdJNEyiC8sy+0iI67Jv8zbvLdISu9QZ5mw5EA== -----END CERTIFICATE-----Generated at Mon Oct 20 17:20:09 2025 by rpki-client