$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3205/q7KuT92CEaJyfdgcVzAv8A8XWHY.roa File: q7KuT92CEaJyfdgcVzAv8A8XWHY.roa (raw, json) Hash identifier: 47WmVEgfYKbF6qUKfaokiTaNxZRNnd7qmlOSOCtCI5U= Subject key identifier: AB:B2:AE:4F:DD:82:11:A2:72:7D:D8:1C:57:30:2F:F0:0F:17:58:76 Certificate issuer: /CN=581041F42679F5E17F19C37E490A7794863B2BEB Certificate serial: 0F69 Authority key identifier: 58:10:41:F4:26:79:F5:E1:7F:19:C3:7E:49:0A:77:94:86:3B:2B:EB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WBBB9CZ59eF_GcN-SQp3lIY7K-s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/q7KuT92CEaJyfdgcVzAv8A8XWHY.roa Signing time: Sat 13 Sep 2025 03:03:58 +0000 ROA not before: Sat 13 Sep 2025 03:03:58 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4812 IP address blocks: 103.96.224.0/23 maxlen: 24 103.96.224.0/24 maxlen: 24 103.96.225.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/WBBB9CZ59eF_GcN-SQp3lIY7K-s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/WBBB9CZ59eF_GcN-SQp3lIY7K-s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WBBB9CZ59eF_GcN-SQp3lIY7K-s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 04:05:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3945 (0xf69) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=581041F42679F5E17F19C37E490A7794863B2BEB Validity Not Before: Sep 13 03:03:58 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=ABB2AE4FDD8211A2727DD81C57302FF00F175876 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:8e:88:31:72:39:5c:09:20:d5:c3:92:a9:fc: f7:c7:a0:43:38:53:cc:bc:7e:38:81:95:e8:ef:41: ce:e2:70:eb:f6:32:01:47:5d:4d:06:94:b9:6d:9d: ed:08:50:dd:84:09:50:da:36:29:eb:96:4e:9c:21: d8:74:34:ab:c0:1b:d6:ad:6e:97:33:2c:58:a8:4f: e7:87:aa:12:34:1d:89:b8:84:e4:6c:8b:8e:b6:56: 96:e3:cb:cb:61:d3:ea:5c:37:b6:fc:a7:e8:5f:82: e8:18:aa:a3:44:ff:c7:84:46:f6:75:c7:f8:48:66: a0:03:a8:1d:5c:31:5e:58:bf:b1:90:b2:09:5a:c8: f3:c9:b8:3c:82:6e:56:a4:9e:6c:ea:76:75:59:66: e6:c3:8e:3c:26:58:ba:91:be:62:06:9e:7d:c2:47: 73:29:24:44:91:1f:61:68:39:69:59:1d:b3:3c:6b: cd:90:67:55:ed:6f:21:b7:b2:3c:85:3a:84:74:02: 6b:c1:10:9b:b5:a6:5e:c1:56:64:0a:4b:c5:43:c7: b8:bb:93:44:00:08:af:de:b4:bb:37:73:0d:5a:91: 10:9e:61:df:9e:10:fd:27:de:00:ab:eb:53:b9:f6: a4:8b:20:3c:d1:f7:24:1a:b1:99:27:cd:c4:eb:9a: 1d:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:B2:AE:4F:DD:82:11:A2:72:7D:D8:1C:57:30:2F:F0:0F:17:58:76 X509v3 Authority Key Identifier: keyid:58:10:41:F4:26:79:F5:E1:7F:19:C3:7E:49:0A:77:94:86:3B:2B:EB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/WBBB9CZ59eF_GcN-SQp3lIY7K-s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WBBB9CZ59eF_GcN-SQp3lIY7K-s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/q7KuT92CEaJyfdgcVzAv8A8XWHY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.96.224.0/23 Signature Algorithm: sha256WithRSAEncryption 0e:10:17:5a:3b:3b:f8:89:dd:26:e4:fc:44:8d:78:14:b4:a7: 9b:6c:c6:b6:dd:c4:29:c0:23:11:ea:c1:ba:b3:8f:06:69:57: 98:4c:65:dd:4d:98:be:f6:dd:a7:55:7b:64:87:a1:5b:49:71: 42:5e:0e:d4:5e:13:c3:31:7c:6e:90:27:38:c1:57:9d:1d:e1: ac:83:6d:cc:36:c4:ac:33:e2:b2:b6:3c:e9:2e:6a:3f:d5:59: 08:a3:5e:b9:c1:00:c0:d3:3f:0e:98:61:97:8f:0c:b8:3a:a8: e5:08:7d:a0:3e:99:12:27:31:f2:1f:3b:ed:4b:66:85:1e:42: c1:3f:1d:12:c5:c7:33:4c:85:0c:cd:b4:dc:cb:3a:c4:b9:85: fd:7d:9a:7b:85:fc:3a:b0:0d:6f:85:e5:1a:79:ad:36:dd:39: 9a:98:32:d2:3d:4a:e2:d3:1f:0a:68:ca:6c:78:b9:00:14:cb: 89:70:8b:a5:c0:93:d4:3e:2e:d7:72:7d:79:4a:00:e2:f8:65: 91:94:6e:f9:59:bf:56:fa:99:25:ae:1c:f6:6b:b6:82:f0:4d: dc:a8:87:a1:2a:85:80:63:e8:9a:f4:54:ea:61:31:4e:18:06: 2c:a6:0a:df:25:a7:ee:f2:2c:70:22:19:3d:f6:c1:28:ae:72: 10:4a:8a:a1 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD2kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTgx MDQxRjQyNjc5RjVFMTdGMTlDMzdFNDkwQTc3OTQ4NjNCMkJFQjAeFw0yNTA5MTMw MzAzNThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEFCQjJBRTRGREQ4MjEx QTI3MjdERDgxQzU3MzAyRkYwMEYxNzU4NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUjogxcjlcCSDVw5Kp/PfHoEM4U8y8fjiBlejvQc7icOv2MgFH XU0GlLltne0IUN2ECVDaNinrlk6cIdh0NKvAG9atbpczLFioT+eHqhI0HYm4hORs i462Vpbjy8th0+pcN7b8p+hfgugYqqNE/8eERvZ1x/hIZqADqB1cMV5Yv7GQsgla yPPJuDyCblaknmzqdnVZZubDjjwmWLqRvmIGnn3CR3MpJESRH2FoOWlZHbM8a82Q Z1XtbyG3sjyFOoR0AmvBEJu1pl7BVmQKS8VDx7i7k0QACK/etLs3cw1akRCeYd+e EP0n3gCr61O59qSLIDzR9yQasZknzcTrmh29AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUq7KuT92CEaJyfdgcVzAv8A8XWHYwHwYDVR0jBBgwFoAUWBBB9CZ59eF/GcN+ SQp3lIY7K+swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzIw NS9XQkJCOUNaNTllRl9HY04tU1FwM2xJWTdLLXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1dCQkI5Q1o1OWVGX0djTi1TUXAzbElZN0stcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyMDUvcTdLdVQ5MkNFYUp5 ZmRnY1Z6QXY4QThYV0hZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWdg4DANBgkqhkiG9w0BAQsFAAOCAQEADhAXWjs7+IndJuT8RI14FLSnm2zG tt3EKcAjEerBurOPBmlXmExl3U2Yvvbdp1V7ZIehW0lxQl4O1F4TwzF8bpAnOMFX nR3hrINtzDbErDPisrY86S5qP9VZCKNeucEAwNM/Dphhl48MuDqo5Qh9oD6ZEicx 8h877UtmhR5CwT8dEsXHM0yFDM203Ms6xLmF/X2ae4X8OrANb4XlGnmtNt05mpgy 0j1K4tMfCmjKbHi5ABTLiXCLpcCT1D4u13J9eUoA4vhlkZRu+Vm/VvqZJa4c9mu2 gvBN3KiHoSqFgGPomvRU6mExThgGLKYK3yWn7vIscCIZPfbBKK5yEEqKoQ== -----END CERTIFICATE-----Generated at Tue Oct 21 03:34:35 2025 by rpki-client