$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3272/uA1LTwixkfJG9KBPCCFok0-vlYw.roa File: uA1LTwixkfJG9KBPCCFok0-vlYw.roa (raw, json) Hash identifier: io24LioFehn5fxNt/teIFW6VsNYeZHFHG8A5PNqvZVM= Subject key identifier: B8:0D:4B:4F:08:B1:91:F2:46:F4:A0:4F:08:21:68:93:4F:AF:95:8C Certificate issuer: /CN=FD341E841C183777F8F91DF4FCDA0BB9EFA061BF Certificate serial: 0A61 Authority key identifier: FD:34:1E:84:1C:18:37:77:F8:F9:1D:F4:FC:DA:0B:B9:EF:A0:61:BF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/uA1LTwixkfJG9KBPCCFok0-vlYw.roa Signing time: Sat 13 Sep 2025 03:07:55 +0000 ROA not before: Sat 13 Sep 2025 03:07:55 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 146806 IP address blocks: 157.66.42.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/_TQehBwYN3f4-R30_NoLue-gYb8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/_TQehBwYN3f4-R30_NoLue-gYb8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 09:06:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2657 (0xa61) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FD341E841C183777F8F91DF4FCDA0BB9EFA061BF Validity Not Before: Sep 13 03:07:55 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=B80D4B4F08B191F246F4A04F082168934FAF958C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:ef:e2:db:de:18:de:db:a2:3f:dc:40:9c:66: 6d:c6:74:ce:f4:95:4e:f4:52:94:27:64:e1:7f:95: 0c:3c:82:76:ce:4c:86:63:b4:0e:96:65:ab:c7:04: bb:ad:b6:4a:f7:ac:83:96:88:f5:cf:ba:47:84:cc: 06:18:92:cb:73:76:bc:43:a1:dc:eb:93:86:b2:7d: 4b:58:c0:ca:a3:34:cb:08:96:5c:b0:c5:70:c7:42: b0:b4:2e:b6:ca:23:3d:a6:90:d9:01:11:79:59:77: fb:36:0b:9a:6a:1c:71:7b:2e:d0:00:87:c6:67:95: d3:96:8d:50:00:ec:e0:10:e3:7c:2a:1a:0f:50:c2: 44:16:da:52:6b:07:92:39:54:7a:f8:17:67:5c:1b: c4:f1:9c:35:0f:9d:d6:b4:ec:0c:a8:47:c3:48:4e: 0e:0f:4b:0d:2d:46:63:08:62:58:81:2f:b7:89:31: 22:1e:07:44:09:e8:6f:68:5f:7c:d2:b8:55:bd:70: 77:00:96:4e:f7:0c:57:d7:18:19:d8:e5:98:48:b6: c7:ea:b0:34:98:2a:53:ec:69:a5:c9:03:e2:8b:7b: c5:54:d7:b5:42:4d:82:72:df:52:97:12:b0:40:d1: dc:5b:72:77:97:c6:b9:25:37:42:63:3c:8e:8e:f1: 24:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:0D:4B:4F:08:B1:91:F2:46:F4:A0:4F:08:21:68:93:4F:AF:95:8C X509v3 Authority Key Identifier: keyid:FD:34:1E:84:1C:18:37:77:F8:F9:1D:F4:FC:DA:0B:B9:EF:A0:61:BF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/_TQehBwYN3f4-R30_NoLue-gYb8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/uA1LTwixkfJG9KBPCCFok0-vlYw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.66.42.0/24 Signature Algorithm: sha256WithRSAEncryption 43:69:8b:4a:b6:b9:3d:82:50:88:a3:3d:2a:80:a6:93:ae:d6: 64:22:e1:c5:10:49:de:2c:9d:d2:d4:03:2c:d9:d3:67:b5:05: bc:97:d8:a1:ba:6f:f8:27:09:6e:5c:95:e8:d8:92:8f:b3:7d: 9e:b7:a8:80:65:48:d3:ac:7a:70:6d:e0:3d:83:7b:0d:5e:a2: ff:38:7f:70:2e:f1:2d:4f:43:4c:72:ef:89:4d:4d:5a:c8:98: f9:26:ee:fa:ae:ad:5e:a6:b5:d4:95:92:e9:90:0b:6b:b1:c0: 6a:0c:d0:ab:9f:f8:e3:e8:8f:9a:b5:25:bf:83:37:e7:d7:46: 89:f1:87:93:88:56:f3:14:31:22:f3:88:51:4f:d5:ef:1b:ed: 00:16:d0:a5:be:b5:57:47:ed:1e:1a:3d:85:fc:55:f3:1a:ae: 51:04:3c:32:d1:73:9f:98:ab:98:63:a0:53:f4:e4:a8:5e:04: fd:20:70:6a:1b:25:7b:1a:76:55:a0:b7:b6:01:6d:78:27:d3: ac:67:c1:41:13:71:29:04:32:5e:e6:07:1a:77:49:b2:a5:39: 6d:22:18:81:3a:4b:b1:3f:b4:2a:7b:d4:9c:d0:4b:f4:cc:50: 9f:0c:f1:18:30:c0:26:86:b1:75:ef:ac:bd:16:bc:66:64:fc: 12:04:c7:bd -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICCmEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkQz NDFFODQxQzE4Mzc3N0Y4RjkxREY0RkNEQTBCQjlFRkEwNjFCRjAeFw0yNTA5MTMw MzA3NTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEI4MEQ0QjRGMDhCMTkx RjI0NkY0QTA0RjA4MjE2ODkzNEZBRjk1OEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDI7+Lb3hje26I/3ECcZm3GdM70lU70UpQnZOF/lQw8gnbOTIZj tA6WZavHBLuttkr3rIOWiPXPukeEzAYYkstzdrxDodzrk4ayfUtYwMqjNMsIllyw xXDHQrC0LrbKIz2mkNkBEXlZd/s2C5pqHHF7LtAAh8ZnldOWjVAA7OAQ43wqGg9Q wkQW2lJrB5I5VHr4F2dcG8TxnDUPnda07AyoR8NITg4PSw0tRmMIYliBL7eJMSIe B0QJ6G9oX3zSuFW9cHcAlk73DFfXGBnY5ZhItsfqsDSYKlPsaaXJA+KLe8VU17VC TYJy31KXErBA0dxbcneXxrklN0JjPI6O8SQ3AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUuA1LTwixkfJG9KBPCCFok0+vlYwwHwYDVR0jBBgwFoAU/TQehBwYN3f4+R30 /NoLue+gYb8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3 Mi9fVFFlaEJ3WU4zZjQtUjMwX05vTHVlLWdZYjguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL19UUWVoQndZTjNmNC1SMzBfTm9MdWUtZ1liOC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzIvdUExTFR3aXhrZkpH OUtCUENDRm9rMC12bFl3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAJ1CKjANBgkqhkiG9w0BAQsFAAOCAQEAQ2mLSra5PYJQiKM9KoCmk67WZCLh xRBJ3iyd0tQDLNnTZ7UFvJfYobpv+CcJblyV6NiSj7N9nreogGVI06x6cG3gPYN7 DV6i/zh/cC7xLU9DTHLviU1NWsiY+Sbu+q6tXqa11JWS6ZALa7HAagzQq5/44+iP mrUlv4M359dGifGHk4hW8xQxIvOIUU/V7xvtABbQpb61V0ftHho9hfxV8xquUQQ8 MtFzn5irmGOgU/TkqF4E/SBwahslexp2VaC3tgFteCfTrGfBQRNxKQQyXuYHGndJ sqU5bSIYgTpLsT+0KnvUnNBL9MxQnwzxGDDAJoaxde+svRa8ZmT8EgTHvQ== -----END CERTIFICATE-----Generated at Mon Oct 20 08:33:06 2025 by rpki-client