$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3318/gzK1Pp-BSx2527K6EqlOptYNYuw.roa File: gzK1Pp-BSx2527K6EqlOptYNYuw.roa (raw, json) Hash identifier: QCbFFe/ngARNElf/EyGpyk0pLdOuxh9MnpGc84Wcrb4= Subject key identifier: 83:32:B5:3E:9F:81:4B:1D:B9:DB:B2:BA:12:A9:4E:A6:D6:0D:62:EC Certificate issuer: /CN=3DCAE1310119B85AC476B00EFFAC2CA1C34B4631 Certificate serial: 0692 Authority key identifier: 3D:CA:E1:31:01:19:B8:5A:C4:76:B0:0E:FF:AC:2C:A1:C3:4B:46:31 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/PcrhMQEZuFrEdrAO_6wsocNLRjE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3318/gzK1Pp-BSx2527K6EqlOptYNYuw.roa Signing time: Sat 13 Sep 2025 03:05:54 +0000 ROA not before: Sat 13 Sep 2025 03:05:54 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 151951 IP address blocks: 103.142.82.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3318/PcrhMQEZuFrEdrAO_6wsocNLRjE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3318/PcrhMQEZuFrEdrAO_6wsocNLRjE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/PcrhMQEZuFrEdrAO_6wsocNLRjE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:35:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1682 (0x692) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3DCAE1310119B85AC476B00EFFAC2CA1C34B4631 Validity Not Before: Sep 13 03:05:54 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=8332B53E9F814B1DB9DBB2BA12A94EA6D60D62EC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:c2:ef:c0:92:f9:cb:28:29:cf:82:8c:8e:aa: 72:52:75:20:6a:1e:8c:05:9c:7c:03:78:bd:e9:d8: e2:cc:80:3a:be:5b:1d:7c:e5:9d:5e:53:df:62:a7: 20:71:4b:94:03:96:81:9a:be:8d:0e:08:36:83:f8: 8d:cc:a1:94:fc:d1:61:77:8d:8d:11:72:5f:50:a6: e1:66:31:c3:8b:cb:f1:9f:6f:6b:45:75:4c:3c:18: 2a:36:ed:a6:d0:84:4d:12:85:b9:40:a9:85:c8:8f: 68:28:45:25:72:55:0f:b6:73:22:d7:68:4a:3a:ff: cd:3a:51:cd:13:f4:cc:9b:8c:62:d8:85:21:c1:be: 9e:a2:fa:8a:47:49:fd:4d:75:0e:90:e9:e9:8f:80: 65:80:e1:2a:32:32:56:17:9b:57:48:76:b9:29:fb: 5f:4d:12:aa:0f:9e:3d:75:52:8f:b0:f2:25:b5:cd: e9:ea:64:66:52:de:cf:fd:6f:61:61:a3:8c:6f:8d: b7:7d:47:da:71:79:61:00:c9:0f:d3:ed:34:84:26: 5a:13:34:9f:c9:74:46:8d:f1:6d:89:3a:cc:f1:b8: 84:2f:7b:25:ac:c7:4f:a1:37:15:d0:24:28:f4:fc: 79:76:5a:87:16:54:b2:7c:22:a5:df:7d:0c:bd:0f: e7:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:32:B5:3E:9F:81:4B:1D:B9:DB:B2:BA:12:A9:4E:A6:D6:0D:62:EC X509v3 Authority Key Identifier: keyid:3D:CA:E1:31:01:19:B8:5A:C4:76:B0:0E:FF:AC:2C:A1:C3:4B:46:31 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3318/PcrhMQEZuFrEdrAO_6wsocNLRjE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/PcrhMQEZuFrEdrAO_6wsocNLRjE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3318/gzK1Pp-BSx2527K6EqlOptYNYuw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.142.82.0/24 Signature Algorithm: sha256WithRSAEncryption 2f:d4:71:c0:13:e0:11:c5:73:77:89:1e:af:52:8b:96:69:26: 13:49:68:5c:f7:17:51:e6:47:c0:7e:81:2a:0b:c4:69:f3:28: 70:51:cd:e7:f8:da:89:43:f3:9d:77:cc:53:86:05:34:e6:c3: 0b:2e:23:81:b1:c7:a5:f9:f0:d6:14:57:b5:5d:86:b6:a4:be: d2:bd:af:d6:19:60:3c:ce:d6:bf:0e:36:4d:c9:0a:48:17:1b: 4c:ef:d2:e8:8b:70:4a:09:c7:72:8e:d7:db:f1:b6:a6:14:29: ef:a4:d4:52:b5:be:8e:6c:0e:bc:5f:8e:0e:c0:f6:06:6c:bc: ba:b3:28:bc:d2:a9:2c:31:7c:9f:73:4f:17:ea:82:c6:f7:87: 8b:21:8e:c2:a5:e4:c1:0a:c5:f8:ac:ba:39:b2:0c:d3:da:84: 9b:0d:ed:76:3d:da:b3:72:16:e5:60:17:cc:43:46:bb:ff:0c: 2e:0a:5e:91:d5:f5:d0:33:dc:fd:ac:3c:2e:d3:5a:b6:97:57: b9:f7:4b:35:8c:74:23:3d:e8:91:a6:43:e9:e6:9a:1c:96:86: 91:40:c5:53:32:3b:8b:73:c8:ba:09:ef:21:93:9a:a5:06:c0: 02:85:e3:84:c9:70:f8:3d:de:50:4a:cb:63:b4:e3:be:4f:4b: 63:07:d7:fd -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBpIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0RD QUUxMzEwMTE5Qjg1QUM0NzZCMDBFRkZBQzJDQTFDMzRCNDYzMTAeFw0yNTA5MTMw MzA1NTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDgzMzJCNTNFOUY4MTRC MURCOURCQjJCQTEyQTk0RUE2RDYwRDYyRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDjwu/AkvnLKCnPgoyOqnJSdSBqHowFnHwDeL3p2OLMgDq+Wx18 5Z1eU99ipyBxS5QDloGavo0OCDaD+I3MoZT80WF3jY0Rcl9QpuFmMcOLy/Gfb2tF dUw8GCo27abQhE0ShblAqYXIj2goRSVyVQ+2cyLXaEo6/806Uc0T9MybjGLYhSHB vp6i+opHSf1NdQ6Q6emPgGWA4SoyMlYXm1dIdrkp+19NEqoPnj11Uo+w8iW1zenq ZGZS3s/9b2Fho4xvjbd9R9pxeWEAyQ/T7TSEJloTNJ/JdEaN8W2JOszxuIQveyWs x0+hNxXQJCj0/Hl2WocWVLJ8IqXffQy9D+e9AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUgzK1Pp+BSx2527K6EqlOptYNYuwwHwYDVR0jBBgwFoAUPcrhMQEZuFrEdrAO /6wsocNLRjEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMx OC9QY3JoTVFFWnVGckVkckFPXzZ3c29jTkxSakUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1BjcmhNUUVadUZyRWRyQU9fNndzb2NOTFJqRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMTgvZ3pLMVBwLUJTeDI1 MjdLNkVxbE9wdFlOWXV3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGeOUjANBgkqhkiG9w0BAQsFAAOCAQEAL9RxwBPgEcVzd4ker1KLlmkmE0lo XPcXUeZHwH6BKgvEafMocFHN5/jaiUPznXfMU4YFNObDCy4jgbHHpfnw1hRXtV2G tqS+0r2v1hlgPM7Wvw42TckKSBcbTO/S6ItwSgnHco7X2/G2phQp76TUUrW+jmwO vF+ODsD2Bmy8urMovNKpLDF8n3NPF+qCxveHiyGOwqXkwQrF+Ky6ObIM09qEmw3t dj3as3IW5WAXzENGu/8MLgpekdX10DPc/aw8LtNatpdXufdLNYx0Iz3okaZD6eaa HJaGkUDFUzI7i3PIugnvIZOapQbAAoXjhMlw+D3eUErLY7Tjvk9LYwfX/Q== -----END CERTIFICATE-----Generated at Mon Oct 20 11:18:35 2025 by rpki-client