$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/756/zrdD_ibX2-w6XAn0s6cABhr2d38.roa File: zrdD_ibX2-w6XAn0s6cABhr2d38.roa (raw, json) Hash identifier: H+BkElafe5f3qf5w5U8YW5dPMJAcWgDXqMqD706ZET8= Subject key identifier: CE:B7:43:FE:26:D7:DB:EC:3A:5C:09:F4:B3:A7:00:06:1A:F6:77:7F Certificate issuer: /CN=591C5B03C97CE0FE3EC78E23C6856F792C20D404 Certificate serial: 176C Authority key identifier: 59:1C:5B:03:C9:7C:E0:FE:3E:C7:8E:23:C6:85:6F:79:2C:20:D4:04 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/zrdD_ibX2-w6XAn0s6cABhr2d38.roa Signing time: Sat 13 Sep 2025 03:03:52 +0000 ROA not before: Sat 13 Sep 2025 03:03:52 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63719 IP address blocks: 103.232.144.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/WRxbA8l84P4-x44jxoVveSwg1AQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/WRxbA8l84P4-x44jxoVveSwg1AQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 13:35:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5996 (0x176c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=591C5B03C97CE0FE3EC78E23C6856F792C20D404 Validity Not Before: Sep 13 03:03:52 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CEB743FE26D7DBEC3A5C09F4B3A700061AF6777F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:6a:c1:66:a5:8c:dc:40:d1:37:ab:a4:ec:f6: 23:69:cb:d8:9d:e4:b4:db:6f:67:9c:87:ec:a9:23: ac:40:fc:b9:55:3d:44:5d:a7:08:90:e3:24:4b:ba: e6:09:0b:db:93:b2:05:93:10:da:8f:6d:0a:b1:13: 20:22:29:d1:e0:e5:bd:4b:f5:94:62:74:35:8e:05: 78:37:83:fa:b3:62:73:43:87:4c:ce:80:62:cb:65: d7:8a:e5:94:6a:a4:ca:d9:1f:3e:98:7a:62:92:81: 13:86:05:1a:e4:ac:d7:9e:15:9d:89:4d:f1:43:b9: 77:17:f9:ca:ae:0a:a9:eb:86:23:95:04:dc:72:ae: 6b:86:37:47:eb:52:78:2f:2f:ca:0b:09:2a:a4:b1: da:2e:bf:99:01:03:9d:43:e4:83:69:4e:c0:17:a2: 75:8a:a5:80:e9:f2:59:5b:03:db:fa:9b:03:d0:8a: 31:95:a7:67:d8:a9:63:6c:13:c2:28:a2:72:4a:48: 59:d7:a9:9b:9b:22:8f:17:14:22:18:74:69:fd:41: ed:c4:09:74:00:98:a6:b1:0d:b0:4a:29:14:a1:70: 62:fb:77:2c:da:07:d6:f4:6c:57:36:f6:08:e0:e1: ee:ca:2b:de:4b:5b:29:ab:b1:72:de:73:4d:33:d1: 54:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:B7:43:FE:26:D7:DB:EC:3A:5C:09:F4:B3:A7:00:06:1A:F6:77:7F X509v3 Authority Key Identifier: keyid:59:1C:5B:03:C9:7C:E0:FE:3E:C7:8E:23:C6:85:6F:79:2C:20:D4:04 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/WRxbA8l84P4-x44jxoVveSwg1AQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/zrdD_ibX2-w6XAn0s6cABhr2d38.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.232.144.0/22 Signature Algorithm: sha256WithRSAEncryption 05:a4:94:f5:b1:4b:2d:d5:28:da:df:11:6d:10:a0:9e:47:b0: 14:53:9b:81:1a:a2:d7:25:c8:b1:d7:6a:6a:17:23:61:71:57: 97:26:16:d8:6e:fc:3f:4f:ee:c8:8c:28:3f:3a:ae:e1:9f:45: 13:eb:35:a0:7b:ce:3d:df:ea:ba:f0:f9:e5:b3:c7:8e:30:03: 18:cb:df:af:58:c4:1c:84:0a:35:c4:ab:34:3d:4f:96:8d:fb: ac:63:f1:6e:90:b3:02:bf:e8:5a:2c:f3:f0:7a:ad:e9:4d:22: d5:46:c5:e7:76:67:4c:c3:26:27:1c:ae:09:03:6f:33:8e:a4: 4c:02:99:8e:2d:d1:3d:d3:29:4a:fc:87:81:79:c3:d2:74:df: 24:f9:8f:da:67:0d:bb:24:70:c6:4a:68:95:ef:13:6f:74:91: ee:cb:9b:59:fb:31:97:2d:63:47:07:5a:f5:84:a9:f6:0b:20: 00:46:f8:9f:a2:07:18:f4:dc:3b:42:dd:1c:96:9d:a2:65:20: f5:99:1b:a1:eb:84:d3:ec:8e:bd:95:31:e4:ed:e5:88:1e:e0: b2:15:ec:76:cc:66:e9:0f:f2:f2:3f:e1:e8:1f:ef:16:06:cd: 5b:d0:a3:b9:66:13:a9:5a:dd:d2:5d:65:57:a7:26:09:14:cd: 81:fe:02:e7 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICF2wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTkx QzVCMDNDOTdDRTBGRTNFQzc4RTIzQzY4NTZGNzkyQzIwRDQwNDAeFw0yNTA5MTMw MzAzNTJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENFQjc0M0ZFMjZEN0RC RUMzQTVDMDlGNEIzQTcwMDA2MUFGNjc3N0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOasFmpYzcQNE3q6Ts9iNpy9id5LTbb2ech+ypI6xA/LlVPURd pwiQ4yRLuuYJC9uTsgWTENqPbQqxEyAiKdHg5b1L9ZRidDWOBXg3g/qzYnNDh0zO gGLLZdeK5ZRqpMrZHz6YemKSgROGBRrkrNeeFZ2JTfFDuXcX+cquCqnrhiOVBNxy rmuGN0frUngvL8oLCSqksdouv5kBA51D5INpTsAXonWKpYDp8llbA9v6mwPQijGV p2fYqWNsE8IoonJKSFnXqZubIo8XFCIYdGn9Qe3ECXQAmKaxDbBKKRShcGL7dyza B9b0bFc29gjg4e7KK95LWymrsXLec00z0VRVAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUzrdD/ibX2+w6XAn0s6cABhr2d38wHwYDVR0jBBgwFoAUWRxbA8l84P4+x44j xoVveSwg1AQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzU2 L1dSeGJBOGw4NFA0LXg0NGp4b1Z2ZVN3ZzFBUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV1J4YkE4bDg0UDQteDQ0anhvVnZlU3dnMUFRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzU2L3pyZERfaWJYMi13NlhB bjBzNmNBQmhyMmQzOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn6JAwDQYJKoZIhvcNAQELBQADggEBAAWklPWxSy3VKNrfEW0QoJ5HsBRTm4Ea otclyLHXamoXI2FxV5cmFthu/D9P7siMKD86ruGfRRPrNaB7zj3f6rrw+eWzx44w AxjL369YxByECjXEqzQ9T5aN+6xj8W6QswK/6Fos8/B6relNItVGxed2Z0zDJicc rgkDbzOOpEwCmY4t0T3TKUr8h4F5w9J03yT5j9pnDbskcMZKaJXvE290ke7Lm1n7 MZctY0cHWvWEqfYLIABG+J+iBxj03DtC3RyWnaJlIPWZG6HrhNPsjr2VMeTt5Yge 4LIV7HbMZukP8vI/4egf7xYGzVvQo7lmE6la3dJdZVenJgkUzYH+Auc= -----END CERTIFICATE-----Generated at Tue Oct 21 10:34:44 2025 by rpki-client