$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/775/aVEwty2RaQ7ZMQsM6gPJIDhHx0s.roa File: aVEwty2RaQ7ZMQsM6gPJIDhHx0s.roa (raw, json) Hash identifier: iOBwcScs0YJqCUy+IANX3ajyrol1E6jNhR8CiDpsub8= Subject key identifier: 69:51:30:B7:2D:91:69:0E:D9:31:0B:0C:EA:03:C9:20:38:47:C7:4B Certificate issuer: /CN=CD65DDFFCA490F695E12F3A53EEBAFF0EDA77050 Certificate serial: 0E4F Authority key identifier: CD:65:DD:FF:CA:49:0F:69:5E:12:F3:A5:3E:EB:AF:F0:ED:A7:70:50 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zWXd_8pJD2leEvOlPuuv8O2ncFA.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/775/aVEwty2RaQ7ZMQsM6gPJIDhHx0s.roa Signing time: Sat 13 Sep 2025 03:04:37 +0000 ROA not before: Sat 13 Sep 2025 03:04:37 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 59078 IP address blocks: 101.48.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/775/zWXd_8pJD2leEvOlPuuv8O2ncFA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/775/zWXd_8pJD2leEvOlPuuv8O2ncFA.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zWXd_8pJD2leEvOlPuuv8O2ncFA.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:05:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3663 (0xe4f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CD65DDFFCA490F695E12F3A53EEBAFF0EDA77050 Validity Not Before: Sep 13 03:04:37 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=695130B72D91690ED9310B0CEA03C9203847C74B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:dd:b4:68:f1:5b:2f:49:fe:00:1e:8e:3e:be: 92:48:59:31:84:21:12:34:54:9f:aa:b5:07:0d:6a: 1e:42:ec:fb:9a:d8:2f:f2:91:af:06:6b:64:3a:ea: 45:fc:53:36:6f:ec:e6:f7:ca:81:04:48:89:ff:33: 15:7f:32:88:4b:38:cc:8b:09:47:0e:08:7e:56:9d: 68:eb:35:99:42:48:a0:36:38:3f:3d:ca:5d:6f:e9: 48:04:fc:5a:38:14:d2:2e:54:96:da:73:d6:f1:96: b5:c7:19:86:16:94:6e:c3:1f:b6:61:13:f8:4f:c1: 32:59:d9:43:7b:2b:5c:bc:31:27:fa:b5:ac:66:1b: f3:1b:78:3d:e7:2e:e9:9d:b5:6e:80:fa:49:5a:34: b2:15:be:9c:31:89:5d:7f:69:8e:5c:9c:8c:ef:54: 89:31:16:b8:9d:a2:49:08:8b:eb:e1:b2:72:a0:7b: ac:78:5d:30:e6:3e:fe:af:a9:8d:19:30:1d:71:3c: 2f:8d:f6:4f:ce:1b:3b:83:1c:b6:c3:93:37:d3:77: fa:4d:2a:66:2e:6d:70:67:e0:7e:eb:27:da:e0:c6: ee:9e:58:b3:25:0c:ba:3c:6e:5a:82:73:55:6e:25: 40:15:de:4a:3d:2d:32:3e:c8:58:98:80:8f:89:93: 44:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:51:30:B7:2D:91:69:0E:D9:31:0B:0C:EA:03:C9:20:38:47:C7:4B X509v3 Authority Key Identifier: keyid:CD:65:DD:FF:CA:49:0F:69:5E:12:F3:A5:3E:EB:AF:F0:ED:A7:70:50 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/775/zWXd_8pJD2leEvOlPuuv8O2ncFA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zWXd_8pJD2leEvOlPuuv8O2ncFA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/775/aVEwty2RaQ7ZMQsM6gPJIDhHx0s.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.48.0.0/16 Signature Algorithm: sha256WithRSAEncryption 02:24:f7:84:99:61:39:3c:fd:61:6a:06:b8:b5:fd:bf:d6:45: bb:53:3d:ad:95:c6:32:b4:92:d4:58:bc:ce:18:63:a6:66:cd: 69:7f:8f:9f:ff:04:c3:79:0a:53:e0:bd:07:83:63:ec:e7:0f: b8:f3:f3:c4:ec:f8:2a:82:7b:b4:0a:93:51:02:3d:9a:6f:17: 23:d7:4a:81:eb:dd:ac:94:2b:49:ab:bb:b0:75:7a:8d:3b:6f: 2e:a1:df:92:17:e1:9a:f3:c1:7e:07:09:e3:57:08:c2:cf:c8: 59:cd:02:c9:3f:a5:6b:88:19:49:38:16:00:3d:85:87:d8:64: e5:a4:90:c4:9a:f0:83:96:c1:93:af:2a:d2:7d:b8:19:2c:a1: 98:7f:7e:52:77:07:12:14:c2:2f:7a:77:0e:7c:53:a8:70:29: 4e:2d:6a:b6:2c:49:08:ea:b5:0a:70:60:f7:f9:77:60:91:4f: 48:38:43:92:27:0b:8a:6d:5a:1c:2d:a1:1f:76:1d:07:c7:94: c5:27:8a:48:1a:09:21:09:a3:ab:a0:46:78:a3:c5:6a:d4:fc: e1:d1:8e:b6:99:49:0e:fa:4e:2e:60:c0:21:e3:57:f5:ac:23: 42:8b:c4:c2:5d:9d:6c:50:b3:eb:04:97:b3:8e:ab:ec:71:d2: cf:19:e6:a1 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDk8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Q2 NURERkZDQTQ5MEY2OTVFMTJGM0E1M0VFQkFGRjBFREE3NzA1MDAeFw0yNTA5MTMw MzA0MzdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDY5NTEzMEI3MkQ5MTY5 MEVEOTMxMEIwQ0VBMDNDOTIwMzg0N0M3NEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/3bRo8VsvSf4AHo4+vpJIWTGEIRI0VJ+qtQcNah5C7Pua2C/y ka8Ga2Q66kX8UzZv7Ob3yoEESIn/MxV/MohLOMyLCUcOCH5WnWjrNZlCSKA2OD89 yl1v6UgE/Fo4FNIuVJbac9bxlrXHGYYWlG7DH7ZhE/hPwTJZ2UN7K1y8MSf6taxm G/MbeD3nLumdtW6A+klaNLIVvpwxiV1/aY5cnIzvVIkxFridokkIi+vhsnKge6x4 XTDmPv6vqY0ZMB1xPC+N9k/OGzuDHLbDkzfTd/pNKmYubXBn4H7rJ9rgxu6eWLMl DLo8blqCc1VuJUAV3ko9LTI+yFiYgI+Jk0SRAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUaVEwty2RaQ7ZMQsM6gPJIDhHx0swHwYDVR0jBBgwFoAUzWXd/8pJD2leEvOl Puuv8O2ncFAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzc1 L3pXWGRfOHBKRDJsZUV2T2xQdXV2OE8ybmNGQS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveldYZF84cEpEMmxlRXZPbFB1dXY4TzJuY0ZBLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzc1L2FWRXd0eTJSYVE3Wk1R c002Z1BKSURoSHgwcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwBlMDANBgkqhkiG9w0BAQsFAAOCAQEAAiT3hJlhOTz9YWoGuLX9v9ZFu1M9rZXG MrSS1Fi8zhhjpmbNaX+Pn/8Ew3kKU+C9B4Nj7OcPuPPzxOz4KoJ7tAqTUQI9mm8X I9dKgevdrJQrSau7sHV6jTtvLqHfkhfhmvPBfgcJ41cIws/IWc0CyT+la4gZSTgW AD2Fh9hk5aSQxJrwg5bBk68q0n24GSyhmH9+UncHEhTCL3p3DnxTqHApTi1qtixJ COq1CnBg9/l3YJFPSDhDkicLim1aHC2hH3YdB8eUxSeKSBoJIQmjq6BGeKPFatT8 4dGOtplJDvpOLmDAIeNX9awjQovEwl2dbFCz6wSXs46r7HHSzxnmoQ== -----END CERTIFICATE-----Generated at Mon Oct 20 15:35:49 2025 by rpki-client