$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/IxQW7CUiaZKic65Ivl-3yo2SOEg.roa File: IxQW7CUiaZKic65Ivl-3yo2SOEg.roa (raw, json) Hash identifier: VMFTvY4x0zsL9mkt4GsOuQJhKnM+gUeAT5xzKnvrmuo= Subject key identifier: 23:14:16:EC:25:22:69:92:A2:73:AE:48:BE:5F:B7:CA:8D:92:38:48 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 21FC Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/IxQW7CUiaZKic65Ivl-3yo2SOEg.roa Signing time: Sat 13 Sep 2025 03:03:48 +0000 ROA not before: Sat 13 Sep 2025 03:03:48 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4811 IP address blocks: 103.237.28.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:05:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8700 (0x21fc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Sep 13 03:03:48 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=231416EC25226992A273AE48BE5FB7CA8D923848 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:f3:e1:47:a8:14:53:2e:56:10:27:b5:27:a9: 29:af:33:b2:61:66:88:7d:26:93:73:31:b0:99:12: 0b:c3:2a:75:57:be:fd:ea:2a:3f:7b:d1:14:b1:b4: 2c:1a:c7:16:78:57:1c:60:79:df:98:94:06:a5:02: 9e:23:6d:04:11:36:74:c0:1c:72:73:d7:d4:f1:36: 41:2b:4a:40:11:b5:6e:29:ad:f2:48:cb:ee:ff:7a: a6:78:97:ed:09:f2:6f:80:b0:05:ff:51:f8:d0:15: a7:e6:7f:e4:88:58:ce:bf:3d:66:1d:d5:00:06:de: 65:af:65:00:e9:6a:05:6d:41:bb:8b:f9:5e:44:52: 55:5f:8e:43:bd:c3:de:6b:f9:72:18:db:75:58:e3: 2e:fb:73:08:74:2b:b0:a0:67:0e:92:29:2d:18:18: c3:2e:27:5c:90:b7:1a:ef:90:d8:3a:34:20:14:bb: 81:5b:0d:ca:ce:4a:f2:30:4b:46:b9:50:36:14:19: 86:0f:e6:0f:8e:ea:ce:a3:79:be:6b:40:b8:ba:63: ba:5b:83:0d:eb:73:f9:ab:82:18:3b:c9:bb:79:bf: 4d:1d:37:c6:c0:2c:c9:65:7d:79:fc:ee:fa:a5:d8: c0:b1:dc:6f:65:49:aa:e1:e7:b4:aa:a6:93:58:18: da:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:14:16:EC:25:22:69:92:A2:73:AE:48:BE:5F:B7:CA:8D:92:38:48 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/IxQW7CUiaZKic65Ivl-3yo2SOEg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.237.28.0/23 Signature Algorithm: sha256WithRSAEncryption 15:32:d0:72:56:d0:f9:cf:3f:4e:a1:71:23:c7:4a:61:f8:96: 66:fc:9b:73:fd:31:aa:90:4a:ea:3b:24:a0:33:fd:6c:2f:3e: 1d:e4:47:d0:33:42:c6:85:f9:46:a2:6e:09:66:b0:c1:e9:fe: 25:eb:dd:7f:15:1b:76:f1:7f:4f:f8:c3:70:6a:f9:0b:31:65: d3:0e:13:ba:26:af:82:3b:35:7c:50:b5:20:3a:ac:83:01:35: 20:c9:d4:35:f7:6c:85:46:ac:8a:f3:14:ee:fd:b7:a2:57:c7: 5a:c6:a2:52:bc:9a:e2:f3:f9:ba:43:9a:f5:b9:a0:36:e7:84: 3f:85:7d:99:77:60:ae:9a:db:a0:7a:f9:03:b4:71:21:88:bc: aa:6f:1e:d4:1a:de:d8:81:5b:b8:ed:8d:6c:2c:f4:98:8f:10: 06:41:59:31:6d:cc:50:6e:93:8a:14:49:d4:3b:24:10:29:7f: b9:48:7e:22:c7:04:5a:58:f3:f8:25:21:a4:40:fe:ec:42:80: a0:74:62:84:6f:5a:6b:66:8c:8a:40:93:3e:27:3e:b4:31:50: 76:dc:b1:d9:41:b5:47:4a:22:35:80:8d:2d:e0:23:41:fe:17: 93:3d:b0:96:ee:83:0a:05:a0:03:8e:57:7c:b9:43:ef:14:34: a1:6d:c8:20 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIfwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA5MTMw MzAzNDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDIzMTQxNkVDMjUyMjY5 OTJBMjczQUU0OEJFNUZCN0NBOEQ5MjM4NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDz8+FHqBRTLlYQJ7UnqSmvM7JhZoh9JpNzMbCZEgvDKnVXvv3q Kj970RSxtCwaxxZ4Vxxged+YlAalAp4jbQQRNnTAHHJz19TxNkErSkARtW4prfJI y+7/eqZ4l+0J8m+AsAX/UfjQFafmf+SIWM6/PWYd1QAG3mWvZQDpagVtQbuL+V5E UlVfjkO9w95r+XIY23VY4y77cwh0K7CgZw6SKS0YGMMuJ1yQtxrvkNg6NCAUu4Fb DcrOSvIwS0a5UDYUGYYP5g+O6s6jeb5rQLi6Y7pbgw3rc/mrghg7ybt5v00dN8bA LMllfXn87vql2MCx3G9lSarh57SqppNYGNorAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUIxQW7CUiaZKic65Ivl+3yo2SOEgwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0l4UVc3Q1VpYVpLaWM2 NUl2bC0zeW8yU09FZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFn7RwwDQYJKoZIhvcNAQELBQADggEBABUy0HJW0PnPP06hcSPHSmH4lmb8m3P9 MaqQSuo7JKAz/WwvPh3kR9AzQsaF+UaibglmsMHp/iXr3X8VG3bxf0/4w3Bq+Qsx ZdMOE7omr4I7NXxQtSA6rIMBNSDJ1DX3bIVGrIrzFO79t6JXx1rGolK8muLz+bpD mvW5oDbnhD+FfZl3YK6a26B6+QO0cSGIvKpvHtQa3tiBW7jtjWws9JiPEAZBWTFt zFBuk4oUSdQ7JBApf7lIfiLHBFpY8/glIaRA/uxCgKB0YoRvWmtmjIpAkz4nPrQx UHbcsdlBtUdKIjWAjS3gI0H+F5M9sJbugwoFoAOOV3y5Q+8UNKFtyCA= -----END CERTIFICATE-----Generated at Mon Oct 20 16:08:50 2025 by rpki-client