$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1023/HP2pPWqilKqEwxxLYf1Bc0eNRZ8.roa File: HP2pPWqilKqEwxxLYf1Bc0eNRZ8.roa (raw, json) Hash identifier: nzM/sVo6T3wrJOKA8s9C/r1i/A+SHE4RxkcR9ZuDMqw= Subject key identifier: 1C:FD:A9:3D:6A:A2:94:AA:84:C3:1C:4B:61:FD:41:73:47:8D:45:9F Certificate issuer: /CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83 Certificate serial: 06CA Authority key identifier: 32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/HP2pPWqilKqEwxxLYf1Bc0eNRZ8.roa Signing time: Thu 23 Oct 2025 10:10:54 +0000 ROA not before: Thu 23 Oct 2025 10:10:54 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 132883 IP address blocks: 203.83.10.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 21:06:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1738 (0x6ca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83 Validity Not Before: Oct 23 10:10:54 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=1CFDA93D6AA294AA84C31C4B61FD4173478D459F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:7f:05:63:02:25:fb:c7:6a:92:6c:e3:64:0b: a5:0f:ef:8e:8a:50:fb:77:5a:92:61:04:c0:93:86: db:57:50:43:dc:58:2b:33:e5:c4:06:4a:af:7a:ae: c2:28:ac:81:70:a4:d0:11:44:7b:bf:33:18:d2:d2: 2a:ae:20:f6:ca:3b:aa:10:a0:7b:9d:4d:e3:08:4f: d3:64:6a:85:bf:8e:2d:70:6d:7a:e0:a1:1c:a9:75: f9:15:1f:53:e9:47:f8:02:48:86:f8:a2:c3:37:c2: 76:35:00:71:d1:bc:44:9d:ae:ed:a7:b3:aa:97:3e: d7:49:0f:ca:40:a5:6e:1e:13:ff:49:62:1c:91:22: 8b:8c:c5:9a:fa:28:10:3b:83:84:03:0f:93:89:78: 38:90:53:0f:61:18:c3:b0:57:a4:53:0e:37:49:8b: be:fb:2b:36:7f:83:03:69:b6:88:a0:8f:36:45:f1: fe:10:6e:1b:0b:05:19:10:f7:89:c7:b3:07:22:d2: c6:5a:e9:77:09:4e:52:50:03:55:e4:b8:7c:6f:a1: 74:c4:fd:bb:d3:86:ba:0f:9d:6a:78:3c:37:a7:f1: 1a:b9:1e:1a:d9:eb:5c:a6:a2:22:49:ca:c7:8a:97: c9:cb:0a:a1:af:f5:9b:25:61:28:7f:d5:67:05:7b: ea:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:FD:A9:3D:6A:A2:94:AA:84:C3:1C:4B:61:FD:41:73:47:8D:45:9F X509v3 Authority Key Identifier: keyid:32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/HP2pPWqilKqEwxxLYf1Bc0eNRZ8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.83.10.0/24 Signature Algorithm: sha256WithRSAEncryption 13:28:ec:bd:08:04:6e:35:e7:01:87:b1:89:bc:80:3d:7b:f9: 06:7a:82:8e:af:6e:ea:a0:f2:b7:9a:de:86:a7:0b:76:e2:bd: 12:cd:47:d0:a2:b7:48:cd:d9:0c:a8:a1:0d:3a:8c:7f:41:07: 84:d7:45:37:82:a8:3b:fb:e2:bf:be:7f:ca:fc:05:c2:84:cc: ab:bf:ec:bb:7a:eb:7a:33:97:18:2b:8d:8a:bd:8c:3b:6b:18: 81:e9:02:cc:39:64:fd:5f:1a:0c:e2:8f:01:e4:c9:03:94:a9: ac:b6:75:a3:25:ad:c9:81:40:63:6e:c8:21:d8:38:fa:23:5f: 61:8d:75:17:03:a8:03:91:13:de:7f:1a:57:a3:83:2e:af:81: 41:21:a7:3b:dd:02:fb:24:15:e9:82:49:bd:b9:76:82:1a:3e: ce:09:f8:90:ca:ff:69:34:42:86:bf:95:f0:34:84:a4:53:22: d0:5c:e3:86:bf:4a:74:bb:71:2a:40:a5:19:39:2f:b5:ad:d7: 2c:30:26:09:a8:c5:5f:9c:1f:cd:44:59:e5:89:88:28:d2:b6: cf:63:d7:ab:d4:d5:7a:fb:ed:ae:86:ae:d9:c9:60:3a:6d:66: 2b:04:22:ed:cf:98:65:b7:ce:44:39:66:87:d9:22:a0:e4:9b: 5e:80:2e:b5 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBsowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzJE NUVDMTVDNUU1NjRFNDcwRUM3QjE0Q0Q0N0RFMkQ4NjJBQ0U4MzAeFw0yNTEwMjMx MDEwNTRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDFDRkRBOTNENkFBMjk0 QUE4NEMzMUM0QjYxRkQ0MTczNDc4RDQ1OUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQClfwVjAiX7x2qSbONkC6UP746KUPt3WpJhBMCThttXUEPcWCsz 5cQGSq96rsIorIFwpNARRHu/MxjS0iquIPbKO6oQoHudTeMIT9NkaoW/ji1wbXrg oRypdfkVH1PpR/gCSIb4osM3wnY1AHHRvESdru2ns6qXPtdJD8pApW4eE/9JYhyR IouMxZr6KBA7g4QDD5OJeDiQUw9hGMOwV6RTDjdJi777KzZ/gwNptoigjzZF8f4Q bhsLBRkQ94nHswci0sZa6XcJTlJQA1XkuHxvoXTE/bvThroPnWp4PDen8Rq5HhrZ 61ymoiJJyseKl8nLCqGv9ZslYSh/1WcFe+qzAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUHP2pPWqilKqEwxxLYf1Bc0eNRZ8wHwYDVR0jBBgwFoAUMtXsFcXlZORw7HsU zUfeLYYqzoMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTAy My9NdFhzRmNYbFpPUnc3SHNVelVmZUxZWXF6b00uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL010WHNGY1hsWk9SdzdIc1V6VWZlTFlZcXpvTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEwMjMvSFAycFBXcWlsS3FF d3h4TFlmMUJjMGVOUlo4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAMtTCjANBgkqhkiG9w0BAQsFAAOCAQEAEyjsvQgEbjXnAYexibyAPXv5BnqC jq9u6qDyt5rehqcLduK9Es1H0KK3SM3ZDKihDTqMf0EHhNdFN4KoO/viv75/yvwF woTMq7/su3rrejOXGCuNir2MO2sYgekCzDlk/V8aDOKPAeTJA5SprLZ1oyWtyYFA Y27IIdg4+iNfYY11FwOoA5ET3n8aV6ODLq+BQSGnO90C+yQV6YJJvbl2gho+zgn4 kMr/aTRChr+V8DSEpFMi0Fzjhr9KdLtxKkClGTkvta3XLDAmCajFX5wfzURZ5YmI KNK2z2PXq9TVevvtroau2clgOm1mKwQi7c+YZbfORDlmh9kioOSbXoAutQ== -----END CERTIFICATE-----Generated at Sun Oct 26 17:43:12 2025 by rpki-client