$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1023/bC40d1-ghgM21ALWbp1O1UkgkdU.roa File: bC40d1-ghgM21ALWbp1O1UkgkdU.roa (raw, json) Hash identifier: 9yTQDJvjPR2trUFfN17YffGLD8jC8nwJrrCPuFbW2Vc= Subject key identifier: 6C:2E:34:77:5F:A0:86:03:36:D4:02:D6:6E:9D:4E:D5:49:20:91:D5 Certificate issuer: /CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83 Certificate serial: 06CB Authority key identifier: 32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/bC40d1-ghgM21ALWbp1O1UkgkdU.roa Signing time: Thu 23 Oct 2025 10:10:54 +0000 ROA not before: Thu 23 Oct 2025 10:10:54 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 132883 IP address blocks: 203.83.9.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 21:06:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1739 (0x6cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83 Validity Not Before: Oct 23 10:10:54 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=6C2E34775FA0860336D402D66E9D4ED5492091D5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:11:67:37:96:d8:ea:b9:5a:b6:7c:d2:1b:29: 77:5e:02:fb:0c:71:2a:0e:1f:97:87:09:0c:38:0d: 96:bc:48:f9:ba:50:5e:c4:84:6c:d0:c7:4b:de:66: 54:86:16:2e:a5:26:c7:61:df:89:f9:16:b6:46:24: e3:46:12:29:67:58:3f:35:41:90:8c:97:69:88:3f: 75:c9:b4:f8:4c:ed:14:ec:35:5c:00:e5:50:8a:81: da:d8:69:5e:15:ac:9a:ca:87:ce:93:90:33:66:b1: dc:fb:e8:2b:43:11:73:e2:d4:0a:0f:03:10:b2:db: 1c:a4:cb:1c:b2:ed:87:b0:44:d0:d2:52:79:20:95: 09:c6:41:c9:f5:7d:41:a3:38:80:09:f4:a3:74:ec: a8:cd:5f:8b:ea:67:da:6c:ff:b7:aa:b9:e2:dc:81: 10:b8:65:ca:ef:2e:9a:ec:c8:bb:b4:16:35:8b:c5: ad:15:71:3f:51:3f:bf:cf:d2:71:2d:2a:65:97:2f: c6:cf:89:3e:a8:9c:15:65:bd:c2:55:ac:52:57:21: 0f:fc:13:ba:4b:8e:03:3c:ac:82:dd:7d:41:71:91: a3:8d:91:22:33:8b:da:6c:3b:8d:6a:d0:1b:cc:ba: bd:5c:3c:a4:b9:81:e0:46:47:3b:d9:a6:9f:c6:19: cb:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:2E:34:77:5F:A0:86:03:36:D4:02:D6:6E:9D:4E:D5:49:20:91:D5 X509v3 Authority Key Identifier: keyid:32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/bC40d1-ghgM21ALWbp1O1UkgkdU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.83.9.0/24 Signature Algorithm: sha256WithRSAEncryption 23:82:19:24:4d:26:9b:ca:a9:4e:8c:e2:95:78:37:a7:1a:92: 5e:ef:66:5a:71:85:75:90:cc:65:9c:9a:a7:77:f7:50:12:71: a5:5d:12:59:9d:cb:79:f2:9d:d7:f6:71:8f:c5:a4:4b:29:23: e3:d1:37:8e:8f:67:cf:f0:e2:ac:92:37:fe:42:98:3d:68:e5: 15:aa:48:b2:ac:f4:eb:4b:9d:2d:e0:94:83:b2:0f:ba:72:7e: 06:d1:bb:a7:fd:a4:b3:b9:34:82:0e:d5:0c:db:3d:09:88:c8: fe:29:31:e5:99:35:e9:1b:17:90:0b:66:b4:41:64:1a:b5:4f: 08:57:75:99:f2:31:26:15:21:2a:52:02:66:b7:ed:16:14:08: 38:ad:3b:b7:c5:98:35:0b:ae:12:83:36:57:0f:bc:11:e9:aa: 94:f4:3f:a2:97:ff:65:95:ed:2d:85:79:0b:04:5f:be:02:8d: 35:07:9b:ba:08:ba:df:ca:89:d2:1b:37:cf:1b:c0:88:b3:e7: 1d:9c:44:19:fb:38:a3:ca:2c:7d:d1:1b:98:8a:e3:34:26:ce: 08:43:88:08:f3:de:a1:d1:cd:45:21:a6:a5:dc:14:3e:bf:3d: 0c:22:95:53:7d:25:36:49:3e:e8:8d:f8:d7:7b:fe:91:d2:fd: 02:03:19:0e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBsswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzJE NUVDMTVDNUU1NjRFNDcwRUM3QjE0Q0Q0N0RFMkQ4NjJBQ0U4MzAeFw0yNTEwMjMx MDEwNTRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDZDMkUzNDc3NUZBMDg2 MDMzNkQ0MDJENjZFOUQ0RUQ1NDkyMDkxRDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFEWc3ltjquVq2fNIbKXdeAvsMcSoOH5eHCQw4DZa8SPm6UF7E hGzQx0veZlSGFi6lJsdh34n5FrZGJONGEilnWD81QZCMl2mIP3XJtPhM7RTsNVwA 5VCKgdrYaV4VrJrKh86TkDNmsdz76CtDEXPi1AoPAxCy2xykyxyy7YewRNDSUnkg lQnGQcn1fUGjOIAJ9KN07KjNX4vqZ9ps/7equeLcgRC4ZcrvLprsyLu0FjWLxa0V cT9RP7/P0nEtKmWXL8bPiT6onBVlvcJVrFJXIQ/8E7pLjgM8rILdfUFxkaONkSIz i9psO41q0BvMur1cPKS5geBGRzvZpp/GGcuVAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUbC40d1+ghgM21ALWbp1O1UkgkdUwHwYDVR0jBBgwFoAUMtXsFcXlZORw7HsU zUfeLYYqzoMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTAy My9NdFhzRmNYbFpPUnc3SHNVelVmZUxZWXF6b00uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL010WHNGY1hsWk9SdzdIc1V6VWZlTFlZcXpvTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEwMjMvYkM0MGQxLWdoZ00y MUFMV2JwMU8xVWtna2RVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAMtTCTANBgkqhkiG9w0BAQsFAAOCAQEAI4IZJE0mm8qpTozilXg3pxqSXu9m WnGFdZDMZZyap3f3UBJxpV0SWZ3LefKd1/Zxj8WkSykj49E3jo9nz/DirJI3/kKY PWjlFapIsqz060udLeCUg7IPunJ+BtG7p/2ks7k0gg7VDNs9CYjI/ikx5Zk16RsX kAtmtEFkGrVPCFd1mfIxJhUhKlICZrftFhQIOK07t8WYNQuuEoM2Vw+8EemqlPQ/ opf/ZZXtLYV5CwRfvgKNNQebugi638qJ0hs3zxvAiLPnHZxEGfs4o8osfdEbmIrj NCbOCEOICPPeodHNRSGmpdwUPr89DCKVU30lNkk+6I3413v+kdL9AgMZDg== -----END CERTIFICATE-----Generated at Sun Oct 26 17:43:13 2025 by rpki-client