$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1023/dj52fO6wCS8Lsoe-ihgKdkrnwnE.roa File: dj52fO6wCS8Lsoe-ihgKdkrnwnE.roa (raw, json) Hash identifier: 7aICgRrTtrePB+0YhNu9XutmrrOoUeqPXvBeqh7Qv/Y= Subject key identifier: 76:3E:76:7C:EE:B0:09:2F:0B:B2:87:BE:8A:18:0A:76:4A:E7:C2:71 Certificate issuer: /CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83 Certificate serial: 06C9 Authority key identifier: 32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/dj52fO6wCS8Lsoe-ihgKdkrnwnE.roa Signing time: Thu 23 Oct 2025 10:10:54 +0000 ROA not before: Thu 23 Oct 2025 10:10:54 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 132883 IP address blocks: 203.83.8.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 21:06:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1737 (0x6c9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83 Validity Not Before: Oct 23 10:10:54 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=763E767CEEB0092F0BB287BE8A180A764AE7C271 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d2:51:59:1e:06:ca:6c:c1:e4:14:eb:07:bd: cf:b2:a8:ba:6a:fb:65:ec:f7:3f:3e:e0:ad:2e:dc: 97:08:ec:68:73:fd:af:3d:1f:dc:a7:9e:b7:33:ab: 36:35:30:e5:c2:e0:7f:c1:48:a4:fc:d1:52:87:a0: ea:4c:3f:5f:a1:56:e5:da:db:82:0e:73:db:87:ce: 78:ea:fb:98:6e:f3:2f:64:fa:47:96:f3:8a:64:3e: 65:cd:31:01:b9:ef:23:6b:d6:a9:b0:0c:ec:63:db: 99:79:14:30:5e:de:5f:92:ad:a3:f9:f5:ba:af:cc: 8f:6d:f8:d4:7c:6b:1a:ee:e7:38:ea:cf:fe:23:c1: 37:ed:3e:2b:77:f4:c7:f7:12:d1:e9:51:18:b6:49: 04:08:96:00:68:ad:4d:5c:83:30:3a:f4:56:fc:f6: 3d:f0:87:82:8f:36:e9:d7:4d:57:ce:8a:07:3c:50: d7:cb:e4:48:59:fa:a8:c6:35:e3:05:30:96:1c:bd: 53:ee:4f:ac:06:e4:94:f5:9e:08:ca:48:2f:04:07: f1:19:f5:b3:b6:cc:5f:fa:3d:c3:62:29:8f:03:e8: f4:97:07:54:3c:aa:b7:3e:a6:0e:0d:b1:73:5f:61: a1:79:16:6a:55:0f:92:18:85:98:02:4e:64:9b:9a: c0:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:3E:76:7C:EE:B0:09:2F:0B:B2:87:BE:8A:18:0A:76:4A:E7:C2:71 X509v3 Authority Key Identifier: keyid:32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/dj52fO6wCS8Lsoe-ihgKdkrnwnE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.83.8.0/24 Signature Algorithm: sha256WithRSAEncryption 52:3e:39:a5:1f:24:0b:00:ae:34:cc:0b:68:01:46:98:52:ce: 2f:97:33:92:9a:0a:0a:27:75:82:dc:19:8f:b7:5c:0b:1c:45: 19:58:17:44:42:d0:31:61:2b:e1:56:63:84:e2:e4:fc:74:49: 3b:64:36:8e:5d:cc:53:12:b0:58:88:a4:e9:7b:7e:9b:bf:2f: de:db:9c:8b:37:cc:52:7d:16:ef:62:f0:d2:35:28:ed:59:c2: 16:12:21:bd:e8:a9:a9:6a:62:b1:0a:eb:b5:97:e0:86:09:e5: 22:a3:c8:68:27:aa:2b:cf:b8:de:97:01:37:a9:c4:25:9c:05: b7:ca:86:2b:64:11:30:1b:0d:55:f5:c7:b6:6e:43:4f:a9:86: e7:6f:e1:d1:87:37:23:b1:ce:73:3e:bd:df:a1:66:64:40:79: b1:c0:cd:e5:ca:98:f1:f4:b5:85:c4:97:1e:9e:f5:57:a3:a1: 00:59:f4:6d:c8:8f:ca:7e:4d:87:38:5d:29:44:4f:63:89:4f: 11:37:2f:11:9f:c3:96:cf:ba:b6:e4:bf:45:d0:dd:c3:17:4a: dd:14:e1:1d:fe:06:c4:3c:1f:fa:b0:16:1d:7d:b1:4c:49:b4: 92:a0:1a:0a:9b:8b:e1:87:51:71:6b:f1:b7:df:e8:94:e1:0c: b4:37:a0:2f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBskwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzJE NUVDMTVDNUU1NjRFNDcwRUM3QjE0Q0Q0N0RFMkQ4NjJBQ0U4MzAeFw0yNTEwMjMx MDEwNTRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDc2M0U3NjdDRUVCMDA5 MkYwQkIyODdCRThBMTgwQTc2NEFFN0MyNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+0lFZHgbKbMHkFOsHvc+yqLpq+2Xs9z8+4K0u3JcI7Ghz/a89 H9ynnrczqzY1MOXC4H/BSKT80VKHoOpMP1+hVuXa24IOc9uHznjq+5hu8y9k+keW 84pkPmXNMQG57yNr1qmwDOxj25l5FDBe3l+SraP59bqvzI9t+NR8axru5zjqz/4j wTftPit39Mf3EtHpURi2SQQIlgBorU1cgzA69Fb89j3wh4KPNunXTVfOigc8UNfL 5EhZ+qjGNeMFMJYcvVPuT6wG5JT1ngjKSC8EB/EZ9bO2zF/6PcNiKY8D6PSXB1Q8 qrc+pg4NsXNfYaF5FmpVD5IYhZgCTmSbmsB9AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUdj52fO6wCS8Lsoe+ihgKdkrnwnEwHwYDVR0jBBgwFoAUMtXsFcXlZORw7HsU zUfeLYYqzoMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTAy My9NdFhzRmNYbFpPUnc3SHNVelVmZUxZWXF6b00uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL010WHNGY1hsWk9SdzdIc1V6VWZlTFlZcXpvTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEwMjMvZGo1MmZPNndDUzhM c29lLWloZ0tka3Jud25FLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAMtTCDANBgkqhkiG9w0BAQsFAAOCAQEAUj45pR8kCwCuNMwLaAFGmFLOL5cz kpoKCid1gtwZj7dcCxxFGVgXRELQMWEr4VZjhOLk/HRJO2Q2jl3MUxKwWIik6Xt+ m78v3tucizfMUn0W72Lw0jUo7VnCFhIhveipqWpisQrrtZfghgnlIqPIaCeqK8+4 3pcBN6nEJZwFt8qGK2QRMBsNVfXHtm5DT6mG52/h0Yc3I7HOcz6936FmZEB5scDN 5cqY8fS1hcSXHp71V6OhAFn0bciPyn5NhzhdKURPY4lPETcvEZ/Dls+6tuS/RdDd wxdK3RThHf4GxDwf+rAWHX2xTEm0kqAaCpuL4YdRcWvxt9/olOEMtDegLw== -----END CERTIFICATE-----Generated at Sun Oct 26 17:43:13 2025 by rpki-client