$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1407/DZ9goMqh1tbZJtmWmEe55G3UPM8.roa File: DZ9goMqh1tbZJtmWmEe55G3UPM8.roa (raw, json) Hash identifier: UB5MHBmQqSFhvXeEyjlx1wflR5Gqg2Tx9OCUubTS/H8= Subject key identifier: 0D:9F:60:A0:CA:A1:D6:D6:D9:26:D9:96:98:47:B9:E4:6D:D4:3C:CF Certificate issuer: /CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E Certificate serial: 205D Authority key identifier: 5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/DZ9goMqh1tbZJtmWmEe55G3UPM8.roa Signing time: Sat 06 Sep 2025 08:04:25 +0000 ROA not before: Sat 06 Sep 2025 08:04:25 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 17408 IP address blocks: 103.20.46.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 11:05:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8285 (0x205d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E Validity Not Before: Sep 6 08:04:25 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=0D9F60A0CAA1D6D6D926D9969847B9E46DD43CCF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:6b:82:03:f5:c8:31:88:90:09:7f:3a:2b:d5: 66:e1:58:4d:ab:3c:e8:f5:dd:01:28:9b:b6:41:3f: 56:01:7b:92:8d:3c:b9:a9:27:6f:33:50:20:c7:47: ec:42:53:e4:b5:d4:e9:54:ef:b5:55:80:81:f0:d9: c3:35:ae:cc:4a:a3:ce:13:d0:4b:64:21:87:74:fd: 85:4f:c6:6e:c5:54:30:36:5d:60:fd:a3:eb:21:10: 07:6d:54:0c:3f:18:07:4c:cb:7a:33:da:76:25:4e: 2b:be:ba:7c:1c:dd:e9:36:d1:f6:ba:af:a3:d2:16: 39:cb:65:8d:92:87:4b:8d:b1:dc:3f:07:f3:e9:0a: 89:f1:cb:6f:fc:f3:27:9d:ee:f3:db:87:df:a1:bb: c0:88:16:7e:84:6e:da:38:75:be:da:3a:22:50:29: fa:23:20:05:61:27:2a:c7:f9:2b:5c:d1:c4:8d:ec: b3:da:f5:41:c5:17:ba:4b:5f:b7:8d:0a:4a:73:89: 0d:01:14:55:55:31:54:76:57:6b:cd:8c:2b:8c:0f: b3:3d:f9:2f:d8:e8:72:f5:cf:d2:47:60:14:e6:0b: c3:ae:4c:2b:88:8b:88:ac:33:3e:82:37:01:13:35: fe:07:3f:af:4c:4f:9a:45:ec:97:17:f5:98:fe:5f: 3d:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:9F:60:A0:CA:A1:D6:D6:D9:26:D9:96:98:47:B9:E4:6D:D4:3C:CF X509v3 Authority Key Identifier: keyid:5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/DZ9goMqh1tbZJtmWmEe55G3UPM8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.20.46.0/24 Signature Algorithm: sha256WithRSAEncryption b5:45:ea:e4:15:05:f9:4c:a5:7b:1e:bc:a1:ff:9f:95:bb:ee: ab:12:57:6b:c0:82:f1:1d:01:db:60:1d:49:5d:17:19:2f:9f: 4e:a2:c7:c7:5f:69:86:f3:1f:95:de:2a:31:7e:b5:e5:27:cd: 45:7b:61:56:51:80:f0:41:b7:e5:ad:66:ca:98:eb:89:1e:7f: 75:29:62:e7:6a:3c:6e:8b:fd:d4:bb:16:15:c3:9b:b5:f5:8e: 6d:a3:45:6a:fe:f8:30:74:23:b1:16:cc:8c:d7:3d:c1:08:7d: 9d:b3:7a:6a:d8:74:8f:7b:da:6b:10:6a:ae:67:d4:8c:bd:5c: de:50:e4:32:bf:64:ca:6f:d8:62:55:91:be:de:9f:ea:ec:99: 40:f6:b6:75:60:70:0a:ca:68:04:72:65:51:9c:07:60:2b:48: 74:aa:ec:62:36:83:95:35:0a:95:30:e5:61:ff:bd:04:6f:a2: a2:3d:c7:10:5d:45:0a:e4:57:98:19:0f:69:0b:a1:32:d7:84: 2f:98:ca:48:ec:67:ca:90:e3:16:f1:46:3d:98:51:9b:ea:24: 63:2e:3e:41:99:d5:e5:d8:46:25:84:85:3a:29:0c:f5:5c:e8: f2:7a:75:79:08:54:d7:22:7a:8f:ad:03:85:fc:72:0b:64:10: bc:96:b8:10 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIF0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNURB MEE1RUNDMjE4MkRCMDBFQjg1QzYyMzEzRDU3Qjk2QjdGRDY4RTAeFw0yNTA5MDYw ODA0MjVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDBEOUY2MEEwQ0FBMUQ2 RDZEOTI2RDk5Njk4NDdCOUU0NkRENDNDQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwa4ID9cgxiJAJfzor1WbhWE2rPOj13QEom7ZBP1YBe5KNPLmp J28zUCDHR+xCU+S11OlU77VVgIHw2cM1rsxKo84T0EtkIYd0/YVPxm7FVDA2XWD9 o+shEAdtVAw/GAdMy3oz2nYlTiu+unwc3ek20fa6r6PSFjnLZY2Sh0uNsdw/B/Pp Conxy2/88yed7vPbh9+hu8CIFn6Ebto4db7aOiJQKfojIAVhJyrH+Stc0cSN7LPa 9UHFF7pLX7eNCkpziQ0BFFVVMVR2V2vNjCuMD7M9+S/Y6HL1z9JHYBTmC8OuTCuI i4isMz6CNwETNf4HP69MT5pF7JcX9Zj+Xz2LAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUDZ9goMqh1tbZJtmWmEe55G3UPM8wHwYDVR0jBBgwFoAUXaCl7MIYLbAOuFxi MT1XuWt/1o4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQw Ny9YYUNsN01JWUxiQU91RnhpTVQxWHVXdF8xbzQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1hhQ2w3TUlZTGJBT3VGeGlNVDFYdVd0XzFvNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MDcvRFo5Z29NcWgxdGJa SnRtV21FZTU1RzNVUE04LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGcULjANBgkqhkiG9w0BAQsFAAOCAQEAtUXq5BUF+Uylex68of+flbvuqxJX a8CC8R0B22AdSV0XGS+fTqLHx19phvMfld4qMX615SfNRXthVlGA8EG35a1mypjr iR5/dSli52o8bov91LsWFcObtfWObaNFav74MHQjsRbMjNc9wQh9nbN6ath0j3va axBqrmfUjL1c3lDkMr9kym/YYlWRvt6f6uyZQPa2dWBwCspoBHJlUZwHYCtIdKrs YjaDlTUKlTDlYf+9BG+ioj3HEF1FCuRXmBkPaQuhMteEL5jKSOxnypDjFvFGPZhR m+okYy4+QZnV5dhGJYSFOikM9Vzo8np1eQhU1yJ6j60DhfxyC2QQvJa4EA== -----END CERTIFICATE-----Generated at Mon Sep 8 09:11:47 2025 by rpki-client