$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2537/Rt0v6zl0kzLCcol4ZR8v0LMCkno.roa File: Rt0v6zl0kzLCcol4ZR8v0LMCkno.roa (raw, json) Hash identifier: PbkXFoHR+aS5YRRjAvu1t4Iy2C5pWM5kvwPlR8tBHUA= Subject key identifier: 46:DD:2F:EB:39:74:93:32:C2:72:89:78:65:1F:2F:D0:B3:02:92:7A Certificate issuer: /CN=FB653B26775041687D362D4CEF768E58F99EC075 Certificate serial: 0C42 Authority key identifier: FB:65:3B:26:77:50:41:68:7D:36:2D:4C:EF:76:8E:58:F9:9E:C0:75 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-2U7JndQQWh9Ni1M73aOWPmewHU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/Rt0v6zl0kzLCcol4ZR8v0LMCkno.roa Signing time: Sat 13 Sep 2025 03:09:35 +0000 ROA not before: Sat 13 Sep 2025 03:09:35 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137443 IP address blocks: 103.97.56.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/-2U7JndQQWh9Ni1M73aOWPmewHU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/-2U7JndQQWh9Ni1M73aOWPmewHU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-2U7JndQQWh9Ni1M73aOWPmewHU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 02:07:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3138 (0xc42) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FB653B26775041687D362D4CEF768E58F99EC075 Validity Not Before: Sep 13 03:09:35 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=46DD2FEB39749332C2728978651F2FD0B302927A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:54:08:6e:80:7f:6a:72:38:97:e3:61:a0:88: 7b:e2:77:39:ca:c2:19:0e:26:3a:aa:2a:78:c2:e3: 87:dc:54:ae:f2:d4:45:f0:5d:76:27:6b:e1:06:3c: e4:f7:ed:cc:9d:b6:98:a9:9d:c1:fa:89:1d:4a:4f: ce:12:2d:ae:5a:34:99:2f:4d:14:59:dc:24:62:c2: a8:f8:f1:6d:0f:c2:99:cf:5f:1b:75:59:69:ba:17: ff:05:95:31:4c:a2:ee:52:5e:4a:a0:17:31:c5:99: d2:f5:36:27:84:82:30:fe:4c:70:a1:93:b8:f8:41: 23:1e:0d:c4:aa:54:27:a4:7c:5d:57:68:5e:2e:b2: 4f:3b:b8:05:ed:d0:7f:f8:05:21:60:40:de:6d:47: 76:06:5b:41:d4:e3:dc:25:f3:5b:28:7b:b9:c2:a6: 58:31:27:54:7d:44:8a:56:48:b8:7c:c1:d3:d4:7c: 61:05:12:dd:bf:a2:73:d0:e8:1d:34:ab:f7:01:14: a9:b5:47:91:4b:2e:27:77:fc:f0:b5:38:e3:33:31: f8:a9:37:8b:6b:31:19:98:81:da:9e:df:30:d7:09: 4c:f6:52:43:7f:60:c3:2b:54:06:89:83:8d:b1:b5: 80:c1:bf:f7:ab:c3:36:d6:60:ed:c6:26:5b:29:22: 4c:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:DD:2F:EB:39:74:93:32:C2:72:89:78:65:1F:2F:D0:B3:02:92:7A X509v3 Authority Key Identifier: keyid:FB:65:3B:26:77:50:41:68:7D:36:2D:4C:EF:76:8E:58:F9:9E:C0:75 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/-2U7JndQQWh9Ni1M73aOWPmewHU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-2U7JndQQWh9Ni1M73aOWPmewHU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/Rt0v6zl0kzLCcol4ZR8v0LMCkno.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.97.56.0/22 Signature Algorithm: sha256WithRSAEncryption 04:ea:9c:ac:93:fc:d4:56:43:4f:74:af:fd:36:5a:2f:c3:16: a6:c1:54:12:36:ae:2f:6c:f1:a8:74:01:09:54:5b:7a:e2:1f: 2a:f1:13:07:50:83:5a:a5:24:ca:43:09:0b:a0:e7:aa:47:5e: 0c:7f:44:d1:f4:f9:2a:f7:84:01:b3:f6:31:1c:f7:94:97:c1: 85:0c:64:2b:72:d6:a0:32:c6:91:d5:4e:91:2f:06:c6:bf:67: d6:8c:9f:56:f9:ca:e6:bd:29:ab:2b:12:63:ce:27:d5:73:24: c5:ab:99:fa:e5:2b:34:f4:2f:b8:7e:37:4c:e4:b9:95:6a:05: 06:8b:89:96:a0:0a:09:cb:64:44:15:87:69:9a:0b:17:12:4f: 84:a1:12:af:2d:cb:f5:56:23:d7:a5:ce:8e:3f:9a:b5:2b:bc: c4:ff:b3:cc:03:01:43:73:3f:ad:b9:74:d9:e3:d0:27:8a:ee: 23:a5:50:d1:80:82:1a:71:31:7a:a1:e0:46:a6:68:d0:f9:e5: e5:5c:68:fc:ee:9b:bf:a4:64:37:43:43:f2:0a:00:86:91:92: 17:2e:11:42:c9:e3:10:da:a1:28:2e:e1:53:93:91:59:08:5b: dc:c3:a6:10:0c:74:5e:44:56:59:e1:78:cd:b5:ea:11:dc:67: 2e:46:00:11 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDEIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkI2 NTNCMjY3NzUwNDE2ODdEMzYyRDRDRUY3NjhFNThGOTlFQzA3NTAeFw0yNTA5MTMw MzA5MzVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQ2REQyRkVCMzk3NDkz MzJDMjcyODk3ODY1MUYyRkQwQjMwMjkyN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCmVAhugH9qcjiX42GgiHvidznKwhkOJjqqKnjC44fcVK7y1EXw XXYna+EGPOT37cydtpipncH6iR1KT84SLa5aNJkvTRRZ3CRiwqj48W0PwpnPXxt1 WWm6F/8FlTFMou5SXkqgFzHFmdL1NieEgjD+THChk7j4QSMeDcSqVCekfF1XaF4u sk87uAXt0H/4BSFgQN5tR3YGW0HU49wl81soe7nCplgxJ1R9RIpWSLh8wdPUfGEF Et2/onPQ6B00q/cBFKm1R5FLLid3/PC1OOMzMfipN4trMRmYgdqe3zDXCUz2UkN/ YMMrVAaJg42xtYDBv/erwzbWYO3GJlspIkwjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQURt0v6zl0kzLCcol4ZR8v0LMCknowHwYDVR0jBBgwFoAU+2U7JndQQWh9Ni1M 73aOWPmewHUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUz Ny8tMlU3Sm5kUVFXaDlOaTFNNzNhT1dQbWV3SFUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLy0yVTdKbmRRUVdoOU5pMU03M2FPV1BtZXdIVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MzcvUnQwdjZ6bDBrekxD Y29sNFpSOHYwTE1Da25vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdhODANBgkqhkiG9w0BAQsFAAOCAQEABOqcrJP81FZDT3Sv/TZaL8MWpsFU EjauL2zxqHQBCVRbeuIfKvETB1CDWqUkykMJC6DnqkdeDH9E0fT5KveEAbP2MRz3 lJfBhQxkK3LWoDLGkdVOkS8Gxr9n1oyfVvnK5r0pqysSY84n1XMkxauZ+uUrNPQv uH43TOS5lWoFBouJlqAKCctkRBWHaZoLFxJPhKESry3L9VYj16XOjj+atSu8xP+z zAMBQ3M/rbl02ePQJ4ruI6VQ0YCCGnExeqHgRqZo0Pnl5Vxo/O6bv6RkN0ND8goA hpGSFy4RQsnjENqhKC7hU5ORWQhb3MOmEAx0XkRWWeF4zbXqEdxnLkYAEQ== -----END CERTIFICATE-----Generated at Tue Sep 16 01:42:12 2025 by rpki-client