$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2537/woneSJoz6N2ectC9A9UZ6rE_gZM.roa File: woneSJoz6N2ectC9A9UZ6rE_gZM.roa (raw, json) Hash identifier: oz1mTBbKvrrt2sX+O6/vPeUDGQAM5qf62EYM+5rbIN0= Subject key identifier: C2:89:DE:48:9A:33:E8:DD:9E:72:D0:BD:03:D5:19:EA:B1:3F:81:93 Certificate issuer: /CN=FB653B26775041687D362D4CEF768E58F99EC075 Certificate serial: 0C44 Authority key identifier: FB:65:3B:26:77:50:41:68:7D:36:2D:4C:EF:76:8E:58:F9:9E:C0:75 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-2U7JndQQWh9Ni1M73aOWPmewHU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/woneSJoz6N2ectC9A9UZ6rE_gZM.roa Signing time: Sat 13 Sep 2025 03:09:36 +0000 ROA not before: Sat 13 Sep 2025 03:09:36 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137443 IP address blocks: 103.97.56.0/24 maxlen: 24 103.97.57.0/24 maxlen: 24 103.97.58.0/24 maxlen: 24 103.97.59.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/-2U7JndQQWh9Ni1M73aOWPmewHU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/-2U7JndQQWh9Ni1M73aOWPmewHU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-2U7JndQQWh9Ni1M73aOWPmewHU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 02:07:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3140 (0xc44) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FB653B26775041687D362D4CEF768E58F99EC075 Validity Not Before: Sep 13 03:09:36 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C289DE489A33E8DD9E72D0BD03D519EAB13F8193 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:bf:b4:cd:63:33:0c:fb:40:e3:fe:8d:94:31: 55:ec:c0:de:79:a2:54:fd:87:4a:cc:d5:a5:32:a6: 3e:af:90:2b:74:6f:3f:7f:e2:32:17:31:05:1d:77: 97:ce:81:ed:08:d3:23:09:3f:e1:84:db:3c:26:6b: a0:3c:f9:b7:63:1c:20:65:9c:a2:5b:04:91:34:26: cf:4e:67:2e:b0:ac:6b:cf:5e:c5:91:89:3d:db:d9: 55:ad:d2:bb:c2:9c:2d:1b:11:3b:e6:6c:30:b8:b0: 44:d3:b3:64:ea:81:2a:a8:4e:b0:ba:ec:18:3f:c8: 2e:02:ea:07:a9:f6:d1:db:b1:80:93:2f:eb:66:52: 67:0c:71:f5:21:3d:03:cb:d8:b2:b0:38:0d:ad:52: f6:63:cb:04:52:c6:ab:7e:39:fb:e4:64:6c:95:b7: 61:d4:c5:87:6f:56:21:70:1b:93:6e:6c:f3:7e:a4: fc:ab:15:16:72:65:a3:e7:34:a0:c9:f1:7f:e3:df: f6:e0:27:f2:9a:e9:5a:14:7b:20:a5:75:0c:d4:f8: 14:c1:da:87:62:75:2e:c3:b7:d7:32:bb:b8:a8:e3: 66:88:79:f7:2e:7b:3f:75:1c:ef:b4:a5:40:2e:2e: 13:6c:da:47:e3:3a:b4:7a:33:ff:7a:c9:ff:79:e3: e6:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:89:DE:48:9A:33:E8:DD:9E:72:D0:BD:03:D5:19:EA:B1:3F:81:93 X509v3 Authority Key Identifier: keyid:FB:65:3B:26:77:50:41:68:7D:36:2D:4C:EF:76:8E:58:F9:9E:C0:75 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/-2U7JndQQWh9Ni1M73aOWPmewHU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-2U7JndQQWh9Ni1M73aOWPmewHU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/woneSJoz6N2ectC9A9UZ6rE_gZM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.97.56.0/22 Signature Algorithm: sha256WithRSAEncryption b5:b4:0f:e4:89:e6:09:70:ae:ec:6e:4f:6a:82:87:33:ec:8f: 0a:cc:71:c4:d5:ee:f7:72:af:9d:ca:66:b5:1c:ec:de:fb:bd: 8f:d4:46:e2:01:3f:2f:2d:08:36:27:69:42:4f:72:58:5c:ae: 5c:5e:eb:fe:cf:b9:78:63:ac:b0:a2:9f:94:3e:96:5a:ef:51: 03:8a:d5:be:b7:32:ee:0f:87:4b:3c:e4:0f:ae:4a:3a:61:f8: 9a:4f:29:d8:24:4f:07:48:e3:05:36:e2:95:db:d6:2d:d0:8d: c6:05:d0:0d:a6:fe:b2:69:01:f6:7f:5a:54:02:12:58:20:86: 99:df:ce:b8:f7:6b:3f:66:f8:cd:4a:96:c0:c2:32:95:e8:24: bd:97:ce:0c:52:50:7f:3f:35:b8:00:be:4d:db:21:44:ca:db: 0b:9f:d3:ce:3b:ab:0b:53:62:d0:a7:c9:04:a2:47:e8:30:ef: a6:49:7b:86:6a:29:af:ff:2f:a0:d8:2d:f4:18:c1:81:59:47: 89:5d:a3:87:ca:23:f1:c8:62:94:71:0d:5b:d7:e1:b5:2b:1e: d4:c7:30:00:3b:a0:d1:82:ec:72:71:bf:46:3d:c8:22:b8:c1: 42:e4:cf:60:22:8b:00:1f:92:89:85:1d:5a:e9:98:d3:25:5b: 56:07:2a:f8 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDEQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkI2 NTNCMjY3NzUwNDE2ODdEMzYyRDRDRUY3NjhFNThGOTlFQzA3NTAeFw0yNTA5MTMw MzA5MzZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEMyODlERTQ4OUEzM0U4 REQ5RTcyRDBCRDAzRDUxOUVBQjEzRjgxOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5v7TNYzMM+0Dj/o2UMVXswN55olT9h0rM1aUypj6vkCt0bz9/ 4jIXMQUdd5fOge0I0yMJP+GE2zwma6A8+bdjHCBlnKJbBJE0Js9OZy6wrGvPXsWR iT3b2VWt0rvCnC0bETvmbDC4sETTs2TqgSqoTrC67Bg/yC4C6gep9tHbsYCTL+tm UmcMcfUhPQPL2LKwOA2tUvZjywRSxqt+OfvkZGyVt2HUxYdvViFwG5NubPN+pPyr FRZyZaPnNKDJ8X/j3/bgJ/Ka6VoUeyCldQzU+BTB2odidS7Dt9cyu7io42aIefcu ez91HO+0pUAuLhNs2kfjOrR6M/96yf954+bPAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUwoneSJoz6N2ectC9A9UZ6rE/gZMwHwYDVR0jBBgwFoAU+2U7JndQQWh9Ni1M 73aOWPmewHUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUz Ny8tMlU3Sm5kUVFXaDlOaTFNNzNhT1dQbWV3SFUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLy0yVTdKbmRRUVdoOU5pMU03M2FPV1BtZXdIVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1Mzcvd29uZVNKb3o2TjJl Y3RDOUE5VVo2ckVfZ1pNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdhODANBgkqhkiG9w0BAQsFAAOCAQEAtbQP5InmCXCu7G5PaoKHM+yPCsxx xNXu93KvncpmtRzs3vu9j9RG4gE/Ly0INidpQk9yWFyuXF7r/s+5eGOssKKflD6W Wu9RA4rVvrcy7g+HSzzkD65KOmH4mk8p2CRPB0jjBTbildvWLdCNxgXQDab+smkB 9n9aVAISWCCGmd/OuPdrP2b4zUqWwMIylegkvZfODFJQfz81uAC+TdshRMrbC5/T zjurC1Ni0KfJBKJH6DDvpkl7hmopr/8voNgt9BjBgVlHiV2jh8oj8chilHENW9fh tSse1McwADug0YLscnG/Rj3IIrjBQuTPYCKLAB+SiYUdWumY0yVbVgcq+A== -----END CERTIFICATE-----Generated at Tue Sep 16 01:36:08 2025 by rpki-client