$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/Dwcqly8RyrVEa_gosiuv___r9NA.roa File: Dwcqly8RyrVEa_gosiuv___r9NA.roa (raw, json) Hash identifier: wtLF+FBAtHIJtaAQauIyGM0fIeF2w5y67A81MXAU0WA= Subject key identifier: 0F:07:2A:97:2F:11:CA:B5:44:6B:F8:28:B2:2B:AF:FF:FF:EB:F4:D0 Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 164C Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/Dwcqly8RyrVEa_gosiuv___r9NA.roa Signing time: Mon 08 Sep 2025 09:24:01 +0000 ROA not before: Mon 08 Sep 2025 09:24:01 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 209242 IP address blocks: 103.219.64.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Sep 2025 01:35:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5708 (0x164c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: Sep 8 09:24:01 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=0F072A972F11CAB5446BF828B22BAFFFFFEBF4D0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:bd:d3:bf:00:61:03:19:91:f6:d3:0f:74:a5: f9:e4:3e:a0:e7:8a:fd:6c:33:9f:69:a3:2b:d5:5e: 2c:93:95:d9:2a:da:d1:0d:8d:88:54:51:18:a2:13: be:54:b6:74:1a:dc:9e:45:81:92:ac:85:84:72:e5: 33:23:3e:9f:a7:5e:6c:65:3c:15:3b:50:6b:61:49: 86:ef:02:99:2e:da:12:39:19:41:84:ee:f4:44:48: 75:60:8e:7b:56:a9:ef:47:2b:56:37:41:c0:33:71: b6:e8:a5:06:bc:11:4d:63:95:76:4e:c9:fa:37:5e: d9:15:7d:5d:f5:7e:da:f8:67:e6:a9:41:36:08:98: 28:2d:36:3d:f7:f9:0d:77:3e:0c:a4:d6:d9:0d:fa: 62:5e:3d:66:49:fe:42:06:92:ec:9d:81:2e:d6:18: f2:ad:d9:59:a9:91:af:b8:4b:4f:2f:19:7b:5f:55: 05:4f:fa:da:65:0e:d5:71:95:09:a7:8f:c2:ef:23: a7:1b:e3:cf:4f:1d:c9:1c:f5:94:6b:8d:f3:85:dd: 54:11:00:cb:79:e5:2d:8a:fe:a4:26:ba:41:e8:d0: c9:f9:fb:a1:92:4a:0d:26:be:e1:19:c0:f1:fc:be: 6f:52:09:f9:bb:62:f4:96:f5:c7:51:99:b6:7e:c8: 51:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:07:2A:97:2F:11:CA:B5:44:6B:F8:28:B2:2B:AF:FF:FF:EB:F4:D0 X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/Dwcqly8RyrVEa_gosiuv___r9NA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.219.64.0/22 Signature Algorithm: sha256WithRSAEncryption 2c:c3:52:a4:8e:89:82:99:03:24:0c:74:f1:a2:e3:e1:3c:5c: ed:65:e6:11:34:21:b3:e1:f7:85:4c:84:ed:a0:e3:2e:35:3d: 44:bc:49:60:1f:26:40:74:4a:71:51:ee:89:97:ce:9c:fd:fc: 0d:92:c9:83:35:a7:ca:39:3e:05:bf:33:1d:94:9b:b6:ee:e0: 57:98:5d:8a:9a:b0:db:a8:c9:7a:47:18:a6:8d:e6:90:09:13: 44:a7:be:1c:7a:12:51:14:6e:21:90:7b:e7:7f:a8:37:52:01: 48:83:5e:02:13:58:f2:d2:c7:ee:52:42:73:d1:c8:15:02:0c: 52:47:3c:a4:17:5d:85:ac:a3:67:07:f3:cc:73:f3:ab:40:3a: f0:15:82:03:ba:4c:57:f8:4a:1d:39:7c:05:fd:96:33:76:83: 3f:e3:6d:d4:73:b1:3d:df:c2:07:25:cb:a6:11:da:e2:fe:51: 7a:3d:64:fd:16:8d:6c:ec:db:ed:80:94:6d:9d:b0:8c:19:85: fc:dc:ba:fe:1b:30:2c:05:22:09:fa:5c:ac:c2:89:af:0f:c7: cb:c0:02:88:e6:f4:0c:fc:68:56:fa:6d:11:43:66:3d:b9:49: d6:7f:12:36:ef:ac:3b:2c:29:81:6d:21:13:7d:cf:7c:89:e4: 6d:9f:39:7c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFkwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTA5MDgw OTI0MDFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDBGMDcyQTk3MkYxMUNB QjU0NDZCRjgyOEIyMkJBRkZGRkZFQkY0RDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQvdO/AGEDGZH20w90pfnkPqDniv1sM59poyvVXiyTldkq2tEN jYhUURiiE75UtnQa3J5FgZKshYRy5TMjPp+nXmxlPBU7UGthSYbvApku2hI5GUGE 7vRESHVgjntWqe9HK1Y3QcAzcbbopQa8EU1jlXZOyfo3XtkVfV31ftr4Z+apQTYI mCgtNj33+Q13Pgyk1tkN+mJePWZJ/kIGkuydgS7WGPKt2Vmpka+4S08vGXtfVQVP +tplDtVxlQmnj8LvI6cb489PHckc9ZRrjfOF3VQRAMt55S2K/qQmukHo0Mn5+6GS Sg0mvuEZwPH8vm9SCfm7YvSW9cdRmbZ+yFHzAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUDwcqly8RyrVEa/gosiuv///r9NAwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvRHdjcWx5OFJ5clZF YV9nb3NpdXZfX19yOU5BLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmfbQDANBgkqhkiG9w0BAQsFAAOCAQEALMNSpI6JgpkDJAx08aLj4Txc7WXm ETQhs+H3hUyE7aDjLjU9RLxJYB8mQHRKcVHuiZfOnP38DZLJgzWnyjk+Bb8zHZSb tu7gV5hdipqw26jJekcYpo3mkAkTRKe+HHoSURRuIZB753+oN1IBSINeAhNY8tLH 7lJCc9HIFQIMUkc8pBddhayjZwfzzHPzq0A68BWCA7pMV/hKHTl8Bf2WM3aDP+Nt 1HOxPd/CByXLphHa4v5Rej1k/RaNbOzb7YCUbZ2wjBmF/Ny6/hswLAUiCfpcrMKJ rw/Hy8ACiOb0DPxoVvptEUNmPblJ1n8SNu+sOywpgW0hE33PfInkbZ85fA== -----END CERTIFICATE-----Generated at Wed Sep 17 23:28:16 2025 by rpki-client