$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3171/q5dZX0LonsqK7cQSibVkdnVFWI0.roa File: q5dZX0LonsqK7cQSibVkdnVFWI0.roa (raw, json) Hash identifier: eJjkvkJwcAzje8hwxl6V/rFbEDf8i4cjMZk5bfZprRI= Subject key identifier: AB:97:59:5F:42:E8:9E:CA:8A:ED:C4:12:89:B5:64:76:75:45:58:8D Certificate issuer: /CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Certificate serial: 15D3 Authority key identifier: 02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/q5dZX0LonsqK7cQSibVkdnVFWI0.roa Signing time: Sat 13 Sep 2025 03:03:56 +0000 ROA not before: Sat 13 Sep 2025 03:03:56 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137443 IP address blocks: 103.197.180.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 02:03:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5587 (0x15d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Validity Not Before: Sep 13 03:03:56 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=AB97595F42E89ECA8AEDC41289B564767545588D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:d3:ef:42:0b:8a:9e:c2:28:ac:5e:f8:96:bb: 84:57:cd:ee:c2:2f:4e:1a:cb:bb:6b:61:54:eb:b8: 8f:43:d4:44:9d:76:d0:3e:3c:14:d2:ee:dc:5a:2a: 54:ad:78:49:e9:67:73:1e:ce:43:34:6a:30:fe:29: ff:14:32:dd:d9:97:8e:6c:69:38:87:d9:44:3f:c9: e7:2e:49:c8:5f:75:6f:ef:c7:91:58:21:49:e9:81: 04:04:1c:78:40:cc:25:77:82:6a:a1:b5:61:ac:df: 6f:77:a1:8c:0c:75:ff:ac:32:03:00:7f:3a:71:11: f5:b1:f6:d3:ae:c2:a9:0c:c0:ba:fc:f4:3d:cc:52: 1b:d5:4d:02:f6:91:84:78:fa:fe:d9:27:47:20:a2: f8:80:f1:6f:d1:97:5f:d0:0b:11:f0:66:28:34:44: 9a:25:db:d9:fe:8f:ac:e8:cb:bf:24:8a:87:76:7b: 41:59:ff:9b:b4:3a:f5:d8:37:fc:88:d6:fe:42:eb: a9:e1:01:5b:4e:06:48:e9:2d:8c:cf:1d:3d:a8:33: 59:2a:bc:48:c3:b3:4d:a6:71:5b:75:47:8a:b3:dc: c8:42:d3:62:0a:91:89:d9:07:0e:a4:58:54:6a:23: 14:53:fe:7b:9c:9e:9e:d3:77:ee:9a:b6:26:5b:53: a0:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:97:59:5F:42:E8:9E:CA:8A:ED:C4:12:89:B5:64:76:75:45:58:8D X509v3 Authority Key Identifier: keyid:02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/q5dZX0LonsqK7cQSibVkdnVFWI0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.197.180.0/24 Signature Algorithm: sha256WithRSAEncryption b7:72:d8:69:9f:c3:d4:c7:28:6e:92:8b:01:d6:78:f0:81:ff: 0a:a4:05:7e:56:44:35:b9:6e:e1:fd:6c:e8:f0:fd:3b:d8:64: 07:25:bf:2b:9d:11:c3:d7:53:64:ea:b4:0e:8b:0c:b0:4b:cc: 0d:31:9a:47:1d:2a:d4:e6:a2:77:12:22:2d:50:ae:9d:4e:6b: 88:a0:6c:29:65:de:41:d1:48:d8:bf:72:6c:70:41:3f:64:ca: 13:c6:96:b1:6e:53:ea:a5:98:00:cf:e8:17:c1:1f:40:3f:7d: b8:d2:f1:63:64:fa:fa:64:13:ac:c3:3e:09:45:2c:aa:ba:71: 3f:5c:55:df:28:53:44:2d:c1:23:c8:49:ec:1b:20:17:c6:de: 52:9f:c8:cc:cf:ff:57:79:06:72:23:15:7a:4c:f9:76:60:84: a2:5b:af:3a:7d:26:7c:11:9a:11:81:d4:ab:c2:34:69:25:cd: 58:de:55:eb:a0:3f:bc:14:73:fe:5a:92:83:5c:59:2b:12:a4: b3:0a:c2:83:63:72:e3:b8:ac:fd:4d:43:c5:60:e3:00:61:91: 24:94:d9:2c:07:f0:04:b8:a9:15:e0:19:18:ff:18:99:c5:11: 80:1a:62:21:c4:6a:e4:ca:69:13:e0:91:16:30:26:68:46:a1: a2:78:b5:40 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFdMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDJG QjA1REUzQzU0NEE5RjFDMzQ0QTYzRUI1RjZDRkREMzQ4MTE1NjAeFw0yNTA5MTMw MzAzNTZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEFCOTc1OTVGNDJFODlF Q0E4QUVEQzQxMjg5QjU2NDc2NzU0NTU4OEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDq0+9CC4qewiisXviWu4RXze7CL04ay7trYVTruI9D1ESddtA+ PBTS7txaKlSteEnpZ3MezkM0ajD+Kf8UMt3Zl45saTiH2UQ/yecuSchfdW/vx5FY IUnpgQQEHHhAzCV3gmqhtWGs3293oYwMdf+sMgMAfzpxEfWx9tOuwqkMwLr89D3M UhvVTQL2kYR4+v7ZJ0cgoviA8W/Rl1/QCxHwZig0RJol29n+j6zoy78kiod2e0FZ /5u0OvXYN/yI1v5C66nhAVtOBkjpLYzPHT2oM1kqvEjDs02mcVt1R4qz3MhC02IK kYnZBw6kWFRqIxRT/nucnp7Td+6atiZbU6DRAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUq5dZX0LonsqK7cQSibVkdnVFWI0wHwYDVR0jBBgwFoAUAvsF3jxUSp8cNEpj 619s/dNIEVYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE3 MS9BdnNGM2p4VVNwOGNORXBqNjE5c19kTklFVlkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0F2c0YzanhVU3A4Y05FcGo2MTlzX2ROSUVWWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNzEvcTVkWlgwTG9uc3FL N2NRU2liVmtkblZGV0kwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGfFtDANBgkqhkiG9w0BAQsFAAOCAQEAt3LYaZ/D1McobpKLAdZ48IH/CqQF flZENblu4f1s6PD9O9hkByW/K50Rw9dTZOq0DosMsEvMDTGaRx0q1OaidxIiLVCu nU5riKBsKWXeQdFI2L9ybHBBP2TKE8aWsW5T6qWYAM/oF8EfQD99uNLxY2T6+mQT rMM+CUUsqrpxP1xV3yhTRC3BI8hJ7BsgF8beUp/IzM//V3kGciMVekz5dmCEoluv On0mfBGaEYHUq8I0aSXNWN5V66A/vBRz/lqSg1xZKxKkswrCg2Ny47is/U1DxWDj AGGRJJTZLAfwBLipFeAZGP8YmcURgBpiIcRq5MppE+CRFjAmaEahoni1QA== -----END CERTIFICATE-----Generated at Tue Sep 16 01:35:39 2025 by rpki-client