$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3171/vICCReu4gR1zXdWRNM_PN25IB3Q.roa File: vICCReu4gR1zXdWRNM_PN25IB3Q.roa (raw, json) Hash identifier: 02bHFG1hU5kVSiUV9SFbVnuXcFLfL/BdL2R4dtNVlag= Subject key identifier: BC:80:82:45:EB:B8:81:1D:73:5D:D5:91:34:CF:CF:37:6E:48:07:74 Certificate issuer: /CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Certificate serial: 15D0 Authority key identifier: 02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/vICCReu4gR1zXdWRNM_PN25IB3Q.roa Signing time: Sat 13 Sep 2025 03:03:55 +0000 ROA not before: Sat 13 Sep 2025 03:03:55 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137443 IP address blocks: 103.218.94.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 02:03:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5584 (0x15d0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Validity Not Before: Sep 13 03:03:55 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=BC808245EBB8811D735DD59134CFCF376E480774 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:ea:06:0d:da:33:3e:08:de:ff:b3:50:be:8a: 84:ba:6c:0c:71:9c:b4:e6:ce:70:0d:5c:96:a7:31: b8:8b:02:73:2a:d9:fa:b1:d3:a5:0b:2e:d2:0d:d4: 4c:c0:b2:4b:4c:20:1a:40:23:d2:1d:22:65:10:b6: 78:cf:68:0f:e9:c2:e6:90:2a:e0:22:35:f8:4a:13: 6c:39:6e:21:1b:20:77:d0:e7:a0:9b:bf:63:ef:ad: 90:4e:53:68:28:38:3d:be:66:c2:de:5c:7a:84:d6: e1:04:e0:60:f4:95:da:6d:ec:c3:58:98:31:cd:a9: d5:4f:2e:47:e5:be:b7:1e:97:da:4a:40:4b:05:b8: 54:aa:e1:ae:50:71:30:05:8f:61:f8:96:72:c3:c0: 8d:a0:38:70:ea:0e:81:0b:b4:ce:75:6e:a4:7a:6b: f1:31:99:26:1e:9f:78:b5:90:72:de:90:3a:c1:bc: ad:47:44:e8:17:f9:7c:25:81:c4:d5:50:f8:a0:a3: 0f:3f:a0:64:aa:d1:52:94:87:b6:b9:3c:3a:48:88: 03:ea:36:8d:59:8b:aa:3d:6f:f2:07:21:a6:86:a1: 3d:17:93:77:18:d8:f7:08:74:27:e9:05:bc:e4:da: 0c:1d:69:bc:c5:6f:0a:89:b4:d4:4f:24:23:99:ea: 20:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:80:82:45:EB:B8:81:1D:73:5D:D5:91:34:CF:CF:37:6E:48:07:74 X509v3 Authority Key Identifier: keyid:02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/vICCReu4gR1zXdWRNM_PN25IB3Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.218.94.0/24 Signature Algorithm: sha256WithRSAEncryption 65:c8:85:5a:aa:dd:82:bf:82:2d:3a:6f:e3:ef:b0:02:9c:db: 2e:51:91:e0:87:dd:b9:de:a0:cc:d3:e1:10:5c:8b:02:63:60: 4b:a5:d0:42:7f:01:bf:c4:82:9d:47:5e:24:70:86:cd:ba:dc: 55:66:85:87:6e:44:f5:e7:aa:7e:bb:86:42:cc:d9:9e:06:7f: c6:e2:de:43:d6:db:25:70:b3:67:bd:be:36:4d:eb:4f:3a:27: f8:c0:34:41:dc:5c:19:ea:6e:d2:dc:80:35:90:71:8d:e0:97: 45:fb:15:1f:59:e6:d2:24:55:30:0c:1d:e4:e2:9a:dc:db:66: a9:7a:9b:11:34:95:60:f5:c2:40:15:08:4a:fd:df:2b:35:c4: 77:e5:01:80:be:23:8c:a9:4a:88:33:c7:d9:9a:5e:11:29:94: 90:15:21:eb:c3:82:6a:07:8f:9a:15:be:54:5c:7b:65:c4:ed: 9f:75:74:3b:58:33:90:6b:17:bb:35:06:fe:11:5a:4e:fb:bd: c6:d6:2c:ea:95:dc:42:28:5f:47:43:2e:62:11:70:6e:15:b1: 67:6f:8b:21:b6:d4:8e:fe:24:0e:72:9b:3f:d3:de:ee:0c:ce: 94:f0:ac:09:8a:63:83:7d:88:bc:5b:5c:b3:68:42:d4:97:5e: 76:43:d3:27 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFdAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDJG QjA1REUzQzU0NEE5RjFDMzQ0QTYzRUI1RjZDRkREMzQ4MTE1NjAeFw0yNTA5MTMw MzAzNTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEJDODA4MjQ1RUJCODgx MUQ3MzVERDU5MTM0Q0ZDRjM3NkU0ODA3NzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC66gYN2jM+CN7/s1C+ioS6bAxxnLTmznANXJanMbiLAnMq2fqx 06ULLtIN1EzAsktMIBpAI9IdImUQtnjPaA/pwuaQKuAiNfhKE2w5biEbIHfQ56Cb v2PvrZBOU2goOD2+ZsLeXHqE1uEE4GD0ldpt7MNYmDHNqdVPLkflvrcel9pKQEsF uFSq4a5QcTAFj2H4lnLDwI2gOHDqDoELtM51bqR6a/ExmSYen3i1kHLekDrBvK1H ROgX+XwlgcTVUPigow8/oGSq0VKUh7a5PDpIiAPqNo1Zi6o9b/IHIaaGoT0Xk3cY 2PcIdCfpBbzk2gwdabzFbwqJtNRPJCOZ6iCHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUvICCReu4gR1zXdWRNM/PN25IB3QwHwYDVR0jBBgwFoAUAvsF3jxUSp8cNEpj 619s/dNIEVYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE3 MS9BdnNGM2p4VVNwOGNORXBqNjE5c19kTklFVlkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0F2c0YzanhVU3A4Y05FcGo2MTlzX2ROSUVWWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNzEvdklDQ1JldTRnUjF6 WGRXUk5NX1BOMjVJQjNRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGfaXjANBgkqhkiG9w0BAQsFAAOCAQEAZciFWqrdgr+CLTpv4++wApzbLlGR 4Ifdud6gzNPhEFyLAmNgS6XQQn8Bv8SCnUdeJHCGzbrcVWaFh25E9eeqfruGQszZ ngZ/xuLeQ9bbJXCzZ72+Nk3rTzon+MA0QdxcGepu0tyANZBxjeCXRfsVH1nm0iRV MAwd5OKa3NtmqXqbETSVYPXCQBUISv3fKzXEd+UBgL4jjKlKiDPH2ZpeESmUkBUh 68OCagePmhW+VFx7ZcTtn3V0O1gzkGsXuzUG/hFaTvu9xtYs6pXcQihfR0MuYhFw bhWxZ2+LIbbUjv4kDnKbP9Pe7gzOlPCsCYpjg32IvFtcs2hC1JdedkPTJw== -----END CERTIFICATE-----Generated at Tue Sep 16 01:41:38 2025 by rpki-client