$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3331/wqWy3sVeEYGZiHuIHPFAQM5mUvk.roa File: wqWy3sVeEYGZiHuIHPFAQM5mUvk.roa (raw, json) Hash identifier: mCKXxw0Jg9sTosPUUWdJmsvhNR0x38zJJC5GvDobSiw= Subject key identifier: C2:A5:B2:DE:C5:5E:11:81:99:88:7B:88:1C:F1:40:40:CE:66:52:F9 Certificate issuer: /CN=2EC2CCB83DDFBF43332266B76A6221362143E365 Certificate serial: 0552 Authority key identifier: 2E:C2:CC:B8:3D:DF:BF:43:33:22:66:B7:6A:62:21:36:21:43:E3:65 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LsLMuD3fv0MzIma3amIhNiFD42U.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3331/wqWy3sVeEYGZiHuIHPFAQM5mUvk.roa Signing time: Sun 24 Aug 2025 14:15:44 +0000 ROA not before: Sun 24 Aug 2025 14:15:44 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4816 IP address blocks: 103.236.64.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3331/LsLMuD3fv0MzIma3amIhNiFD42U.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3331/LsLMuD3fv0MzIma3amIhNiFD42U.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LsLMuD3fv0MzIma3amIhNiFD42U.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 01:05:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1362 (0x552) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2EC2CCB83DDFBF43332266B76A6221362143E365 Validity Not Before: Aug 24 14:15:44 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C2A5B2DEC55E118199887B881CF14040CE6652F9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:b0:18:cd:23:0e:bc:3a:ae:dc:a9:4f:23:ff: 88:8b:e1:99:6f:a7:9a:6b:ba:cc:3f:71:0e:4f:4f: 26:04:7c:7c:ad:14:8f:f7:14:19:9c:04:53:f2:6f: 85:76:af:39:cf:2a:87:c8:d6:cc:d0:ca:6d:ba:b0: b2:55:86:26:81:b4:76:47:90:60:6b:fa:1e:e6:5d: d0:13:43:fe:cd:74:83:dd:5b:eb:ad:7e:32:3e:e4: 9d:73:b5:19:bb:f4:d1:25:bb:96:c5:b8:b0:ce:1b: bf:57:76:52:18:ca:bc:c7:4e:a3:9a:49:26:9d:9d: 53:57:67:47:3e:cc:40:17:ec:64:9f:5b:7f:ec:ab: 64:f3:f1:71:5f:47:a8:ba:80:16:34:73:ee:5e:e9: e8:7e:3e:eb:41:4b:03:8b:ee:36:cf:b0:7d:3f:e3: 13:a1:e0:bf:79:9e:c3:73:43:bc:8f:19:96:91:1d: 1a:e3:c7:98:f5:6d:7b:79:09:04:4f:50:0e:61:ad: 1c:75:7c:8d:bf:38:e7:2c:23:e8:e8:62:ff:7d:cf: c6:b6:35:0e:02:74:f5:64:e3:d8:a1:74:95:35:e3: 0b:32:4a:31:e0:e2:2f:dc:e2:ee:60:41:1d:b5:c3: 74:e6:20:75:d7:72:ad:0f:ed:98:41:c0:30:fe:60: 14:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:A5:B2:DE:C5:5E:11:81:99:88:7B:88:1C:F1:40:40:CE:66:52:F9 X509v3 Authority Key Identifier: keyid:2E:C2:CC:B8:3D:DF:BF:43:33:22:66:B7:6A:62:21:36:21:43:E3:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3331/LsLMuD3fv0MzIma3amIhNiFD42U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LsLMuD3fv0MzIma3amIhNiFD42U.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3331/wqWy3sVeEYGZiHuIHPFAQM5mUvk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.236.64.0/22 Signature Algorithm: sha256WithRSAEncryption 29:22:9f:9b:bf:e9:56:79:5d:11:e0:4b:5d:a9:a8:d7:7a:ec: 77:2b:42:2e:cf:f0:95:ba:44:d1:a2:e7:ff:10:2c:4b:95:a3: 6e:29:7c:74:58:52:27:40:7a:09:ba:64:8d:d3:90:44:16:8e: 17:96:1d:a9:44:e1:8e:a4:0e:a1:ba:45:f2:48:c0:ac:3b:eb: bd:94:2e:e6:26:22:2e:a7:7f:e1:fb:c0:9a:38:08:44:48:0b: d3:c6:8f:94:4c:f9:e7:4f:ea:18:ee:e8:4b:dc:06:da:4a:3c: 23:89:c1:52:0d:a8:1a:7b:e2:e0:03:53:5c:16:84:8e:96:17: fc:bd:92:8f:ad:0b:43:65:8f:71:51:15:a3:ad:c6:fc:e1:04: bd:50:7c:5a:10:37:66:09:a1:ff:38:b1:2a:17:10:62:89:ed: e4:a6:6b:10:40:27:87:8b:07:d6:84:9e:02:c6:b7:2f:09:82: a8:55:3a:a1:c9:19:ab:3d:50:3e:3e:47:a1:d0:a0:f1:a5:80: bb:9c:e3:b9:45:40:42:74:20:9f:23:ff:dd:9a:92:02:19:8a: 02:39:34:d3:eb:1d:e2:32:41:1e:48:0d:db:5b:29:25:09:01: 7a:c0:91:6f:ed:52:3d:03:82:94:e8:d3:32:31:58:5f:99:54: 83:9d:fe:73 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBVIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkVD MkNDQjgzRERGQkY0MzMzMjI2NkI3NkE2MjIxMzYyMTQzRTM2NTAeFw0yNTA4MjQx NDE1NDRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEMyQTVCMkRFQzU1RTEx ODE5OTg4N0I4ODFDRjE0MDQwQ0U2NjUyRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDysBjNIw68Oq7cqU8j/4iL4Zlvp5prusw/cQ5PTyYEfHytFI/3 FBmcBFPyb4V2rznPKofI1szQym26sLJVhiaBtHZHkGBr+h7mXdATQ/7NdIPdW+ut fjI+5J1ztRm79NElu5bFuLDOG79XdlIYyrzHTqOaSSadnVNXZ0c+zEAX7GSfW3/s q2Tz8XFfR6i6gBY0c+5e6eh+PutBSwOL7jbPsH0/4xOh4L95nsNzQ7yPGZaRHRrj x5j1bXt5CQRPUA5hrRx1fI2/OOcsI+joYv99z8a2NQ4CdPVk49ihdJU14wsySjHg 4i/c4u5gQR21w3TmIHXXcq0P7ZhBwDD+YBTBAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUwqWy3sVeEYGZiHuIHPFAQM5mUvkwHwYDVR0jBBgwFoAULsLMuD3fv0MzIma3 amIhNiFD42UwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMz MS9Mc0xNdUQzZnYwTXpJbWEzYW1JaE5pRkQ0MlUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0xzTE11RDNmdjBNekltYTNhbUloTmlGRDQyVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMzEvd3FXeTNzVmVFWUda aUh1SUhQRkFRTTVtVXZrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmfsQDANBgkqhkiG9w0BAQsFAAOCAQEAKSKfm7/pVnldEeBLXamo13rsdytC Ls/wlbpE0aLn/xAsS5Wjbil8dFhSJ0B6CbpkjdOQRBaOF5YdqUThjqQOobpF8kjA rDvrvZQu5iYiLqd/4fvAmjgIREgL08aPlEz550/qGO7oS9wG2ko8I4nBUg2oGnvi 4ANTXBaEjpYX/L2Sj60LQ2WPcVEVo63G/OEEvVB8WhA3Zgmh/zixKhcQYont5KZr EEAnh4sH1oSeAsa3LwmCqFU6ockZqz1QPj5HodCg8aWAu5zjuUVAQnQgnyP/3ZqS AhmKAjk00+sd4jJBHkgN21spJQkBesCRb+1SPQOClOjTMjFYX5lUg53+cw== -----END CERTIFICATE-----Generated at Mon Sep 8 22:31:51 2025 by rpki-client