$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/T3DqWTrZB2jJucuspKAuQNumu0A.roa File: T3DqWTrZB2jJucuspKAuQNumu0A.roa (raw, json) Hash identifier: 3CnxzRIupZt6NMGmQ5fT/CTARv+y9K8WLTwMS/eBKEY= Subject key identifier: 4F:70:EA:59:3A:D9:07:68:C9:B9:CB:AC:A4:A0:2E:40:DB:A6:BB:40 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 15AF Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/T3DqWTrZB2jJucuspKAuQNumu0A.roa Signing time: Mon 20 Oct 2025 05:18:01 +0000 ROA not before: Mon 20 Oct 2025 05:18:01 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 62387 IP address blocks: 101.232.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 11:34:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5551 (0x15af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Oct 20 05:18:01 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4F70EA593AD90768C9B9CBACA4A02E40DBA6BB40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:37:f9:6f:c8:12:2b:5f:01:74:f1:cc:3a:39: 79:66:96:17:ab:3d:42:76:43:b4:5a:1f:30:37:bc: 3d:c9:74:8f:01:18:8b:fe:6d:2e:1b:c5:cd:0f:67: c5:7c:4d:99:03:67:b7:ba:d3:31:99:95:ac:24:e9: 5c:92:4b:d1:8b:9e:25:71:1a:d6:6f:84:3a:a6:a2: 4c:5d:3e:c9:66:7c:d1:13:5d:2f:c9:19:16:dc:34: 39:53:0d:41:d1:a1:2a:d7:71:3e:42:cb:c6:ff:58: a0:e8:f4:64:14:e5:fe:9a:f8:c9:ec:cc:78:e2:45: 39:5e:d6:a9:57:c4:bf:cb:2c:1e:f1:8c:b5:48:4c: af:5b:26:cd:ca:8b:9d:3f:b3:5b:9c:ca:c3:38:bd: 7f:08:70:fa:79:4d:92:f9:5e:d0:35:fd:b7:d2:ea: 0b:4a:2c:76:6e:48:85:8a:25:98:87:36:08:f3:74: 4b:16:23:ec:89:60:06:ab:3e:46:ad:c0:42:a9:87: e5:3a:3b:8d:4a:ee:4c:51:a5:2a:14:f3:25:8c:74: 16:1c:2e:cd:80:39:6c:3c:ea:de:1e:4f:1a:f1:eb: 2d:1b:de:a3:69:23:9a:16:de:7d:1d:0c:9f:b8:0e: a6:8c:8e:05:b4:46:f1:5c:42:da:ca:72:46:38:66: 58:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:70:EA:59:3A:D9:07:68:C9:B9:CB:AC:A4:A0:2E:40:DB:A6:BB:40 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/T3DqWTrZB2jJucuspKAuQNumu0A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.0.0/22 Signature Algorithm: sha256WithRSAEncryption 27:aa:57:39:ce:e5:8d:5f:fa:d5:d0:c6:9d:eb:1c:71:de:0a: 45:83:46:d8:5c:05:ac:bf:50:06:49:c3:be:3b:ca:e9:e0:52: b3:03:5a:98:a7:a9:de:9f:08:e2:96:2b:96:4c:90:2c:94:9c: 51:24:2a:0d:7a:96:4c:9b:9c:15:c4:9f:ee:43:ee:19:6c:26: 69:03:33:07:ae:b7:d6:d1:63:ce:11:aa:6c:38:aa:95:6b:11: 3e:7b:c5:70:15:0b:31:5c:7b:3e:c2:1f:dc:a8:65:5b:24:73: c0:4c:c7:49:d8:34:f2:3c:a0:90:e7:01:a2:e4:22:21:f9:47: 33:55:3d:c2:f9:a2:9c:b9:bd:f6:00:28:04:03:a4:d1:66:a9: d5:6a:ea:36:23:18:b1:3c:bd:78:6b:ff:d4:fc:6b:a7:4c:f7: 79:ec:6e:5b:3e:a1:b8:33:5b:45:aa:75:e5:1d:f9:6f:e9:a8: 76:26:87:0f:59:57:0c:79:01:45:67:26:f8:9e:43:4d:0f:2b: ba:b2:6d:af:d5:9f:b4:f2:d7:cb:f2:19:e0:22:cf:cb:66:08: 0b:90:a4:9c:62:24:e3:32:b8:66:b8:bb:84:26:7f:e2:cd:6f: c9:eb:a8:71:5c:92:c3:d2:35:ee:c8:8c:d9:25:5f:1d:dc:f7: cd:b6:8d:e0 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFa8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTEwMjAw NTE4MDFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDRGNzBFQTU5M0FEOTA3 NjhDOUI5Q0JBQ0E0QTAyRTQwREJBNkJCNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+N/lvyBIrXwF08cw6OXlmlherPUJ2Q7RaHzA3vD3JdI8BGIv+ bS4bxc0PZ8V8TZkDZ7e60zGZlawk6VySS9GLniVxGtZvhDqmokxdPslmfNETXS/J GRbcNDlTDUHRoSrXcT5Cy8b/WKDo9GQU5f6a+MnszHjiRTle1qlXxL/LLB7xjLVI TK9bJs3Ki50/s1ucysM4vX8IcPp5TZL5XtA1/bfS6gtKLHZuSIWKJZiHNgjzdEsW I+yJYAarPkatwEKph+U6O41K7kxRpSoU8yWMdBYcLs2AOWw86t4eTxrx6y0b3qNp I5oW3n0dDJ+4DqaMjgW0RvFcQtrKckY4ZlhBAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUT3DqWTrZB2jJucuspKAuQNumu0AwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1QzRHFXVHJaQjJqSnVj dXNwS0F1UU51bXUwQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6AAwDQYJKoZIhvcNAQELBQADggEBACeqVznO5Y1f+tXQxp3rHHHeCkWDRthc Bay/UAZJw747yungUrMDWpinqd6fCOKWK5ZMkCyUnFEkKg16lkybnBXEn+5D7hls JmkDMweut9bRY84Rqmw4qpVrET57xXAVCzFcez7CH9yoZVskc8BMx0nYNPI8oJDn AaLkIiH5RzNVPcL5opy5vfYAKAQDpNFmqdVq6jYjGLE8vXhr/9T8a6dM93nsbls+ obgzW0WqdeUd+W/pqHYmhw9ZVwx5AUVnJvieQ00PK7qyba/Vn7Ty18vyGeAiz8tm CAuQpJxiJOMyuGa4u4Qmf+LNb8nrqHFcksPSNe7IjNklXx3c9822jeA= -----END CERTIFICATE-----Generated at Wed Oct 22 10:24:37 2025 by rpki-client