$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/UiAKlJWZY6zVjmWZ6MgMQUtZzIY.roa File: UiAKlJWZY6zVjmWZ6MgMQUtZzIY.roa (raw, json) Hash identifier: bb42Kb+u1bN3N7TOLWh7qDllFdEyc84AfXrpQUPY8QA= Subject key identifier: 52:20:0A:94:95:99:63:AC:D5:8E:65:99:E8:C8:0C:41:4B:59:CC:86 Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Certificate serial: 202D Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/UiAKlJWZY6zVjmWZ6MgMQUtZzIY.roa Signing time: Tue 26 Aug 2025 05:09:52 +0000 ROA not before: Tue 26 Aug 2025 05:09:52 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4808 IP address blocks: 103.235.220.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 04:06:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8237 (0x202d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Validity Not Before: Aug 26 05:09:52 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=52200A94959963ACD58E6599E8C80C414B59CC86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:45:b5:0e:90:5c:94:67:55:f3:d8:5e:20:c8: 6c:f2:4f:e7:8e:fa:0c:35:d5:77:ba:71:67:ec:48: 59:3d:49:15:94:ef:2d:cd:11:e0:44:c3:13:24:2d: e6:28:4f:2b:b8:15:1e:7c:2e:e9:3f:b8:58:03:4a: a9:11:f6:bf:94:57:5d:fd:a2:e3:c4:16:96:b4:20: 18:8f:02:16:ee:a7:27:15:f1:00:de:dd:be:4d:1d: b8:a1:f0:a6:27:8a:3b:98:90:b5:80:35:89:79:6f: 35:fe:ca:eb:cf:de:92:d0:3e:7b:32:92:06:d9:28: e1:af:59:56:d8:ad:89:88:31:fa:16:6a:07:15:1d: 53:83:13:cf:cf:66:7b:c4:07:06:17:39:87:0b:1a: 4b:fd:17:f1:d4:ca:65:60:ae:8c:76:59:53:03:0a: fa:57:af:c2:38:09:f6:53:34:0a:89:4c:64:55:e7: b6:32:32:68:a9:fd:86:d7:b4:fd:03:13:42:01:3d: ee:5a:1c:b7:d0:5a:0a:6b:92:55:4c:4a:6f:1d:c6: d6:ab:dd:3f:6b:bd:a2:92:58:f0:87:d2:17:11:75: 3d:8f:f0:40:d5:d6:d9:16:09:e4:5d:c4:6f:d6:8c: 84:f7:59:17:48:12:2b:92:01:54:ec:18:77:8b:ee: 32:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:20:0A:94:95:99:63:AC:D5:8E:65:99:E8:C8:0C:41:4B:59:CC:86 X509v3 Authority Key Identifier: keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/UiAKlJWZY6zVjmWZ6MgMQUtZzIY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.235.220.0/22 Signature Algorithm: sha256WithRSAEncryption a2:fc:f7:0e:04:c6:20:0f:0a:66:ef:4b:f6:c7:95:10:93:02: 4d:0b:bb:74:a3:2d:28:af:fb:4b:4a:af:4a:0e:2c:af:fa:74: bb:5c:15:33:e7:86:92:32:10:e1:71:f2:5a:4d:a8:38:ab:73: d6:10:bc:56:e3:5a:2f:18:9e:04:56:61:09:b7:fd:c7:bb:fe: 1c:fc:5f:39:85:63:18:33:31:38:c1:b7:9c:93:30:e9:11:ae: e9:a1:41:32:a5:b4:7c:5b:96:29:f8:67:21:9a:96:7d:44:8a: 34:15:9d:86:b5:94:ae:06:9d:e1:3a:87:28:91:0e:b4:01:3b: e5:90:4e:62:a5:50:a6:cc:3a:0c:44:48:a7:bb:a0:07:b3:d6: 74:17:49:07:9d:3b:b9:e5:3d:bb:e9:eb:01:9c:f8:06:09:92: fd:b0:d5:24:41:33:cc:57:fe:35:ad:38:2d:bc:f1:d1:f7:69: 43:e1:08:e2:73:f1:d2:b7:e0:a8:8e:0a:f1:a3:df:1b:00:74: 28:bf:86:7c:30:db:aa:16:9f:41:05:d8:f6:bb:0c:25:3c:e3: 50:78:43:fe:8e:00:92:d4:25:aa:d9:20:a1:0e:a8:16:14:4d: dc:dc:d2:59:0a:28:89:e4:b3:26:1a:37:52:8c:ea:79:57:88: d8:81:f6:64 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIC0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTA4MjYw NTA5NTJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDUyMjAwQTk0OTU5OTYz QUNENThFNjU5OUU4QzgwQzQxNEI1OUNDODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCRbUOkFyUZ1Xz2F4gyGzyT+eO+gw11Xe6cWfsSFk9SRWU7y3N EeBEwxMkLeYoTyu4FR58Luk/uFgDSqkR9r+UV139ouPEFpa0IBiPAhbupycV8QDe 3b5NHbih8KYnijuYkLWANYl5bzX+yuvP3pLQPnsykgbZKOGvWVbYrYmIMfoWagcV HVODE8/PZnvEBwYXOYcLGkv9F/HUymVgrox2WVMDCvpXr8I4CfZTNAqJTGRV57Yy Mmip/YbXtP0DE0IBPe5aHLfQWgprklVMSm8dxtar3T9rvaKSWPCH0hcRdT2P8EDV 1tkWCeRdxG/WjIT3WRdIEiuSAVTsGHeL7jIRAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUUiAKlJWZY6zVjmWZ6MgMQUtZzIYwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow 7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL1VpQUtsSldaWTZ6Vmpt V1o2TWdNUVV0WnpJWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn69wwDQYJKoZIhvcNAQELBQADggEBAKL89w4ExiAPCmbvS/bHlRCTAk0Lu3Sj LSiv+0tKr0oOLK/6dLtcFTPnhpIyEOFx8lpNqDirc9YQvFbjWi8YngRWYQm3/ce7 /hz8XzmFYxgzMTjBt5yTMOkRrumhQTKltHxblin4ZyGaln1EijQVnYa1lK4GneE6 hyiRDrQBO+WQTmKlUKbMOgxESKe7oAez1nQXSQedO7nlPbvp6wGc+AYJkv2w1SRB M8xX/jWtOC288dH3aUPhCOJz8dK34KiOCvGj3xsAdCi/hnww26oWn0EF2Pa7DCU8 41B4Q/6OAJLUJarZIKEOqBYUTdzc0lkKKInksyYaN1KM6nlXiNiB9mQ= -----END CERTIFICATE-----Generated at Sun Sep 7 03:29:14 2025 by rpki-client