$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/xwquBEXcl8a4yFUzBrscf8HQ06M.roa File: xwquBEXcl8a4yFUzBrscf8HQ06M.roa (raw, json) Hash identifier: rNRRqo775PArO7dtDjnVMk+cZ3LK1MGHsh2zTYb+VrA= Subject key identifier: C7:0A:AE:04:45:DC:97:C6:B8:C8:55:33:06:BB:1C:7F:C1:D0:D3:A3 Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Certificate serial: 202B Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/xwquBEXcl8a4yFUzBrscf8HQ06M.roa Signing time: Tue 26 Aug 2025 05:09:52 +0000 ROA not before: Tue 26 Aug 2025 05:09:52 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 56282 IP address blocks: 103.235.220.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 05:06:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8235 (0x202b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Validity Not Before: Aug 26 05:09:52 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C70AAE0445DC97C6B8C8553306BB1C7FC1D0D3A3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:91:5f:1f:87:81:30:da:ab:37:69:83:58:37: 57:d6:98:94:bb:f8:df:df:bd:2f:cf:53:13:42:dd: 47:97:b5:12:87:27:7d:33:07:11:55:47:73:9d:b3: ea:3e:3b:2f:ff:75:db:51:1c:91:13:b8:af:ae:f5: 19:fa:85:9c:87:c2:94:d8:ff:a5:92:2d:e7:8c:da: 84:3c:24:d0:b1:5c:f6:ad:8f:a0:12:22:af:fe:34: 3a:9b:77:8d:e4:53:a4:4d:d9:52:cf:21:9a:d8:a5: e2:ee:d1:b1:d4:ba:41:a0:45:cf:fa:77:1c:04:55: ef:66:3a:09:1d:24:a9:a1:3b:ca:a1:6e:80:ed:e1: 59:11:61:7d:61:29:47:08:b6:2a:12:3b:08:51:47: 59:6b:aa:a9:c7:21:2b:a8:b2:ff:5e:76:79:a6:3d: 30:13:6d:aa:c5:36:36:99:84:df:eb:d0:4a:af:d0: 7e:53:ab:b9:25:9e:10:72:87:c1:15:4f:44:94:37: 79:6b:33:55:3a:31:a1:c4:6e:6a:0c:56:b7:1d:55: 83:e5:54:ae:f1:3f:07:f6:a0:8c:e3:d2:af:39:72: 15:df:f8:1f:34:43:e0:bc:f5:9c:78:60:b1:a1:cd: 00:73:b2:15:d3:80:09:40:e0:07:9b:b5:c9:fe:62: 48:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:0A:AE:04:45:DC:97:C6:B8:C8:55:33:06:BB:1C:7F:C1:D0:D3:A3 X509v3 Authority Key Identifier: keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/xwquBEXcl8a4yFUzBrscf8HQ06M.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.235.220.0/22 Signature Algorithm: sha256WithRSAEncryption a5:e8:42:92:68:1b:b7:63:b6:7d:b7:4f:49:22:93:4c:87:41: d3:c1:a2:0e:d2:6b:e6:31:cf:fa:28:8d:d3:88:e2:8f:38:80: c2:0b:71:af:19:01:c3:e6:e3:b5:e8:56:8c:7c:cc:1f:70:43: b5:02:33:f0:70:8d:79:04:d9:7d:60:ca:3c:f0:28:2c:ac:24: bd:39:fd:5e:a6:94:f9:4f:14:2c:a3:2c:49:67:9d:9d:16:f0: 32:5f:14:8e:ce:e0:38:ed:0c:a1:7f:98:9b:28:26:75:e1:97: ab:1d:b4:3b:f6:ab:9f:38:0f:28:e0:b5:24:68:2b:0b:e9:05: 19:ff:5e:90:d6:f1:bf:07:f3:91:cb:1b:0e:bd:4b:0a:a4:54: b3:3f:ec:5f:d5:3f:76:19:c1:0f:1b:b3:1c:60:8a:c5:93:67: 97:f3:ba:10:d2:0b:58:ba:98:c5:4a:03:c4:6e:09:2c:d4:34: 13:f6:78:b5:8d:66:5b:f1:23:5d:22:38:bb:53:8c:64:74:5a: 08:a9:69:93:ce:fa:c6:ab:20:e6:bf:09:1b:05:7b:5b:3b:67: b8:92:33:b2:1b:98:99:dd:ec:14:5f:94:fc:e9:1f:f0:6f:2e: 51:6f:2d:2e:19:42:01:10:7c:dc:46:23:18:99:5d:43:e4:d5: 7f:be:75:06 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICICswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTA4MjYw NTA5NTJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEM3MEFBRTA0NDVEQzk3 QzZCOEM4NTUzMzA2QkIxQzdGQzFEMEQzQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJkV8fh4Ew2qs3aYNYN1fWmJS7+N/fvS/PUxNC3UeXtRKHJ30z BxFVR3Ods+o+Oy//ddtRHJETuK+u9Rn6hZyHwpTY/6WSLeeM2oQ8JNCxXPatj6AS Iq/+NDqbd43kU6RN2VLPIZrYpeLu0bHUukGgRc/6dxwEVe9mOgkdJKmhO8qhboDt 4VkRYX1hKUcItioSOwhRR1lrqqnHISuosv9ednmmPTATbarFNjaZhN/r0Eqv0H5T q7klnhByh8EVT0SUN3lrM1U6MaHEbmoMVrcdVYPlVK7xPwf2oIzj0q85chXf+B80 Q+C89Zx4YLGhzQBzshXTgAlA4Aebtcn+Ykj5AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUxwquBEXcl8a4yFUzBrscf8HQ06MwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow 7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL3h3cXVCRVhjbDhhNHlG VXpCcnNjZjhIUTA2TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn69wwDQYJKoZIhvcNAQELBQADggEBAKXoQpJoG7djtn23T0kik0yHQdPBog7S a+Yxz/oojdOI4o84gMILca8ZAcPm47XoVox8zB9wQ7UCM/BwjXkE2X1gyjzwKCys JL05/V6mlPlPFCyjLElnnZ0W8DJfFI7O4DjtDKF/mJsoJnXhl6sdtDv2q584Dyjg tSRoKwvpBRn/XpDW8b8H85HLGw69SwqkVLM/7F/VP3YZwQ8bsxxgisWTZ5fzuhDS C1i6mMVKA8RuCSzUNBP2eLWNZlvxI10iOLtTjGR0WgipaZPO+sarIOa/CRsFe1s7 Z7iSM7IbmJnd7BRflPzpH/BvLlFvLS4ZQgEQfNxGIxiZXUPk1X++dQY= -----END CERTIFICATE-----Generated at Mon Sep 8 02:36:38 2025 by rpki-client