$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/585/WC1nHAg0yIPcV3WIpCTCZDMOWmM.roa File: WC1nHAg0yIPcV3WIpCTCZDMOWmM.roa (raw, json) Hash identifier: aYTc6ZXigj8FqXcD/bFRpNLNct9j8zBZNjugMTj8hX8= Subject key identifier: 58:2D:67:1C:08:34:C8:83:DC:57:75:88:A4:24:C2:64:33:0E:5A:63 Certificate issuer: /CN=A8FDF0BBAEA67953693896C763F129DA3B4183EB Certificate serial: 30 Authority key identifier: A8:FD:F0:BB:AE:A6:79:53:69:38:96:C7:63:F1:29:DA:3B:41:83:EB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qP3wu66meVNpOJbHY_Ep2jtBg-s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/WC1nHAg0yIPcV3WIpCTCZDMOWmM.roa Signing time: Wed 03 Sep 2025 03:48:29 +0000 ROA not before: Wed 03 Sep 2025 03:48:29 +0000 ROA not after: Thu 27 Aug 2026 05:36:57 +0000 asID: 4837 IP address blocks: 103.24.228.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/qP3wu66meVNpOJbHY_Ep2jtBg-s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/qP3wu66meVNpOJbHY_Ep2jtBg-s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qP3wu66meVNpOJbHY_Ep2jtBg-s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 15:02:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48 (0x30) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A8FDF0BBAEA67953693896C763F129DA3B4183EB Validity Not Before: Sep 3 03:48:29 2025 GMT Not After : Aug 27 05:36:57 2026 GMT Subject: CN=582D671C0834C883DC577588A424C264330E5A63 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:2b:2a:bb:0e:60:84:9a:9d:5f:5e:9c:93:7a: 45:96:85:e1:fc:53:2b:8d:44:a4:d8:4c:49:1b:d9: 05:37:d2:2a:d5:f7:b3:66:7b:bb:8b:73:fb:45:47: 7d:26:7e:73:a4:a0:bd:65:c3:34:22:88:3f:02:c5: 1f:fb:3f:34:00:7e:8f:87:88:a1:30:dc:bf:c3:4c: 7a:fd:50:e7:7a:16:68:b2:a3:7f:58:bd:83:d5:19: 3e:40:74:6f:92:88:91:28:e3:e1:3e:31:70:00:39: ab:15:33:5a:ee:b0:92:8b:fa:63:3e:34:fc:5f:06: d7:96:be:bc:a7:17:88:93:75:b1:26:8b:7e:8d:fb: d3:e5:fb:06:d2:df:e1:82:f9:42:f4:b9:22:f4:53: ec:73:05:40:40:6a:8a:12:68:c4:9b:d4:1b:9c:b0: 72:94:7b:a0:6a:b8:18:48:30:0e:7a:58:f2:0d:c6: 6c:81:13:c6:16:30:4b:e8:51:60:68:7f:af:6a:92: 19:f1:96:ed:25:27:13:d5:be:75:63:ba:20:bc:02: 48:9d:f3:80:2c:a5:0f:2a:95:a3:19:4c:40:67:98: 42:f6:a1:91:5b:a2:85:cf:2d:2e:fb:82:2d:98:0d: 02:ab:73:c7:a4:8b:67:df:76:9c:51:27:c2:9c:7d: a4:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:2D:67:1C:08:34:C8:83:DC:57:75:88:A4:24:C2:64:33:0E:5A:63 X509v3 Authority Key Identifier: keyid:A8:FD:F0:BB:AE:A6:79:53:69:38:96:C7:63:F1:29:DA:3B:41:83:EB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/qP3wu66meVNpOJbHY_Ep2jtBg-s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qP3wu66meVNpOJbHY_Ep2jtBg-s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/585/WC1nHAg0yIPcV3WIpCTCZDMOWmM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.24.228.0/22 Signature Algorithm: sha256WithRSAEncryption 59:97:ca:80:04:06:16:1e:33:27:02:f9:8c:01:10:bc:7b:ca: e7:b5:7b:b1:2d:64:7b:dc:3e:54:21:93:10:23:ee:1a:a5:4c: 39:a1:a6:27:9f:4a:86:80:e6:e4:4f:aa:be:5a:69:41:43:68: 75:19:25:36:d0:71:87:4a:19:d8:b3:a1:46:05:88:22:9f:8e: 24:20:0e:92:7e:6b:89:2d:56:33:37:51:48:18:9e:be:2a:fa: 09:25:de:c0:77:5d:da:13:bd:7a:fa:3f:90:5b:32:ec:25:96: 11:af:12:27:e2:fb:41:00:2c:5c:59:94:f3:28:ad:72:4d:bd: 9a:41:a9:d2:50:56:62:79:df:98:6e:d1:d7:02:36:ce:ec:b5: b1:00:49:13:fb:f5:db:2b:d2:af:88:2b:86:b1:8c:83:61:f1: 35:b0:8a:4d:76:15:2c:9e:6d:56:5d:34:13:1e:ab:78:e7:e4: c6:2c:91:71:87:da:59:f4:09:b7:2c:91:55:e5:0a:c6:fc:80: 17:44:7a:09:af:56:36:fd:47:34:d7:8d:e9:b9:2e:b9:20:dd: af:98:0f:fa:f8:2c:71:d6:53:8f:de:0d:07:62:ba:8f:55:f8: 8e:aa:cc:47:27:86:59:de:ce:0f:6b:5c:27:b9:92:81:5c:24: d8:b1:27:84 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIBMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBOEZE RjBCQkFFQTY3OTUzNjkzODk2Qzc2M0YxMjlEQTNCNDE4M0VCMB4XDTI1MDkwMzAz NDgyOVoXDTI2MDgyNzA1MzY1N1owMzExMC8GA1UEAxMoNTgyRDY3MUMwODM0Qzg4 M0RDNTc3NTg4QTQyNEMyNjQzMzBFNUE2MzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAK8rKrsOYISanV9enJN6RZaF4fxTK41EpNhMSRvZBTfSKtX3s2Z7 u4tz+0VHfSZ+c6SgvWXDNCKIPwLFH/s/NAB+j4eIoTDcv8NMev1Q53oWaLKjf1i9 g9UZPkB0b5KIkSjj4T4xcAA5qxUzWu6wkov6Yz40/F8G15a+vKcXiJN1sSaLfo37 0+X7BtLf4YL5QvS5IvRT7HMFQEBqihJoxJvUG5ywcpR7oGq4GEgwDnpY8g3GbIET xhYwS+hRYGh/r2qSGfGW7SUnE9W+dWO6ILwCSJ3zgCylDyqVoxlMQGeYQvahkVui hc8tLvuCLZgNAqtzx6SLZ992nFEnwpx9pKMCAwEAAaOCAfEwggHtMB0GA1UdDgQW BBRYLWccCDTIg9xXdYikJMJkMw5aYzAfBgNVHSMEGDAWgBSo/fC7rqZ5U2k4lsdj 8SnaO0GD6zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81ODUv cVAzd3U2Nm1lVk5wT0piSFlfRXAyanRCZy1zLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9xUDN3dTY2bWVWTnBPSmJIWV9FcDJqdEJnLXMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81ODUvV0MxbkhBZzB5SVBjVjNX SXBDVENaRE1PV21NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj LmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AmcY5DANBgkqhkiG9w0BAQsFAAOCAQEAWZfKgAQGFh4zJwL5jAEQvHvK57V7sS1k e9w+VCGTECPuGqVMOaGmJ59KhoDm5E+qvlppQUNodRklNtBxh0oZ2LOhRgWIIp+O JCAOkn5riS1WMzdRSBievir6CSXewHdd2hO9evo/kFsy7CWWEa8SJ+L7QQAsXFmU 8yitck29mkGp0lBWYnnfmG7R1wI2zuy1sQBJE/v12yvSr4grhrGMg2HxNbCKTXYV LJ5tVl00Ex6reOfkxiyRcYfaWfQJtyyRVeUKxvyAF0R6Ca9WNv1HNNeN6bkuuSDd r5gP+vgscdZTj94NB2K6j1X4jqrMRyeGWd7OD2tcJ7mSgVwk2LEnhA== -----END CERTIFICATE-----Generated at Sat Sep 6 13:15:40 2025 by rpki-client