$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2741/PZpMpUI55eB2vbRtNWyVquWC7y0.roa File: PZpMpUI55eB2vbRtNWyVquWC7y0.roa (raw, json) Hash identifier: XGAKJedxzNaXjaRNceMDOB16UaE9Le2pcMQeq9bqLtI= Subject key identifier: 3D:9A:4C:A5:42:39:E5:E0:76:BD:B4:6D:35:6C:95:AA:E5:82:EF:2D Certificate issuer: /CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F Certificate serial: 1067 Authority key identifier: FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/PZpMpUI55eB2vbRtNWyVquWC7y0.roa Signing time: Tue 05 Aug 2025 13:48:31 +0000 ROA not before: Tue 05 Aug 2025 13:48:31 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 18186 IP address blocks: 103.116.149.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 14:02:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4199 (0x1067) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F Validity Not Before: Aug 5 13:48:31 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3D9A4CA54239E5E076BDB46D356C95AAE582EF2D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:9b:82:d5:f8:b1:f6:f4:b1:ac:52:74:eb:3c: 07:ea:70:67:73:83:bb:58:6e:26:82:d2:98:bf:85: 3c:2d:11:3c:98:27:b9:32:bc:4b:db:59:08:9a:dd: ea:ba:60:75:68:50:d9:37:94:ad:8c:9c:b4:e6:43: eb:fe:67:2d:ce:49:7a:4f:48:69:0f:f7:3e:96:6a: ee:bc:e6:1a:f4:ae:f1:31:8e:f3:e7:2d:8e:e6:8b: 57:2d:01:30:9a:2e:c6:18:06:88:79:9b:56:a5:40: a4:17:14:60:a8:ae:c5:f2:d9:1a:a9:45:50:24:0f: 1b:98:c4:1b:41:a9:d7:d3:38:19:19:ba:f5:20:88: ab:98:d5:14:be:2d:62:99:82:bc:4a:5c:bf:de:0d: 12:35:ab:9b:76:18:06:47:ac:73:88:5f:da:e5:64: 1f:0e:a1:13:54:13:8b:40:5f:b9:b4:9e:9a:32:17: e7:20:bc:6e:4f:b7:88:69:79:e4:93:59:3c:dd:0b: 84:ae:88:9e:74:7c:2a:02:cf:07:de:f6:f7:d6:5f: 92:2a:7c:0e:c5:40:80:d8:e3:05:05:48:66:a2:b1: ad:fe:1d:1a:c6:dc:b8:85:27:65:03:37:32:20:57: f0:88:f3:59:26:2f:c1:c9:47:26:38:38:95:19:d2: 80:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:9A:4C:A5:42:39:E5:E0:76:BD:B4:6D:35:6C:95:AA:E5:82:EF:2D X509v3 Authority Key Identifier: keyid:FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/PZpMpUI55eB2vbRtNWyVquWC7y0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.116.149.0/24 Signature Algorithm: sha256WithRSAEncryption 1b:c6:e5:54:50:26:dc:b2:03:ac:26:18:27:c7:bc:b9:fd:56: 33:42:fd:f6:f1:51:fa:89:8e:4f:21:ab:6a:9f:b6:71:4f:78: 8a:0f:c9:63:c7:c7:1f:e0:00:c8:b2:53:bb:60:80:65:f9:f6: 25:e2:3e:78:8f:6d:c5:d4:0e:09:47:f8:4c:9d:a9:a1:2e:f4: de:18:b5:c9:bb:1b:9b:4b:96:4d:be:e4:85:73:8f:eb:ef:56: 70:79:cd:e2:86:8e:6a:a4:7e:ad:96:31:8a:6e:78:61:50:f6: eb:8d:bd:72:ff:57:ee:a1:d4:c6:58:cc:69:05:04:bb:55:d1: 75:7c:9c:fe:22:f3:b5:1f:54:99:ed:8a:d9:73:5c:48:8f:b2: f0:d7:8b:2b:b6:26:77:59:87:72:3f:36:2b:95:10:ea:4c:78: 23:df:69:9a:2d:24:8e:26:31:9e:6a:5f:89:6b:d7:41:3f:46: c4:b8:4b:88:36:c6:ff:a7:b6:fb:4b:0d:09:fc:b5:ce:97:7b: d6:d4:64:f2:fb:f2:ef:49:74:9f:7d:a7:fc:a0:d2:22:19:d3: 64:84:ec:44:05:01:74:4d:a1:76:11:71:06:68:c8:9a:7a:92: 99:10:53:3c:5c:72:2e:9b:09:fd:8b:fb:16:54:6e:57:de:d6: b8:0a:7c:a2 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEGcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkFE NkI0M0MwOUQwNDkwQTBERjdGODkxREY5RjYzQjUyMENGMjEwRjAeFw0yNTA4MDUx MzQ4MzFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDNEOUE0Q0E1NDIzOUU1 RTA3NkJEQjQ2RDM1NkM5NUFBRTU4MkVGMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrm4LV+LH29LGsUnTrPAfqcGdzg7tYbiaC0pi/hTwtETyYJ7ky vEvbWQia3eq6YHVoUNk3lK2MnLTmQ+v+Zy3OSXpPSGkP9z6Wau685hr0rvExjvPn LY7mi1ctATCaLsYYBoh5m1alQKQXFGCorsXy2RqpRVAkDxuYxBtBqdfTOBkZuvUg iKuY1RS+LWKZgrxKXL/eDRI1q5t2GAZHrHOIX9rlZB8OoRNUE4tAX7m0npoyF+cg vG5Pt4hpeeSTWTzdC4SuiJ50fCoCzwfe9vfWX5IqfA7FQIDY4wUFSGaisa3+HRrG 3LiFJ2UDNzIgV/CI81kmL8HJRyY4OJUZ0oCtAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUPZpMpUI55eB2vbRtNWyVquWC7y0wHwYDVR0jBBgwFoAU+ta0PAnQSQoN9/iR 359jtSDPIQ8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0 MS8tdGEwUEFuUVNRb045X2lSMzU5anRTRFBJUTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLy10YTBQQW5RU1FvTjlfaVIzNTlqdFNEUElROC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDEvUFpwTXBVSTU1ZUIy dmJSdE5XeVZxdVdDN3kwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGd0lTANBgkqhkiG9w0BAQsFAAOCAQEAG8blVFAm3LIDrCYYJ8e8uf1WM0L9 9vFR+omOTyGrap+2cU94ig/JY8fHH+AAyLJTu2CAZfn2JeI+eI9txdQOCUf4TJ2p oS703hi1ybsbm0uWTb7khXOP6+9WcHnN4oaOaqR+rZYxim54YVD26429cv9X7qHU xljMaQUEu1XRdXyc/iLztR9Ume2K2XNcSI+y8NeLK7Ymd1mHcj82K5UQ6kx4I99p mi0kjiYxnmpfiWvXQT9GxLhLiDbG/6e2+0sNCfy1zpd71tRk8vvy70l0n32n/KDS IhnTZITsRAUBdE2hdhFxBmjImnqSmRBTPFxyLpsJ/Yv7FlRuV97WuAp8og== -----END CERTIFICATE-----Generated at Mon Aug 11 10:42:32 2025 by rpki-client