$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3070/4IPxAcBB8d60RbMzQW1q_Zk5spc.roa File: 4IPxAcBB8d60RbMzQW1q_Zk5spc.roa (raw, json) Hash identifier: RSRbi+VJkcVS/ILldg1kKiHadRJWcM1Mmw3Dk4goFaM= Subject key identifier: E0:83:F1:01:C0:41:F1:DE:B4:45:B3:33:41:6D:6A:FD:99:39:B2:97 Certificate issuer: /CN=C8662F2B48ACC077E95800E5AA92CE16D26E1DEA Certificate serial: 022E Authority key identifier: C8:66:2F:2B:48:AC:C0:77:E9:58:00:E5:AA:92:CE:16:D2:6E:1D:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yGYvK0iswHfpWADlqpLOFtJuHeo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/4IPxAcBB8d60RbMzQW1q_Zk5spc.roa Signing time: Fri 31 Oct 2025 05:33:43 +0000 ROA not before: Fri 31 Oct 2025 05:33:43 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 133033 IP address blocks: 103.248.152.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yGYvK0iswHfpWADlqpLOFtJuHeo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 01:43:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 558 (0x22e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C8662F2B48ACC077E95800E5AA92CE16D26E1DEA Validity Not Before: Oct 31 05:33:43 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=E083F101C041F1DEB445B333416D6AFD9939B297 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:51:7f:6b:7d:f5:b7:12:39:37:a6:e0:ea:46: 1d:51:38:04:0c:5e:2d:56:2b:cf:c9:d9:8f:8a:f3: c6:55:ef:80:dd:88:08:3e:74:c8:00:88:e3:72:11: c0:de:2c:e9:99:45:c8:a9:5b:0b:50:f7:67:72:cd: 7f:0a:92:e8:dc:54:ba:b0:51:46:35:ff:ad:8f:f8: 3d:59:34:be:3a:f5:ba:bf:16:69:4e:a0:3e:6e:0c: c1:1d:14:16:49:bb:0b:a2:55:2c:0f:d4:71:eb:04: 50:70:8f:09:b3:6e:35:33:8e:d6:67:b4:1a:83:74: 0c:a3:47:dc:cc:59:32:f1:73:13:95:fe:62:5b:5a: ed:79:0b:7c:47:9b:ac:5d:e9:4a:55:dc:72:b2:57: 2f:6a:b0:e9:0f:6e:8d:4c:f5:16:6a:f7:71:31:0f: 88:0f:ba:14:af:f9:50:a5:6d:2c:5d:4e:39:e1:06: e7:20:c9:6d:63:72:08:96:42:66:cf:85:aa:9b:fb: bc:1f:fb:f8:98:65:3f:32:9a:64:2a:b6:1e:e1:23: 79:24:b4:0a:f9:c5:af:b9:f4:01:8d:e5:11:6e:af: dd:d4:74:db:fb:3e:08:2e:62:8c:47:e3:18:79:c9: b8:c5:33:74:5a:e4:c2:b7:33:bb:c8:c9:66:b9:36: 83:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:83:F1:01:C0:41:F1:DE:B4:45:B3:33:41:6D:6A:FD:99:39:B2:97 X509v3 Authority Key Identifier: keyid:C8:66:2F:2B:48:AC:C0:77:E9:58:00:E5:AA:92:CE:16:D2:6E:1D:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yGYvK0iswHfpWADlqpLOFtJuHeo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/4IPxAcBB8d60RbMzQW1q_Zk5spc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.248.152.0/24 Signature Algorithm: sha256WithRSAEncryption 8d:d8:4b:6b:63:c3:d2:4e:d9:c2:2e:da:c0:19:80:42:09:8d: 10:22:c3:29:b8:57:c9:99:ed:2d:91:7d:b4:1a:06:69:25:02: 1f:33:28:4f:0c:a7:95:e6:ab:e1:85:f0:7f:86:32:55:05:bb: 10:b2:57:52:36:52:65:d6:b2:1f:6b:d7:d1:fc:8c:a3:8b:aa: 04:e5:be:33:6b:de:6a:bb:00:2b:b4:1d:08:bd:0d:3b:89:25: cb:d1:fb:84:c8:e1:9e:d7:74:5b:0b:29:79:48:e8:1d:ca:c0: a2:1e:ad:40:ea:c8:42:89:c3:3d:99:6d:31:a6:9c:28:ba:b5: 1f:42:cd:b2:b1:37:2a:94:48:be:67:cb:3e:1f:ea:ce:3a:4d: d3:40:d8:63:34:2a:e2:98:2c:26:f6:2f:35:3c:aa:c8:97:f7: 76:f8:0e:8d:2b:c9:d1:8e:50:64:91:71:e9:e1:1e:06:95:6b: 25:cf:79:50:68:38:0c:77:e1:2e:de:14:c8:73:6a:e6:89:5c: 82:c2:44:73:07:50:9d:81:05:59:86:a8:61:1a:49:6c:ab:fa: 8f:64:bb:a8:49:73:7f:58:68:c3:74:aa:90:2c:e6:9b:f0:af: 2f:4b:e9:e0:87:13:07:ff:71:24:7c:cd:b3:4c:65:a7:94:23: 81:34:93:69 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAi4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzg2 NjJGMkI0OEFDQzA3N0U5NTgwMEU1QUE5MkNFMTZEMjZFMURFQTAeFw0yNTEwMzEw NTMzNDNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEUwODNGMTAxQzA0MUYx REVCNDQ1QjMzMzQxNkQ2QUZEOTkzOUIyOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDUX9rffW3Ejk3puDqRh1ROAQMXi1WK8/J2Y+K88ZV74DdiAg+ dMgAiONyEcDeLOmZRcipWwtQ92dyzX8KkujcVLqwUUY1/62P+D1ZNL469bq/FmlO oD5uDMEdFBZJuwuiVSwP1HHrBFBwjwmzbjUzjtZntBqDdAyjR9zMWTLxcxOV/mJb Wu15C3xHm6xd6UpV3HKyVy9qsOkPbo1M9RZq93ExD4gPuhSv+VClbSxdTjnhBucg yW1jcgiWQmbPhaqb+7wf+/iYZT8ymmQqth7hI3kktAr5xa+59AGN5RFur93UdNv7 PgguYoxH4xh5ybjFM3Ra5MK3M7vIyWa5NoNTAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU4IPxAcBB8d60RbMzQW1q/Zk5spcwHwYDVR0jBBgwFoAUyGYvK0iswHfpWADl qpLOFtJuHeowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA3 MC95R1l2SzBpc3dIZnBXQURscXBMT0Z0SnVIZW8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3lHWXZLMGlzd0hmcFdBRGxxcExPRnRKdUhlby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNzAvNElQeEFjQkI4ZDYw UmJNelFXMXFfWms1c3BjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGf4mDANBgkqhkiG9w0BAQsFAAOCAQEAjdhLa2PD0k7Zwi7awBmAQgmNECLD KbhXyZntLZF9tBoGaSUCHzMoTwynlear4YXwf4YyVQW7ELJXUjZSZdayH2vX0fyM o4uqBOW+M2vearsAK7QdCL0NO4kly9H7hMjhntd0WwspeUjoHcrAoh6tQOrIQonD PZltMaacKLq1H0LNsrE3KpRIvmfLPh/qzjpN00DYYzQq4pgsJvYvNTyqyJf3dvgO jSvJ0Y5QZJFx6eEeBpVrJc95UGg4DHfhLt4UyHNq5olcgsJEcwdQnYEFWYaoYRpJ bKv6j2S7qElzf1how3SqkCzmm/CvL0vp4IcTB/9xJHzNs0xlp5QjgTSTaQ== -----END CERTIFICATE-----Generated at Thu Nov 6 00:34:27 2025 by rpki-client