$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/bATVWZyPcXue56nEp8wclXOSqA0.roa File: bATVWZyPcXue56nEp8wclXOSqA0.roa (raw, json) Hash identifier: pFxN6CQRndRffF2/oqAKoRXLMsGuYOD4BQJcQalESyM= Subject key identifier: 6C:04:D5:59:9C:8F:71:7B:9E:E7:A9:C4:A7:CC:1C:95:73:92:A8:0D Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 15FB Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/bATVWZyPcXue56nEp8wclXOSqA0.roa Signing time: Mon 03 Nov 2025 07:13:38 +0000 ROA not before: Mon 03 Nov 2025 07:13:38 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 53356 IP address blocks: 101.232.156.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Nov 2025 08:41:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5627 (0x15fb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Nov 3 07:13:38 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=6C04D5599C8F717B9EE7A9C4A7CC1C957392A80D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:fe:35:0e:24:06:9a:21:bc:9d:bb:f4:36:9b: 83:e6:00:05:48:39:29:84:ca:7e:de:ab:c3:0a:ca: 70:91:a6:be:0b:db:bf:01:09:57:48:f5:a6:91:3e: 90:6f:17:ab:44:e3:ab:c3:4d:2a:0e:da:93:09:e7: c2:6f:a6:52:40:47:41:61:1b:68:af:32:bf:cb:96: 42:e6:42:e0:26:28:12:b8:6d:66:29:79:0d:98:03: c2:d2:d9:ce:94:69:af:f7:cc:48:45:ca:41:18:70: 42:08:bf:ca:ff:e8:fb:9a:0a:6c:30:1d:dd:d1:84: 4a:6a:84:31:c3:38:6e:c1:76:65:dd:01:90:e7:d4: 2b:1c:8b:0b:e0:05:d2:14:8d:43:91:a8:72:25:20: a8:c7:b8:ae:7f:7b:4e:d2:13:27:2c:19:98:10:22: 88:71:d4:a8:cb:5a:b0:1c:21:74:a4:1e:af:54:24: ad:ac:ee:3e:c5:a1:bd:c0:3d:ea:eb:0c:0e:f8:29: 4b:b6:1b:f0:1f:7d:33:c9:93:51:78:34:48:54:63: d6:65:bb:ab:38:97:0b:73:a3:b2:1e:3f:5f:4b:3b: 68:2e:01:30:3d:0a:85:65:a6:93:8d:c4:08:f0:2a: bd:58:4b:dd:dd:55:c4:7c:bd:12:1f:07:2c:d2:10: be:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:04:D5:59:9C:8F:71:7B:9E:E7:A9:C4:A7:CC:1C:95:73:92:A8:0D X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/bATVWZyPcXue56nEp8wclXOSqA0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.156.0/22 Signature Algorithm: sha256WithRSAEncryption 33:53:56:17:62:d3:da:12:0d:c1:09:3c:9a:1a:1c:0b:d4:7d: 4a:7b:90:ad:33:29:6a:ed:d3:5a:7f:a0:da:92:49:bd:f1:fe: b4:4a:a9:6c:ae:69:31:38:61:39:35:46:1e:b2:32:a4:80:6e: 45:88:54:25:fe:a2:62:9c:9a:27:63:12:83:c8:d5:64:d6:4b: cd:e7:35:cb:da:80:63:e9:83:96:d9:94:17:5d:5d:9a:72:ff: 87:85:8a:bc:bc:26:ee:2a:5c:b1:92:8b:f4:6b:71:a8:08:ad: c9:46:bd:4b:76:cb:35:12:91:01:32:8f:17:5a:04:03:bf:61: 88:cb:b6:ac:c0:ba:9b:53:a1:01:e2:99:6b:f6:9b:db:88:c8: b1:18:c6:a8:dd:f0:7f:d3:cd:6d:e9:8b:eb:ad:b5:00:09:8b: af:46:1c:22:ab:82:a4:97:6e:ed:43:e6:09:8a:c6:5d:74:15: c0:61:68:78:76:3e:c7:b7:c5:ab:e1:ea:ad:3e:22:9a:4f:ff: 67:ac:47:df:5e:1d:e9:74:6a:4c:f6:c8:2f:56:95:75:27:e1: c2:16:d7:48:ea:ce:59:c6:ef:d8:2b:14:42:22:33:8c:1e:aa: 5e:cb:82:09:11:89:c5:95:25:4c:21:ee:95:3d:f6:94:84:d9: 83:7a:9d:78 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFfswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTExMDMw NzEzMzhaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDZDMDRENTU5OUM4Rjcx N0I5RUU3QTlDNEE3Q0MxQzk1NzM5MkE4MEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCs/jUOJAaaIbydu/Q2m4PmAAVIOSmEyn7eq8MKynCRpr4L278B CVdI9aaRPpBvF6tE46vDTSoO2pMJ58JvplJAR0FhG2ivMr/LlkLmQuAmKBK4bWYp eQ2YA8LS2c6Uaa/3zEhFykEYcEIIv8r/6PuaCmwwHd3RhEpqhDHDOG7BdmXdAZDn 1CsciwvgBdIUjUORqHIlIKjHuK5/e07SEycsGZgQIohx1KjLWrAcIXSkHq9UJK2s 7j7Fob3APerrDA74KUu2G/AffTPJk1F4NEhUY9Zlu6s4lwtzo7IeP19LO2guATA9 CoVlppONxAjwKr1YS93dVcR8vRIfByzSEL7/AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUbATVWZyPcXue56nEp8wclXOSqA0wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2JBVFZXWnlQY1h1ZTU2 bkVwOHdjbFhPU3FBMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6JwwDQYJKoZIhvcNAQELBQADggEBADNTVhdi09oSDcEJPJoaHAvUfUp7kK0z KWrt01p/oNqSSb3x/rRKqWyuaTE4YTk1Rh6yMqSAbkWIVCX+omKcmidjEoPI1WTW S83nNcvagGPpg5bZlBddXZpy/4eFiry8Ju4qXLGSi/RrcagIrclGvUt2yzUSkQEy jxdaBAO/YYjLtqzAuptToQHimWv2m9uIyLEYxqjd8H/TzW3pi+uttQAJi69GHCKr gqSXbu1D5gmKxl10FcBhaHh2Pse3xavh6q0+IppP/2esR99eHel0akz2yC9WlXUn 4cIW10jqzlnG79grFEIiM4weql7LggkRicWVJUwh7pU99pSE2YN6nXg= -----END CERTIFICATE-----Generated at Tue Nov 4 08:00:51 2025 by rpki-client