$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/qapi-hb_S_eo49RyE5dRmd2ZWO0.roa File: qapi-hb_S_eo49RyE5dRmd2ZWO0.roa (raw, json) Hash identifier: /PmnzNCqAbeQKGu+fgmiAyLYsgZzmdykbu2Q2jWqwOY= Subject key identifier: A9:AA:62:FA:16:FF:4B:F7:A8:E3:D4:72:13:97:51:99:DD:99:58:ED Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Certificate serial: 0B10 Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/qapi-hb_S_eo49RyE5dRmd2ZWO0.roa Signing time: Mon 27 Oct 2025 02:39:24 +0000 ROA not before: Mon 27 Oct 2025 02:39:24 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 58834 IP address blocks: 203.132.32.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 23:43:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2832 (0xb10) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Validity Not Before: Oct 27 02:39:24 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=A9AA62FA16FF4BF7A8E3D47213975199DD9958ED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:b3:1e:26:f3:59:5a:aa:ed:d5:d0:94:c3:7a: 85:96:9c:e5:c7:18:ff:0e:f2:8b:ad:25:b4:00:6f: 4b:cb:42:52:ef:60:4e:6a:33:1a:4f:6c:dd:eb:c5: 4d:da:f7:da:09:79:4f:45:07:f7:ce:83:0a:75:a6: 70:1f:30:07:af:69:8e:7d:1e:3c:e2:d8:0e:33:b0: f6:33:f2:3f:96:4c:57:19:46:de:a1:85:d8:07:bc: 62:be:b2:20:ac:55:67:1f:e3:c2:70:99:22:66:13: 51:82:83:ba:4b:9b:75:0d:c4:bf:10:35:a8:8b:83: 83:be:c1:2c:cd:e0:4b:9b:f3:3d:a4:32:a7:fd:aa: 35:3a:ea:98:8e:a0:56:1c:f6:6e:2e:f6:b4:c8:8a: 97:b8:c7:7a:87:d5:a0:8d:35:39:29:b6:de:54:54: 94:27:5f:57:39:bb:41:71:e4:be:45:be:9a:d3:f5: 37:74:af:9d:e0:5f:8f:fe:6f:41:b2:f3:d5:ca:ac: cb:81:cf:40:f1:38:c4:16:71:c5:6d:dd:1e:6d:b1: 5e:53:fc:ae:b2:7b:19:14:5a:26:af:5e:0f:7c:5f: 8b:70:8b:e6:a8:88:4b:16:eb:86:e0:b5:5a:10:f0: 46:4d:69:bb:34:0f:2a:14:be:28:2e:a1:b2:59:fc: 8b:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:AA:62:FA:16:FF:4B:F7:A8:E3:D4:72:13:97:51:99:DD:99:58:ED X509v3 Authority Key Identifier: keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/qapi-hb_S_eo49RyE5dRmd2ZWO0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.132.32.0/19 Signature Algorithm: sha256WithRSAEncryption 8f:bb:ef:71:d1:70:8f:de:32:c5:d2:b4:3d:9f:9d:2b:ed:1e: b5:8f:c7:ee:12:cc:11:b5:e4:ff:26:23:4d:43:88:27:c0:b7: 76:f8:13:58:e7:66:f1:93:a6:1c:32:b5:65:e7:23:d1:0a:08: 27:68:a6:43:dd:73:3e:0e:c3:93:50:ef:50:e6:31:d0:d4:39: 91:79:e5:4b:ea:d9:23:9f:ae:0b:b2:cb:a6:96:52:06:4e:3b: eb:05:ab:d6:f0:28:96:ee:b7:e6:5a:fc:fb:e0:f7:8c:6a:2d: 52:f2:02:ff:aa:32:fd:f0:e4:72:02:ce:50:88:5e:f0:6b:60: 89:50:73:b1:d7:96:56:72:39:66:e2:c8:aa:50:cc:39:c6:95: dc:f9:13:f8:b6:45:ea:ed:f5:4f:0a:4e:45:f6:00:f0:7c:f0: 31:dc:f5:66:f5:04:af:f3:1d:5d:b0:f3:7c:33:f5:f3:7b:cb: f1:8d:23:58:a1:00:05:60:40:dc:0c:81:e3:8e:00:d2:e6:d5: 6c:47:15:fb:f7:4e:17:28:a0:1b:76:85:11:99:c6:14:a1:05: 5a:7a:e9:fe:59:d5:f9:ba:ea:b7:93:aa:d9:7f:7f:1b:70:75: c0:16:a0:2d:97:20:4d:60:b1:fd:ae:3f:1b:86:a5:a2:f2:b7: d6:08:d6:bc -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICCxAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC RkM5MDBFREMzNEY4MURBNDgyN0YxRjlGNjNEMDRFMEUyRjc1NjAeFw0yNTEwMjcw MjM5MjRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEE5QUE2MkZBMTZGRjRC RjdBOEUzRDQ3MjEzOTc1MTk5REQ5OTU4RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHsx4m81laqu3V0JTDeoWWnOXHGP8O8outJbQAb0vLQlLvYE5q MxpPbN3rxU3a99oJeU9FB/fOgwp1pnAfMAevaY59Hjzi2A4zsPYz8j+WTFcZRt6h hdgHvGK+siCsVWcf48JwmSJmE1GCg7pLm3UNxL8QNaiLg4O+wSzN4Eub8z2kMqf9 qjU66piOoFYc9m4u9rTIipe4x3qH1aCNNTkptt5UVJQnX1c5u0Fx5L5FvprT9Td0 r53gX4/+b0Gy89XKrMuBz0DxOMQWccVt3R5tsV5T/K6yexkUWiavXg98X4twi+ao iEsW64bgtVoQ8EZNabs0DyoUviguobJZ/IvbAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUqapi+hb/S/eo49RyE5dRmd2ZWO0wHwYDVR0jBBgwFoAU3r/JAO3DT4HaSCfx +fY9BODi91YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIz LzNyX0pBTzNEVDRIYVNDZngtZlk5Qk9EaTkxWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvM3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIzL3FhcGktaGJfU19lbzQ5 UnlFNWRSbWQyWldPMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAXLhCAwDQYJKoZIhvcNAQELBQADggEBAI+773HRcI/eMsXStD2fnSvtHrWPx+4S zBG15P8mI01DiCfAt3b4E1jnZvGTphwytWXnI9EKCCdopkPdcz4Ow5NQ71DmMdDU OZF55Uvq2SOfrguyy6aWUgZOO+sFq9bwKJbut+Za/Pvg94xqLVLyAv+qMv3w5HIC zlCIXvBrYIlQc7HXllZyOWbiyKpQzDnGldz5E/i2Rert9U8KTkX2APB88DHc9Wb1 BK/zHV2w83wz9fN7y/GNI1ihAAVgQNwMgeOOANLm1WxHFfv3ThcooBt2hRGZxhSh BVp66f5Z1fm66reTqtl/fxtwdcAWoC2XIE1gsf2uPxuGpaLyt9YI1rw= -----END CERTIFICATE-----Generated at Wed Nov 5 22:33:16 2025 by rpki-client