$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/wLu0-c6y_QtxslxhOLh1X7BhVEU.roa File: wLu0-c6y_QtxslxhOLh1X7BhVEU.roa (raw, json) Hash identifier: HRzYT74LLmZlx/pw7WN0JH0QxQfBRNTBJQzKgU3nnzg= Subject key identifier: C0:BB:B4:F9:CE:B2:FD:0B:71:B2:5C:61:38:B8:75:5F:B0:61:54:45 Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Certificate serial: 0B0C Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/wLu0-c6y_QtxslxhOLh1X7BhVEU.roa Signing time: Mon 27 Oct 2025 02:39:23 +0000 ROA not before: Mon 27 Oct 2025 02:39:23 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 58834 IP address blocks: 203.132.32.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 01:11:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2828 (0xb0c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Validity Not Before: Oct 27 02:39:23 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=C0BBB4F9CEB2FD0B71B25C6138B8755FB0615445 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:68:36:d2:d5:4a:47:f0:17:ed:67:03:a6:79: 3b:c3:8e:ac:fa:49:f4:f4:4c:e6:4a:95:1b:9d:f0: 43:a1:ca:91:76:60:82:6a:35:93:65:df:ee:03:fb: 3a:82:2a:99:25:51:11:6c:1c:69:30:c1:48:4d:a7: 94:dc:0c:2b:da:f9:39:9b:03:cf:b0:28:df:46:a0: 92:1e:a4:70:64:89:59:6a:51:c9:46:28:43:25:90: d0:f3:8d:a7:e9:17:11:09:90:45:30:64:9b:3b:1c: e7:b5:8f:91:7d:95:20:43:2e:65:30:7f:d0:64:21: 6e:ba:3e:0c:dc:23:78:95:55:8c:e0:fc:56:a9:2d: e2:94:9e:0e:f3:fc:bf:6f:0e:61:a7:85:33:91:97: 64:67:79:f9:9b:72:d3:1d:b2:71:63:57:8e:e1:78: 7d:05:0d:bc:83:39:69:fe:ec:77:ae:41:3e:5a:cf: 39:48:67:ec:36:a5:25:9c:f9:10:33:aa:59:25:30: 22:f5:7d:9a:bc:52:50:8e:04:c7:6f:e4:45:24:2a: fc:be:2a:33:b8:bb:3f:15:a7:48:f7:ac:90:75:ca: 7e:47:c5:43:46:84:10:39:52:83:29:3b:4f:db:1c: 25:21:68:e3:35:a2:07:01:8a:07:69:d7:90:05:65: 77:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:BB:B4:F9:CE:B2:FD:0B:71:B2:5C:61:38:B8:75:5F:B0:61:54:45 X509v3 Authority Key Identifier: keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/wLu0-c6y_QtxslxhOLh1X7BhVEU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.132.32.0/21 Signature Algorithm: sha256WithRSAEncryption 37:1f:fe:7d:9b:32:f7:62:4d:74:8d:7e:1a:8c:a0:ae:b0:47: 9c:6c:57:24:2d:90:0a:04:b1:a9:a0:62:e4:1b:b0:38:db:a3: 11:b6:cb:f8:15:d2:83:5c:e0:04:1b:5c:d6:f4:74:a4:08:6c: 6a:db:82:52:70:0c:dc:b1:d3:46:e2:46:1e:90:05:22:a1:57: 37:63:d3:ed:a6:a2:9b:ad:dc:cf:1c:5a:86:8f:ce:9e:70:9b: ed:ff:c4:5d:51:88:c5:1a:ee:60:31:88:f7:eb:bd:5f:a9:2c: 01:f1:d2:f6:ac:b5:30:c5:2c:fb:3c:a8:41:5f:13:af:c0:d5: a2:75:e1:e0:44:c7:af:41:3a:c9:f3:71:11:f3:b2:b6:c8:0e: db:99:c5:bd:64:8e:f1:b5:c4:ee:9a:b7:e2:97:98:6f:84:79: 3c:95:fc:2d:12:f9:39:74:33:87:04:5b:98:99:5d:5f:63:f5: bb:83:6d:06:95:41:7d:d8:1b:c8:5c:e1:db:7f:2e:ea:d3:e4: 37:6f:a6:24:46:ea:d4:99:d6:00:37:29:a9:38:f8:dd:60:c2: 60:44:17:fe:42:e6:e7:00:0c:ad:3a:bb:3a:0a:17:58:11:35: 8c:8f:86:ba:0e:92:78:1a:50:b9:e3:d2:54:75:05:50:56:1d: 04:5f:b7:3e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICCwwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC RkM5MDBFREMzNEY4MURBNDgyN0YxRjlGNjNEMDRFMEUyRjc1NjAeFw0yNTEwMjcw MjM5MjNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEMwQkJCNEY5Q0VCMkZE MEI3MUIyNUM2MTM4Qjg3NTVGQjA2MTU0NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLaDbS1UpH8BftZwOmeTvDjqz6SfT0TOZKlRud8EOhypF2YIJq NZNl3+4D+zqCKpklURFsHGkwwUhNp5TcDCva+TmbA8+wKN9GoJIepHBkiVlqUclG KEMlkNDzjafpFxEJkEUwZJs7HOe1j5F9lSBDLmUwf9BkIW66PgzcI3iVVYzg/Fap LeKUng7z/L9vDmGnhTORl2RnefmbctMdsnFjV47heH0FDbyDOWn+7HeuQT5azzlI Z+w2pSWc+RAzqlklMCL1fZq8UlCOBMdv5EUkKvy+KjO4uz8Vp0j3rJB1yn5HxUNG hBA5UoMpO0/bHCUhaOM1ogcBigdp15AFZXdDAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUwLu0+c6y/QtxslxhOLh1X7BhVEUwHwYDVR0jBBgwFoAU3r/JAO3DT4HaSCfx +fY9BODi91YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIz LzNyX0pBTzNEVDRIYVNDZngtZlk5Qk9EaTkxWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvM3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIzL3dMdTAtYzZ5X1F0eHNs eGhPTGgxWDdCaFZFVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAPLhCAwDQYJKoZIhvcNAQELBQADggEBADcf/n2bMvdiTXSNfhqMoK6wR5xsVyQt kAoEsamgYuQbsDjboxG2y/gV0oNc4AQbXNb0dKQIbGrbglJwDNyx00biRh6QBSKh Vzdj0+2moput3M8cWoaPzp5wm+3/xF1RiMUa7mAxiPfrvV+pLAHx0vastTDFLPs8 qEFfE6/A1aJ14eBEx69BOsnzcRHzsrbIDtuZxb1kjvG1xO6at+KXmG+EeTyV/C0S +Tl0M4cEW5iZXV9j9buDbQaVQX3YG8hc4dt/LurT5DdvpiRG6tSZ1gA3Kak4+N1g wmBEF/5C5ucADK06uzoKF1gRNYyPhroOkngaULnj0lR1BVBWHQRftz4= -----END CERTIFICATE-----Generated at Wed Nov 5 23:58:24 2025 by rpki-client