$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/FzOoryC8XK6emXhuhTGqsbJTaAM.roa File: FzOoryC8XK6emXhuhTGqsbJTaAM.roa (raw, json) Hash identifier: DLlJS0OWSdIlW5AHiCuaR4nwnSb1tApG1vc1QAvQEZU= Subject key identifier: 17:33:A8:AF:20:BC:5C:AE:9E:99:78:6E:85:31:AA:B1:B2:53:68:03 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 22F6 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/FzOoryC8XK6emXhuhTGqsbJTaAM.roa Signing time: Fri 31 Oct 2025 05:10:16 +0000 ROA not before: Fri 31 Oct 2025 05:10:16 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 135377 IP address blocks: 101.237.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 14:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8950 (0x22f6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Oct 31 05:10:16 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=1733A8AF20BC5CAE9E99786E8531AAB1B2536803 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:1b:07:4e:5c:ae:b3:d8:21:d3:20:a9:dd:d7: a6:d4:15:6c:0a:fc:3e:60:a9:2b:6e:6a:86:63:d5: cd:18:22:11:41:6a:6f:9e:bf:eb:47:d2:24:d3:96: 4d:e9:ff:9f:5f:cd:cb:ca:c9:0a:95:b2:03:0d:93: dc:6f:af:fb:b9:65:34:de:81:e5:18:38:dc:9a:63: 84:2d:da:26:c3:3e:48:44:6c:b4:63:fa:c7:bc:f0: 13:fa:f0:27:b0:92:95:9f:8b:2b:2f:4a:4f:e0:4a: 56:45:95:57:5b:8d:27:06:1e:67:7c:aa:30:72:be: 51:6c:49:fd:ce:e2:29:b6:d9:49:d3:de:c7:02:49: 7b:5d:46:14:65:64:d6:a6:ea:17:26:7e:ad:2e:7f: 3c:41:07:6d:7c:0f:c6:b2:f3:cd:f5:97:04:ca:42: 12:ff:41:7e:51:1b:80:5a:6a:68:ae:90:27:40:35: f9:23:92:c0:ee:81:b8:46:be:31:b4:98:73:53:c5: 4a:30:fd:8a:f3:45:49:6e:87:ba:7b:37:3e:31:f9: 0f:a9:cb:f6:26:92:d1:5e:3f:d5:11:dd:41:1f:b3: 23:42:b1:b5:0d:1e:8a:3e:50:bc:b9:2f:e4:18:a4: 5e:5c:a3:fd:1d:04:86:ec:79:4c:11:ed:2e:02:63: 8a:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:33:A8:AF:20:BC:5C:AE:9E:99:78:6E:85:31:AA:B1:B2:53:68:03 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/FzOoryC8XK6emXhuhTGqsbJTaAM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.237.253.0/24 Signature Algorithm: sha256WithRSAEncryption 14:35:f1:92:04:10:33:8a:bb:ec:14:56:6c:7a:72:7c:1a:97: 4f:6b:cc:dc:a3:fb:6c:1d:23:0d:86:7d:29:9a:80:29:1a:f5: 15:82:81:19:72:6e:6c:36:7b:d7:04:be:5c:38:1e:b9:33:45: c7:5b:da:a1:57:c9:a2:07:83:62:d5:9c:c9:6b:a8:8f:ea:e5: 57:13:a1:d5:78:50:68:2e:f9:28:3a:36:8b:98:67:99:6d:46: 75:3c:d0:0b:a9:da:ce:07:c1:9d:5e:da:05:91:57:70:e2:18: 62:ea:a8:fc:bd:b1:35:ce:dc:c4:c2:44:6b:52:5e:37:3b:e7: 20:bd:e6:f1:08:9b:48:fb:2a:ff:96:0c:d1:a1:55:53:d0:28: 40:a1:19:c1:95:55:17:54:8b:d0:9f:8b:f4:16:5b:fc:2e:cc: 86:42:7f:34:d4:22:3f:f8:84:25:ba:31:cf:fd:68:13:d2:d7: ae:9c:87:cd:19:42:94:36:ff:20:07:d5:ea:73:dc:8e:e0:3b: fd:c8:0a:3f:a0:ac:77:e4:d4:61:e1:e9:1b:51:fb:c4:b9:27: f0:e7:6b:f6:b6:94:28:01:57:2b:07:4f:df:99:5f:a0:9b:ce: 79:9f:cc:10:04:08:9d:8c:70:6b:c2:82:08:e0:22:1a:12:1f: 60:96:fa:99 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIvYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTEwMzEw NTEwMTZaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDE3MzNBOEFGMjBCQzVD QUU5RTk5Nzg2RTg1MzFBQUIxQjI1MzY4MDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUGwdOXK6z2CHTIKnd16bUFWwK/D5gqStuaoZj1c0YIhFBam+e v+tH0iTTlk3p/59fzcvKyQqVsgMNk9xvr/u5ZTTegeUYONyaY4Qt2ibDPkhEbLRj +se88BP68CewkpWfiysvSk/gSlZFlVdbjScGHmd8qjByvlFsSf3O4im22UnT3scC SXtdRhRlZNam6hcmfq0ufzxBB218D8ay8831lwTKQhL/QX5RG4BaamiukCdANfkj ksDugbhGvjG0mHNTxUow/YrzRUluh7p7Nz4x+Q+py/YmktFeP9UR3UEfsyNCsbUN Hoo+ULy5L+QYpF5co/0dBIbseUwR7S4CY4r5AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUFzOoryC8XK6emXhuhTGqsbJTaAMwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0Z6T29yeUM4WEs2ZW1Y aHVoVEdxc2JKVGFBTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABl7f0wDQYJKoZIhvcNAQELBQADggEBABQ18ZIEEDOKu+wUVmx6cnwal09rzNyj +2wdIw2GfSmagCka9RWCgRlybmw2e9cEvlw4HrkzRcdb2qFXyaIHg2LVnMlrqI/q 5VcTodV4UGgu+Sg6NouYZ5ltRnU80Aup2s4HwZ1e2gWRV3DiGGLqqPy9sTXO3MTC RGtSXjc75yC95vEIm0j7Kv+WDNGhVVPQKEChGcGVVRdUi9Cfi/QWW/wuzIZCfzTU Ij/4hCW6Mc/9aBPS166ch80ZQpQ2/yAH1epz3I7gO/3ICj+grHfk1GHh6RtR+8S5 J/Dna/a2lCgBVysHT9+ZX6CbznmfzBAECJ2McGvCggjgIhoSH2CW+pk= -----END CERTIFICATE-----Generated at Wed Nov 5 12:41:39 2025 by rpki-client