$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/xwP3UT800TDJRfK5m-qVNTZXYqY.roa File: xwP3UT800TDJRfK5m-qVNTZXYqY.roa (raw, json) Hash identifier: mOO4cjxQebtpNr7kHAjvVLZXzxV/QgFyDDIiTprGvrs= Subject key identifier: C7:03:F7:51:3F:34:D1:30:C9:45:F2:B9:9B:EA:95:35:36:57:62:A6 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 22EB Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/xwP3UT800TDJRfK5m-qVNTZXYqY.roa Signing time: Wed 29 Oct 2025 05:21:22 +0000 ROA not before: Wed 29 Oct 2025 05:21:22 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 135377 IP address blocks: 101.237.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 11:11:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8939 (0x22eb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Oct 29 05:21:22 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=C703F7513F34D130C945F2B99BEA9535365762A6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:83:a7:61:e0:a4:bd:9b:08:c6:68:73:72:4a: 31:20:1c:4d:21:2d:58:fd:e0:8b:4b:1c:f9:d0:16: a6:02:4f:32:e8:74:7a:8e:39:53:d1:24:dd:d3:8e: 9c:04:fa:59:16:6f:fa:94:d9:ca:4e:b2:0f:49:d4: b5:ba:c0:71:8f:03:ac:00:46:dc:54:06:57:86:41: e7:3a:f7:77:c6:a0:c1:3f:0e:e2:99:e0:ee:20:31: db:67:47:d6:62:4a:a5:46:43:23:b7:ed:cd:a0:53: b4:e0:5e:db:54:51:3f:a2:82:0f:1b:cd:19:bd:2d: c2:ed:aa:dd:df:7d:23:5e:11:1a:05:3e:00:b0:01: 7f:c0:43:32:96:45:24:15:59:1c:20:7c:e8:d0:6a: e0:c8:6e:5a:59:2b:9b:32:62:29:75:25:bf:ed:11: e7:ff:dc:0c:a4:9b:fd:82:ee:7f:40:b9:09:a5:32: 15:35:96:19:7e:ef:ff:5a:92:fb:ae:21:d3:e5:6c: 8f:4e:66:98:35:dd:8f:af:f7:23:6f:83:d6:a3:ac: d6:0c:05:f1:6f:4e:c5:cb:6d:fa:da:8a:73:7e:57: b4:f5:b8:38:cb:e1:60:ed:94:b5:02:5d:82:1c:6a: 55:d4:ef:42:ba:91:9d:f9:23:84:ac:41:e2:bb:6b: 81:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:03:F7:51:3F:34:D1:30:C9:45:F2:B9:9B:EA:95:35:36:57:62:A6 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/xwP3UT800TDJRfK5m-qVNTZXYqY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.237.255.0/24 Signature Algorithm: sha256WithRSAEncryption a0:91:88:c0:45:64:a6:3f:35:79:73:85:29:a8:7a:fe:6c:d1: 3a:45:bd:84:ac:59:5e:71:77:df:0d:dc:f9:d6:4e:34:61:4a: 62:9c:fc:a4:0c:7d:50:62:d3:d5:9e:d3:d9:67:a3:b6:ea:4a: 07:44:02:3e:88:b4:09:19:e3:23:c5:c5:66:80:76:7f:0f:ea: b4:48:02:f3:3e:7d:8d:8f:c2:54:a7:0f:fb:80:f5:62:5b:ca: c8:65:d5:7e:2f:90:2b:00:9c:e3:29:2b:7e:37:7b:e6:dc:c9: 27:57:ab:a4:eb:2f:0f:f3:78:1b:d1:2e:cd:da:d1:33:de:e3: 24:78:2a:76:28:8b:f1:dd:60:ca:4c:34:5c:73:9a:36:3b:c0: d0:a0:68:18:6d:8c:fc:2a:6e:46:f5:29:88:30:df:53:5d:e0: 1b:cf:d5:69:46:fa:b8:4d:b4:3b:c7:3d:70:35:91:48:99:98: f7:18:52:b1:8d:60:3d:2d:1b:76:8a:e5:b7:63:ac:ca:04:f1: bc:64:45:68:6e:ff:99:a7:5c:cb:82:11:e4:c3:40:1c:27:8b: 53:1d:7c:00:2f:30:a9:af:07:be:ea:61:ea:37:ca:3d:6a:57: ed:7b:a5:2b:24:cf:34:1c:9d:ec:10:34:99:b7:60:e0:20:91: 10:0b:2f:29 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIuswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTEwMjkw NTIxMjJaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEM3MDNGNzUxM0YzNEQx MzBDOTQ1RjJCOTlCRUE5NTM1MzY1NzYyQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTg6dh4KS9mwjGaHNySjEgHE0hLVj94ItLHPnQFqYCTzLodHqO OVPRJN3TjpwE+lkWb/qU2cpOsg9J1LW6wHGPA6wARtxUBleGQec693fGoME/DuKZ 4O4gMdtnR9ZiSqVGQyO37c2gU7TgXttUUT+igg8bzRm9LcLtqt3ffSNeERoFPgCw AX/AQzKWRSQVWRwgfOjQauDIblpZK5syYil1Jb/tEef/3Aykm/2C7n9AuQmlMhU1 lhl+7/9akvuuIdPlbI9OZpg13Y+v9yNvg9ajrNYMBfFvTsXLbfrainN+V7T1uDjL 4WDtlLUCXYIcalXU70K6kZ35I4SsQeK7a4FZAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUxwP3UT800TDJRfK5m+qVNTZXYqYwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3h3UDNVVDgwMFRESlJm SzVtLXFWTlRaWFlxWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABl7f8wDQYJKoZIhvcNAQELBQADggEBAKCRiMBFZKY/NXlzhSmoev5s0TpFvYSs WV5xd98N3PnWTjRhSmKc/KQMfVBi09We09lno7bqSgdEAj6ItAkZ4yPFxWaAdn8P 6rRIAvM+fY2PwlSnD/uA9WJbyshl1X4vkCsAnOMpK343e+bcySdXq6TrLw/zeBvR Ls3a0TPe4yR4KnYoi/HdYMpMNFxzmjY7wNCgaBhtjPwqbkb1KYgw31Nd4BvP1WlG +rhNtDvHPXA1kUiZmPcYUrGNYD0tG3aK5bdjrMoE8bxkRWhu/5mnXMuCEeTDQBwn i1MdfAAvMKmvB77qYeo3yj1qV+17pSskzzQcnewQNJm3YOAgkRALLyk= -----END CERTIFICATE-----Generated at Wed Nov 5 09:37:40 2025 by rpki-client