$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Hxoh_L710oEY2VOZAXmyZQvV0iw.roa File: Hxoh_L710oEY2VOZAXmyZQvV0iw.roa (raw, json) Hash identifier: TD/RqD8yyMI0So/HO9LjHV0xvt3Q5yA+8bIrub4KPuI= Subject key identifier: 1F:1A:21:FC:BE:F5:D2:81:18:D9:53:99:01:79:B2:65:0B:D5:D2:2C Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7FA1 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Hxoh_L710oEY2VOZAXmyZQvV0iw.roa Signing time: Wed 06 Aug 2025 07:33:18 +0000 ROA not before: Wed 06 Aug 2025 07:33:18 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 103.35.32.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32673 (0x7fa1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:18 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=1F1A21FCBEF5D28118D953990179B2650BD5D22C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:4a:1c:7f:67:2a:19:29:d8:f0:84:ad:1d:1a: d4:82:f5:59:8c:7c:3c:f6:3d:25:7a:52:72:0a:e3: 2f:ed:c9:8a:89:17:cf:c1:41:95:15:69:75:b5:03: 69:df:69:e4:52:ad:57:92:3e:7f:83:9c:87:0b:7b: 16:3f:52:a6:29:4b:ec:c7:0c:29:35:7e:1e:95:61: 3f:bc:3b:4a:a6:f3:97:29:df:69:30:3c:f9:93:a6: e4:cf:9c:6a:c6:7c:4e:70:af:dd:41:b7:40:06:06: f8:02:91:6f:42:ee:65:4b:36:0d:6d:f1:69:b8:ac: 04:a2:87:d4:4e:68:ff:26:c3:66:a2:0c:32:95:b0: 6f:fc:9c:5a:da:92:b5:38:43:f4:66:87:97:10:f0: a8:f7:ce:49:5e:b2:1a:8c:1b:8f:36:de:f9:3c:35: 76:aa:ac:48:3c:53:b3:d3:8a:3a:b8:5e:56:60:19: fc:2d:0f:76:79:79:ce:b3:d8:65:e1:ce:a4:c4:37: 26:fb:83:de:d6:ba:a0:01:a3:70:57:d0:03:bd:34: d3:1c:15:21:25:94:6c:09:93:9d:4f:5d:a8:e7:3f: 61:6a:cb:c0:b8:45:0a:2a:c8:65:3f:78:46:b0:7c: 69:66:0c:d8:44:55:cb:b8:93:81:e4:88:f4:9d:a8: 64:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:1A:21:FC:BE:F5:D2:81:18:D9:53:99:01:79:B2:65:0B:D5:D2:2C X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Hxoh_L710oEY2VOZAXmyZQvV0iw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.35.32.0/20 Signature Algorithm: sha256WithRSAEncryption 9d:ac:ff:13:c8:1f:73:df:d5:64:08:0d:e8:60:4c:02:67:5a: bb:fd:08:6f:76:d1:49:72:3e:b1:9b:62:87:a4:e4:b5:18:0f: f1:46:15:c2:ff:1a:14:6a:1e:26:18:a9:fc:21:25:69:6b:0c: 95:71:f0:eb:7a:78:19:c8:7a:d2:b2:78:07:89:56:c6:1d:82: a3:1e:65:85:67:5f:b7:4c:b8:22:0f:fd:54:71:18:e2:70:ef: 5d:34:e8:8d:96:75:c3:57:c0:1c:62:70:cc:a5:1c:29:e5:88: ee:e7:8d:e1:d3:9c:0f:6c:2b:11:c2:3b:1c:31:f2:37:b6:ae: d4:db:df:0c:ce:7a:2a:30:c5:95:88:ee:35:64:5b:ed:f7:95: 57:42:cc:97:e4:48:8a:23:f7:40:9e:19:21:ea:4c:42:4f:ae: a8:23:59:30:58:2e:ea:6c:89:67:dd:b5:94:cf:2b:a2:40:39: 9d:b1:db:67:a0:c8:1d:97:a1:46:05:7a:2d:a8:02:43:86:45: ef:f0:da:81:39:c6:9b:89:8d:8b:a1:c9:d3:00:43:86:c2:05: 9b:9e:ea:71:06:c8:d6:a8:7b:9a:28:1f:57:42:b4:dc:e5:35: a1:f3:96:41:54:69:42:84:bb:13:c9:b2:5f:db:52:a4:5e:d7: 35:0d:95:59 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf6EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMThaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDFGMUEyMUZDQkVGNUQy ODExOEQ5NTM5OTAxNzlCMjY1MEJENUQyMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAShx/ZyoZKdjwhK0dGtSC9VmMfDz2PSV6UnIK4y/tyYqJF8/B QZUVaXW1A2nfaeRSrVeSPn+DnIcLexY/UqYpS+zHDCk1fh6VYT+8O0qm85cp32kw PPmTpuTPnGrGfE5wr91Bt0AGBvgCkW9C7mVLNg1t8Wm4rASih9ROaP8mw2aiDDKV sG/8nFrakrU4Q/Rmh5cQ8Kj3zkleshqMG4823vk8NXaqrEg8U7PTijq4XlZgGfwt D3Z5ec6z2GXhzqTENyb7g97WuqABo3BX0AO9NNMcFSEllGwJk51PXajnP2Fqy8C4 RQoqyGU/eEawfGlmDNhEVcu4k4HkiPSdqGSxAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUHxoh/L710oEY2VOZAXmyZQvV0iwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0h4b2hfTDcxMG9FWTJW T1pBWG15WlF2VjBpdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARnIyAwDQYJKoZIhvcNAQELBQADggEBAJ2s/xPIH3Pf1WQIDehgTAJnWrv9CG92 0UlyPrGbYoek5LUYD/FGFcL/GhRqHiYYqfwhJWlrDJVx8Ot6eBnIetKyeAeJVsYd gqMeZYVnX7dMuCIP/VRxGOJw71006I2WdcNXwBxicMylHCnliO7njeHTnA9sKxHC Oxwx8je2rtTb3wzOeiowxZWI7jVkW+33lVdCzJfkSIoj90CeGSHqTEJPrqgjWTBY LupsiWfdtZTPK6JAOZ2x22egyB2XoUYFei2oAkOGRe/w2oE5xpuJjYuhydMAQ4bC BZue6nEGyNaoe5ooH1dCtNzlNaHzlkFUaUKEuxPJsl/bUqRe1zUNlVk= -----END CERTIFICATE-----Generated at Thu Aug 14 11:10:49 2025 by rpki-client