$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/TEeTO1E3vBmhX1zAcKT7lm-3mWA.roa File: TEeTO1E3vBmhX1zAcKT7lm-3mWA.roa (raw, json) Hash identifier: sMNyC/W8hJu8s6CyNVERsiOZIY/Zg8Rw4bKY1DVf/cA= Subject key identifier: 4C:47:93:3B:51:37:BC:19:A1:5F:5C:C0:70:A4:FB:96:6F:B7:99:60 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7F97 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TEeTO1E3vBmhX1zAcKT7lm-3mWA.roa Signing time: Wed 06 Aug 2025 07:33:16 +0000 ROA not before: Wed 06 Aug 2025 07:33:16 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 103.236.36.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32663 (0x7f97) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:16 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=4C47933B5137BC19A15F5CC070A4FB966FB79960 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:be:3e:4c:16:33:87:fd:ae:26:60:d4:8b:fd: b0:d9:83:df:55:c1:ea:4f:77:eb:bc:6a:45:2e:b3: 1a:65:e8:16:16:40:fc:15:ae:19:69:91:1f:b5:ac: 0c:8a:1b:72:06:3f:34:56:66:8a:e3:53:a6:fb:b2: 6c:f8:ca:4b:ab:db:4a:81:ba:1d:bd:7d:69:4b:a5: fc:81:b8:11:ab:f4:d6:34:0e:b5:85:31:5c:c8:b3: 0e:13:08:87:4f:12:36:a0:28:0d:dd:27:15:b0:7a: 08:75:d8:eb:dd:6c:d8:48:36:36:5b:48:ea:45:6d: c6:1f:79:7c:b5:d6:f0:fd:f5:82:97:5a:7a:b2:02: a3:18:33:7d:5a:4c:67:60:58:9a:31:0e:83:34:6d: 86:82:a4:04:04:2d:d2:dc:39:03:fc:b5:60:7e:cb: 8c:ce:6d:08:ce:9c:b1:55:96:5d:f2:ea:10:b1:84: 57:24:1a:3f:14:de:0d:c2:3e:fd:aa:18:b0:8a:5d: fc:b0:d0:57:84:4d:2e:a3:80:15:00:d2:06:a4:48: d8:3d:e9:97:8b:47:ec:23:b9:6b:2a:bc:af:87:8f: f7:49:62:ab:98:e7:ea:b7:aa:3c:69:b9:3a:97:5c: a5:f5:41:2a:90:3c:91:87:fd:93:32:f4:6b:7d:72: 14:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:47:93:3B:51:37:BC:19:A1:5F:5C:C0:70:A4:FB:96:6F:B7:99:60 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TEeTO1E3vBmhX1zAcKT7lm-3mWA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.236.36.0/22 Signature Algorithm: sha256WithRSAEncryption ab:e8:a6:df:f8:78:a7:99:df:d9:17:98:70:7e:6f:ec:98:c8: 41:17:81:cf:1c:1a:f2:31:fc:45:b1:c5:af:3c:17:ba:34:f9: 27:9a:84:ae:5c:37:a8:12:34:f8:1b:f0:28:4f:c8:b9:54:17: 33:db:e8:67:2f:20:90:94:fd:45:d6:99:46:0e:f1:d5:cb:9f: 17:c3:d0:3a:ea:a6:97:ef:ff:f7:1b:a8:e0:9e:eb:b5:a8:df: fb:32:06:d5:33:d8:13:04:cb:06:56:a8:d7:2e:16:e7:4f:99: 80:f6:57:0f:ad:0a:37:7d:dc:db:4a:6c:39:da:43:47:31:56: 4c:09:71:b5:fc:c6:d4:21:a0:2f:17:0c:68:69:9d:e6:0b:17: ae:38:df:be:b4:50:df:54:02:18:70:cc:ca:61:61:36:fd:90: f8:3c:a7:40:2c:6c:9d:40:03:3f:c7:29:46:a0:45:68:ee:9f: c6:eb:e4:b3:4e:02:cf:0d:b8:ec:19:46:ef:67:cb:a1:5d:9f: 54:b0:e3:d7:67:43:6c:27:94:b6:fe:01:32:df:20:40:d2:ca: 54:52:c1:0b:d3:2d:43:01:b3:62:45:dd:cb:5c:7b:5a:9e:cf: 2d:92:02:49:5d:33:1a:eb:7f:0d:b4:02:2a:20:37:52:71:57: aa:89:9b:68 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf5cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMTZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDRDNDc5MzNCNTEzN0JD MTlBMTVGNUNDMDcwQTRGQjk2NkZCNzk5NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6vj5MFjOH/a4mYNSL/bDZg99VwepPd+u8akUusxpl6BYWQPwV rhlpkR+1rAyKG3IGPzRWZorjU6b7smz4ykur20qBuh29fWlLpfyBuBGr9NY0DrWF MVzIsw4TCIdPEjagKA3dJxWwegh12OvdbNhINjZbSOpFbcYfeXy11vD99YKXWnqy AqMYM31aTGdgWJoxDoM0bYaCpAQELdLcOQP8tWB+y4zObQjOnLFVll3y6hCxhFck Gj8U3g3CPv2qGLCKXfyw0FeETS6jgBUA0gakSNg96ZeLR+wjuWsqvK+Hj/dJYquY 5+q3qjxpuTqXXKX1QSqQPJGH/ZMy9Gt9chTnAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUTEeTO1E3vBmhX1zAcKT7lm+3mWAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1RFZVRPMUUzdkJtaFgx ekFjS1Q3bG0tM21XQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn7CQwDQYJKoZIhvcNAQELBQADggEBAKvopt/4eKeZ39kXmHB+b+yYyEEXgc8c GvIx/EWxxa88F7o0+SeahK5cN6gSNPgb8ChPyLlUFzPb6GcvIJCU/UXWmUYO8dXL nxfD0Drqppfv//cbqOCe67Wo3/syBtUz2BMEywZWqNcuFudPmYD2Vw+tCjd93NtK bDnaQ0cxVkwJcbX8xtQhoC8XDGhpneYLF6443760UN9UAhhwzMphYTb9kPg8p0As bJ1AAz/HKUagRWjun8br5LNOAs8NuOwZRu9ny6Fdn1Sw49dnQ2wnlLb+ATLfIEDS ylRSwQvTLUMBs2JF3ctce1qezy2SAkldMxrrfw20AiogN1JxV6qJm2g= -----END CERTIFICATE-----Generated at Thu Aug 14 11:07:26 2025 by rpki-client