$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/iJXesGmzm64-koYvSYz2T1LIMAU.roa File: iJXesGmzm64-koYvSYz2T1LIMAU.roa (raw, json) Hash identifier: BbjYrEHzNP4BiAwUlEwGX70hp79k8GaPLLdWUC+wWYo= Subject key identifier: 88:95:DE:B0:69:B3:9B:AE:3E:92:86:2F:49:8C:F6:4F:52:C8:30:05 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7F8B Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iJXesGmzm64-koYvSYz2T1LIMAU.roa Signing time: Wed 06 Aug 2025 07:33:13 +0000 ROA not before: Wed 06 Aug 2025 07:33:13 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 103.236.32.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32651 (0x7f8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:13 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=8895DEB069B39BAE3E92862F498CF64F52C83005 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:e7:74:05:f2:fc:bc:fb:2c:32:d2:48:7e:6d: de:53:cd:f2:ca:19:17:82:06:d7:bb:ec:a3:60:7f: c7:55:87:4c:79:8e:8e:6e:13:36:93:ea:3a:87:b2: f9:48:8e:9a:6f:c6:10:fa:22:fe:14:1f:2e:92:16: 9b:d9:45:77:70:b7:f2:40:e2:a7:4a:e4:d0:fc:a1: e1:37:ca:9a:4b:97:06:ce:e5:1c:f6:83:7e:4f:5a: df:c8:1a:8d:2a:07:81:cc:2f:88:86:1b:52:54:77: 95:8f:94:ef:f7:c0:a1:2d:d2:12:0b:4e:a5:e2:90: 29:d9:19:cb:16:95:cd:1a:83:28:d3:d2:ad:ea:3f: 61:90:2f:4a:e9:b6:c2:78:c0:ce:57:75:f1:e2:0a: 0a:71:a4:59:95:be:77:1b:e4:46:f6:57:e7:82:17: 3d:5c:f0:ab:38:e8:e6:fd:3e:39:ed:26:05:e5:45: 0f:04:cb:84:ec:69:aa:18:f1:db:83:65:1b:b5:80: 0a:c3:2f:c0:af:11:d2:b4:ba:b4:37:73:83:b5:c8: 2f:0d:b9:59:1a:16:eb:e0:d3:23:43:2d:1e:27:a5: 2e:09:ed:73:52:78:b0:f9:07:02:bc:b7:fd:58:1e: 47:b9:29:73:88:1d:c8:55:ee:31:2b:1d:cb:d6:92: e5:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:95:DE:B0:69:B3:9B:AE:3E:92:86:2F:49:8C:F6:4F:52:C8:30:05 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iJXesGmzm64-koYvSYz2T1LIMAU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.236.32.0/22 Signature Algorithm: sha256WithRSAEncryption 48:ea:9a:76:18:79:a2:53:db:47:30:f6:25:66:8f:b6:f2:c1: d3:cf:09:53:4f:31:ca:d3:a6:26:75:38:7f:53:7a:e7:fa:95: de:80:f5:18:47:3f:50:38:b1:5c:04:44:36:f8:32:15:93:af: d6:a4:59:85:94:fc:10:fa:26:b4:aa:61:27:a5:87:d1:a4:27: 88:4d:25:9f:9c:40:c3:62:3d:c9:23:d0:69:19:f8:6f:d7:75: 70:89:fc:45:ff:69:7c:1b:77:1e:c2:f6:44:d6:c3:10:db:16: fe:a1:7f:26:60:8c:d6:a8:15:a5:1d:de:ee:44:2d:cd:57:0b: 8e:ad:8a:1f:a0:95:21:1d:19:60:ed:ad:12:68:6b:25:3e:c9: e9:28:90:2f:e2:a6:26:f4:8f:04:1f:0a:02:56:f9:84:87:25: 07:7a:b7:6f:47:e7:66:5e:0c:fb:36:e9:5e:8f:b9:b3:d6:29: 63:2d:aa:95:e8:50:10:6d:9b:26:0b:77:04:69:ea:50:8e:33: c3:97:1b:c8:ed:3f:92:f3:ba:77:66:29:7f:dd:1c:cd:41:bb: 82:16:4d:7d:9a:b9:88:5e:10:5e:53:90:ef:12:21:b5:50:24: 45:12:96:e3:f7:7b:28:0a:31:6e:a8:b3:cd:3a:5f:fb:89:72: 00:1a:ee:7b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf4swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg4OTVERUIwNjlCMzlC QUUzRTkyODYyRjQ5OENGNjRGNTJDODMwMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDv53QF8vy8+ywy0kh+bd5TzfLKGReCBte77KNgf8dVh0x5jo5u EzaT6jqHsvlIjppvxhD6Iv4UHy6SFpvZRXdwt/JA4qdK5ND8oeE3yppLlwbO5Rz2 g35PWt/IGo0qB4HML4iGG1JUd5WPlO/3wKEt0hILTqXikCnZGcsWlc0agyjT0q3q P2GQL0rptsJ4wM5XdfHiCgpxpFmVvncb5Eb2V+eCFz1c8Ks46Ob9PjntJgXlRQ8E y4TsaaoY8duDZRu1gArDL8CvEdK0urQ3c4O1yC8NuVkaFuvg0yNDLR4npS4J7XNS eLD5BwK8t/1YHke5KXOIHchV7jErHcvWkuX9AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUiJXesGmzm64+koYvSYz2T1LIMAUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2lKWGVzR216bTY0LWtv WXZTWXoyVDFMSU1BVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn7CAwDQYJKoZIhvcNAQELBQADggEBAEjqmnYYeaJT20cw9iVmj7bywdPPCVNP McrTpiZ1OH9Teuf6ld6A9RhHP1A4sVwERDb4MhWTr9akWYWU/BD6JrSqYSelh9Gk J4hNJZ+cQMNiPckj0GkZ+G/XdXCJ/EX/aXwbdx7C9kTWwxDbFv6hfyZgjNaoFaUd 3u5ELc1XC46tih+glSEdGWDtrRJoayU+yekokC/ipib0jwQfCgJW+YSHJQd6t29H 52ZeDPs26V6PubPWKWMtqpXoUBBtmyYLdwRp6lCOM8OXG8jtP5LzundmKX/dHM1B u4IWTX2auYheEF5TkO8SIbVQJEUSluP3eygKMW6os806X/uJcgAa7ns= -----END CERTIFICATE-----Generated at Thu Aug 14 11:10:58 2025 by rpki-client