$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/iZu8_KB3gM46XY3h2RL7rkNyfaY.roa File: iZu8_KB3gM46XY3h2RL7rkNyfaY.roa (raw, json) Hash identifier: UrX8KljlZ9ePQUhFlv6h0wf1lJULnQx2q87SMT/gBPs= Subject key identifier: 89:9B:BC:FC:A0:77:80:CE:3A:5D:8D:E1:D9:12:FB:AE:43:72:7D:A6 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7F86 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iZu8_KB3gM46XY3h2RL7rkNyfaY.roa Signing time: Wed 06 Aug 2025 07:33:11 +0000 ROA not before: Wed 06 Aug 2025 07:33:11 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 103.236.12.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32646 (0x7f86) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:11 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=899BBCFCA07780CE3A5D8DE1D912FBAE43727DA6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:ca:5e:2d:ca:60:99:11:a6:07:90:76:2a:07: 51:79:71:b9:b4:34:06:4b:bb:ef:be:7b:0d:bb:31: b4:99:d1:8b:10:a0:d8:ad:cb:de:95:26:53:98:d9: e0:c8:82:2f:2c:1a:84:3c:f5:9d:71:86:3c:c8:1e: 0d:c9:fb:b0:57:11:a7:b6:10:ed:f2:21:78:bd:57: 7a:a5:05:85:1d:c4:62:64:d3:1b:1c:c7:d9:df:b1: b4:35:70:2f:70:32:56:e5:c8:20:99:d7:61:79:a6: b3:37:2e:5b:7d:54:ad:cd:84:25:2e:ba:47:10:5e: e1:63:2f:d2:2f:60:b4:09:63:b2:d1:be:f1:67:4f: 15:c9:1a:67:95:bc:9c:85:79:f3:83:14:50:a9:aa: 8d:4b:f1:00:b1:db:ca:ec:90:80:b8:e4:e5:37:7c: 79:39:9b:86:67:2e:a6:48:5e:c4:46:c3:c7:8b:d6: cf:fb:d6:7e:58:3c:8b:c0:c1:97:74:fe:39:5c:7c: 7f:b4:59:b9:ee:b7:4e:e5:0f:2a:f7:8d:c4:55:b7: a4:95:2d:21:92:f3:19:95:a3:9c:f5:85:3c:93:ac: 18:3b:99:0c:a8:ae:3c:20:15:57:bc:11:9e:a7:c1: 17:6e:eb:48:5d:ff:40:88:4f:45:b9:3e:36:63:b5: ad:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:9B:BC:FC:A0:77:80:CE:3A:5D:8D:E1:D9:12:FB:AE:43:72:7D:A6 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iZu8_KB3gM46XY3h2RL7rkNyfaY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.236.12.0/22 Signature Algorithm: sha256WithRSAEncryption 57:b9:3e:b2:36:8f:6f:e8:5d:ee:56:f6:f6:c6:25:50:77:bd: 47:dd:e7:2a:e0:72:b9:4e:2c:80:5f:5f:a1:3b:1e:b1:bf:16: 0f:fe:11:ff:2f:f6:06:c2:d6:31:d3:12:43:0c:11:d5:c1:f1: 56:a6:c0:5f:28:99:aa:bc:07:25:b9:ef:1a:94:5b:62:e5:d2: ee:44:5f:b3:9f:81:a2:a5:a1:78:ec:72:38:66:15:87:77:80: 9c:c3:72:1f:1c:7b:9d:59:e9:db:02:e5:b1:31:69:53:0e:5f: 7a:63:fe:ce:38:fb:25:b4:d2:8e:c4:80:1a:46:f8:af:39:97: 03:a4:74:75:8d:f1:ed:5b:8b:58:35:a9:c2:9b:b7:99:f0:d1: 00:54:8e:a4:15:ce:3e:8c:3d:30:32:bb:fd:e9:5e:2a:e8:eb: d8:08:60:7c:88:e0:69:92:65:76:c5:6e:ab:ce:2e:37:5a:5b: b7:78:37:57:d1:ab:f9:09:69:02:73:07:bf:12:84:51:c1:d2: d7:40:79:9a:9b:fc:b5:8b:a8:c2:0a:2d:1e:90:1b:54:41:11: d5:91:c6:18:26:6d:e9:d3:50:4c:74:01:d5:a1:73:33:a6:b8: eb:88:4f:01:a7:39:11:58:00:c8:68:63:e3:68:43:24:7a:06: 87:a4:11:3f -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf4YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg5OUJCQ0ZDQTA3Nzgw Q0UzQTVEOERFMUQ5MTJGQkFFNDM3MjdEQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCnyl4tymCZEaYHkHYqB1F5cbm0NAZLu+++ew27MbSZ0YsQoNit y96VJlOY2eDIgi8sGoQ89Z1xhjzIHg3J+7BXEae2EO3yIXi9V3qlBYUdxGJk0xsc x9nfsbQ1cC9wMlblyCCZ12F5prM3Llt9VK3NhCUuukcQXuFjL9IvYLQJY7LRvvFn TxXJGmeVvJyFefODFFCpqo1L8QCx28rskIC45OU3fHk5m4ZnLqZIXsRGw8eL1s/7 1n5YPIvAwZd0/jlcfH+0Wbnut07lDyr3jcRVt6SVLSGS8xmVo5z1hTyTrBg7mQyo rjwgFVe8EZ6nwRdu60hd/0CIT0W5PjZjta2rAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUiZu8/KB3gM46XY3h2RL7rkNyfaYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2ladThfS0IzZ000NlhZ M2gyUkw3cmtOeWZhWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn7AwwDQYJKoZIhvcNAQELBQADggEBAFe5PrI2j2/oXe5W9vbGJVB3vUfd5yrg crlOLIBfX6E7HrG/Fg/+Ef8v9gbC1jHTEkMMEdXB8VamwF8omaq8ByW57xqUW2Ll 0u5EX7OfgaKloXjscjhmFYd3gJzDch8ce51Z6dsC5bExaVMOX3pj/s44+yW00o7E gBpG+K85lwOkdHWN8e1bi1g1qcKbt5nw0QBUjqQVzj6MPTAyu/3pXiro69gIYHyI 4GmSZXbFbqvOLjdaW7d4N1fRq/kJaQJzB78ShFHB0tdAeZqb/LWLqMIKLR6QG1RB EdWRxhgmbenTUEx0AdWhczOmuOuITwGnORFYAMhoY+NoQyR6BoekET8= -----END CERTIFICATE-----Generated at Thu Aug 14 11:12:11 2025 by rpki-client