$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/x6lluZzLr_zG1Sq5du8HtQL3ioc.roa File: x6lluZzLr_zG1Sq5du8HtQL3ioc.roa (raw, json) Hash identifier: dVgzYhXlp+UzsNjIsjeBSuuyI+LTDovWntfnwui4bdQ= Subject key identifier: C7:A9:65:B9:9C:CB:AF:FC:C6:D5:2A:B9:76:EF:07:B5:02:F7:8A:87 Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Certificate serial: 7FA0 Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/x6lluZzLr_zG1Sq5du8HtQL3ioc.roa Signing time: Wed 06 Aug 2025 07:33:18 +0000 ROA not before: Wed 06 Aug 2025 07:33:18 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24426 IP address blocks: 103.236.40.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32672 (0x7fa0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA Validity Not Before: Aug 6 07:33:18 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=C7A965B99CCBAFFCC6D52AB976EF07B502F78A87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:24:45:5f:62:e4:5e:9a:3d:41:9e:3e:42:b7: 62:96:85:66:53:3f:8f:d5:03:2a:18:66:40:f6:ad: a5:bf:f8:f1:f9:65:2c:21:6a:f2:8e:7e:a8:39:b8: 6d:7d:a6:fa:b2:38:4d:b1:bd:b3:04:de:15:cb:24: d1:dc:e7:76:e1:21:47:4e:c3:fa:7a:be:81:43:78: 51:3b:ac:13:8b:32:f1:9d:f1:45:5f:88:21:84:36: 95:e9:0b:37:28:a7:4f:44:ee:25:d6:77:3d:a5:24: 87:db:0b:7d:77:8d:c7:0e:58:0f:76:39:f0:20:80: fd:79:7d:1e:1f:32:9c:4c:60:b3:9d:99:9e:a3:00: b2:2b:31:cc:98:a1:ee:0d:72:7e:4f:1a:7f:e1:e4: e5:4a:c7:82:6c:da:14:97:3e:e6:aa:21:d8:9f:e9: d8:23:84:34:28:45:29:e2:e7:a8:7c:fc:c7:fb:09: f3:ad:f2:f3:ee:24:37:f7:53:cf:22:99:df:72:e7: 41:72:df:03:a0:14:58:ea:f3:27:c3:b4:83:35:62: 28:12:e7:f7:39:40:26:e8:65:15:68:dd:80:78:e7: 66:6c:e0:bd:97:58:a7:3a:d5:07:d3:be:59:02:de: af:16:8f:9a:54:18:70:9b:8e:8e:d4:77:3b:26:84: 89:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:A9:65:B9:9C:CB:AF:FC:C6:D5:2A:B9:76:EF:07:B5:02:F7:8A:87 X509v3 Authority Key Identifier: keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/x6lluZzLr_zG1Sq5du8HtQL3ioc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.236.40.0/22 Signature Algorithm: sha256WithRSAEncryption 8f:c7:92:3d:3e:07:ff:fd:88:d0:d3:de:53:e6:ec:da:d5:4f: 08:bc:3b:69:7f:08:11:52:4e:72:56:84:57:51:83:33:b2:09: 30:f1:37:6c:34:2c:77:d1:54:2a:47:89:32:89:56:f0:71:60: db:b3:9f:6a:04:a3:3c:29:1b:eb:e9:d2:55:22:32:bf:57:d1: eb:a5:0f:b3:e0:1a:5e:e1:f9:12:45:b7:92:05:38:c1:45:e9: d9:96:7f:54:e3:51:fa:75:60:4a:b4:ec:be:0a:d0:e6:4d:06: f7:78:fe:93:2e:63:db:bc:d7:8a:2e:45:eb:87:27:32:19:db: 6d:26:19:9b:fc:b6:ba:e6:7e:1d:6d:db:54:d3:96:5d:1f:e3: bd:78:e1:1c:29:ce:ec:9a:4b:15:b2:38:7a:74:af:24:d9:79: 41:0b:74:5a:12:39:b7:f1:cc:36:24:8d:da:ab:d4:ff:1a:3c: 7b:b3:1a:99:bd:0d:ff:50:80:a5:b9:f8:6b:63:cc:89:df:33: 7d:95:80:e4:00:df:bc:43:2d:d0:1f:1d:ec:aa:70:d2:54:8f: 82:e8:85:a8:7b:be:a5:3f:9a:9e:9f:78:ce:94:51:7e:4d:e7: 0f:80:1a:d3:5a:0a:05:22:a6:7e:7b:09:98:91:d6:88:b8:96: f4:3c:bf:9a -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICf6AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA4MDYw NzMzMThaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEM3QTk2NUI5OUNDQkFG RkNDNkQ1MkFCOTc2RUYwN0I1MDJGNzhBODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzJEVfYuRemj1Bnj5Ct2KWhWZTP4/VAyoYZkD2raW/+PH5ZSwh avKOfqg5uG19pvqyOE2xvbME3hXLJNHc53bhIUdOw/p6voFDeFE7rBOLMvGd8UVf iCGENpXpCzcop09E7iXWdz2lJIfbC313jccOWA92OfAggP15fR4fMpxMYLOdmZ6j ALIrMcyYoe4Ncn5PGn/h5OVKx4Js2hSXPuaqIdif6dgjhDQoRSni56h8/Mf7CfOt 8vPuJDf3U88imd9y50Fy3wOgFFjq8yfDtIM1YigS5/c5QCboZRVo3YB452Zs4L2X WKc61QfTvlkC3q8Wj5pUGHCbjo7UdzsmhIkBAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUx6lluZzLr/zG1Sq5du8HtQL3iocwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj 3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3 L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3g2bGx1WnpMcl96RzFT cTVkdThIdFFMM2lvYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn7CgwDQYJKoZIhvcNAQELBQADggEBAI/Hkj0+B//9iNDT3lPm7NrVTwi8O2l/ CBFSTnJWhFdRgzOyCTDxN2w0LHfRVCpHiTKJVvBxYNuzn2oEozwpG+vp0lUiMr9X 0eulD7PgGl7h+RJFt5IFOMFF6dmWf1TjUfp1YEq07L4K0OZNBvd4/pMuY9u814ou ReuHJzIZ220mGZv8trrmfh1t21TTll0f47144RwpzuyaSxWyOHp0ryTZeUELdFoS ObfxzDYkjdqr1P8aPHuzGpm9Df9QgKW5+GtjzInfM32VgOQA37xDLdAfHeyqcNJU j4Lohah7vqU/mp6feM6UUX5N5w+AGtNaCgUipn57CZiR1oi4lvQ8v5o= -----END CERTIFICATE-----Generated at Thu Aug 14 11:05:47 2025 by rpki-client