$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3326/2H5WyW5cNRa8IkbGIR4Z-qQQTbA.roa File: 2H5WyW5cNRa8IkbGIR4Z-qQQTbA.roa (raw, json) Hash identifier: JNnNIeVZkmRsSAr1xe+j+AWCwO2YjKG9rf+I0P8yogE= Subject key identifier: D8:7E:56:C9:6E:5C:35:16:BC:22:46:C6:21:1E:19:FA:A4:10:4D:B0 Certificate issuer: /CN=6A11EE47425D14EBAF2FCD24D2062B0A52BA042C Certificate serial: 0576 Authority key identifier: 6A:11:EE:47:42:5D:14:EB:AF:2F:CD:24:D2:06:2B:0A:52:BA:04:2C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ahHuR0JdFOuvL80k0gYrClK6BCw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/2H5WyW5cNRa8IkbGIR4Z-qQQTbA.roa Signing time: Fri 01 Aug 2025 06:34:44 +0000 ROA not before: Fri 01 Aug 2025 06:34:44 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 134768 IP address blocks: 103.236.69.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/ahHuR0JdFOuvL80k0gYrClK6BCw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/ahHuR0JdFOuvL80k0gYrClK6BCw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ahHuR0JdFOuvL80k0gYrClK6BCw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 15:03:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1398 (0x576) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6A11EE47425D14EBAF2FCD24D2062B0A52BA042C Validity Not Before: Aug 1 06:34:44 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=D87E56C96E5C3516BC2246C6211E19FAA4104DB0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:80:a0:0a:12:48:af:c6:92:85:2d:71:a4:2d: f0:40:a0:21:b6:d7:03:63:2a:45:e1:d6:9c:7e:d0: 0f:4b:76:d9:7f:9d:3c:1d:b4:fc:22:e6:91:8c:63: 80:6d:ce:18:39:34:ba:97:1f:a4:5e:38:71:0f:de: 6b:39:b6:58:63:be:ce:af:f5:6e:bf:2b:fa:64:2a: f4:7c:12:c2:3b:65:82:e3:ed:41:c2:4f:30:df:be: a7:66:82:5e:f0:0e:6e:16:45:c4:c5:d7:6a:03:8e: ed:31:43:45:2e:80:05:d7:e2:07:2f:60:38:bf:5e: a9:bf:9d:2d:f5:9d:4e:61:2a:50:66:72:dd:8d:07: 42:c8:41:ac:a7:8a:f1:28:22:10:86:7a:d4:97:5f: d8:0d:80:ff:05:8b:76:c3:0f:26:cc:cc:d4:04:1a: 11:04:3a:79:3d:49:24:09:97:01:2f:95:b2:54:6d: 24:06:4e:be:07:3a:c7:61:c3:ea:b1:d0:74:3a:5f: 42:68:e8:d7:65:77:c5:14:52:1e:76:3b:ae:8c:f9: 7d:ea:4c:b6:49:f5:df:7d:99:0d:da:9b:16:2d:9f: 81:d5:2a:e8:c4:4f:3a:cb:04:ff:63:da:67:43:2d: 35:a0:9c:fb:4a:cb:9c:e3:88:d8:b7:89:bf:de:69: 51:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:7E:56:C9:6E:5C:35:16:BC:22:46:C6:21:1E:19:FA:A4:10:4D:B0 X509v3 Authority Key Identifier: keyid:6A:11:EE:47:42:5D:14:EB:AF:2F:CD:24:D2:06:2B:0A:52:BA:04:2C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/ahHuR0JdFOuvL80k0gYrClK6BCw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ahHuR0JdFOuvL80k0gYrClK6BCw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/2H5WyW5cNRa8IkbGIR4Z-qQQTbA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.236.69.0/24 Signature Algorithm: sha256WithRSAEncryption a1:59:c5:0d:56:55:14:b6:76:26:1c:a0:c2:fa:1f:77:4b:81: f7:2d:7f:a1:80:63:fc:23:c6:44:fe:18:a1:1c:3c:4d:c1:10: ba:bf:11:2c:82:ee:d2:5c:38:bd:98:58:b0:62:74:e2:ab:b2: 58:48:2e:4a:41:9f:ce:b8:79:be:55:ed:7f:2d:c9:09:ac:5a: bc:51:56:4d:36:fa:30:79:fd:0e:76:21:cf:7c:95:b7:2b:83: 80:9a:05:00:1b:ce:ff:50:36:d5:6a:f1:40:c1:1f:c3:2e:68: ef:6e:aa:20:e4:7c:e2:4a:96:18:7f:34:f8:8b:ca:73:10:9d: 17:bd:34:b9:17:ff:4c:fa:fb:76:be:d7:ff:26:d8:c4:de:30: 21:71:82:90:ca:09:a6:f6:6e:9c:1c:53:90:fa:a9:9e:e9:a7: 88:1e:23:a8:83:d4:92:bf:d6:14:81:9d:04:a4:2b:d2:65:5b: 07:78:f3:08:1a:b8:89:2b:71:66:c4:d3:9d:ee:e5:87:f9:00: 7a:50:26:ba:10:6f:6a:b3:09:7a:32:f8:46:23:52:3e:aa:ce: 5e:d5:11:cc:f4:9f:8c:47:d1:42:11:54:63:73:06:2c:7c:ba: 86:1e:20:30:25:20:d8:3c:80:85:89:d8:71:4a:c0:26:7f:38: 70:18:ca:ae -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkEx MUVFNDc0MjVEMTRFQkFGMkZDRDI0RDIwNjJCMEE1MkJBMDQyQzAeFw0yNTA4MDEw NjM0NDRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQ4N0U1NkM5NkU1QzM1 MTZCQzIyNDZDNjIxMUUxOUZBQTQxMDREQjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+gKAKEkivxpKFLXGkLfBAoCG21wNjKkXh1px+0A9Ldtl/nTwd tPwi5pGMY4Btzhg5NLqXH6ReOHEP3ms5tlhjvs6v9W6/K/pkKvR8EsI7ZYLj7UHC TzDfvqdmgl7wDm4WRcTF12oDju0xQ0UugAXX4gcvYDi/Xqm/nS31nU5hKlBmct2N B0LIQaynivEoIhCGetSXX9gNgP8Fi3bDDybMzNQEGhEEOnk9SSQJlwEvlbJUbSQG Tr4HOsdhw+qx0HQ6X0Jo6Ndld8UUUh52O66M+X3qTLZJ9d99mQ3amxYtn4HVKujE TzrLBP9j2mdDLTWgnPtKy5zjiNi3ib/eaVHLAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU2H5WyW5cNRa8IkbGIR4Z+qQQTbAwHwYDVR0jBBgwFoAUahHuR0JdFOuvL80k 0gYrClK6BCwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy Ni9haEh1UjBKZEZPdXZMODBrMGdZckNsSzZCQ3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2FoSHVSMEpkRk91dkw4MGswZ1lyQ2xLNkJDdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMjYvMkg1V3lXNWNOUmE4 SWtiR0lSNFotcVFRVGJBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGfsRTANBgkqhkiG9w0BAQsFAAOCAQEAoVnFDVZVFLZ2Jhygwvofd0uB9y1/ oYBj/CPGRP4YoRw8TcEQur8RLILu0lw4vZhYsGJ04quyWEguSkGfzrh5vlXtfy3J CaxavFFWTTb6MHn9DnYhz3yVtyuDgJoFABvO/1A21WrxQMEfwy5o726qIOR84kqW GH80+IvKcxCdF700uRf/TPr7dr7X/ybYxN4wIXGCkMoJpvZunBxTkPqpnumniB4j qIPUkr/WFIGdBKQr0mVbB3jzCBq4iStxZsTTne7lh/kAelAmuhBvarMJejL4RiNS PqrOXtURzPSfjEfRQhFUY3MGLHy6hh4gMCUg2DyAhYnYcUrAJn84cBjKrg== -----END CERTIFICATE-----Generated at Mon Aug 11 12:52:09 2025 by rpki-client