$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3326/2QX4LRVEDMVMZXW1VLkEjWdL6-8.roa File: 2QX4LRVEDMVMZXW1VLkEjWdL6-8.roa (raw, json) Hash identifier: Z068Lx8lya3yYS5SZrGWei4fx9iLESPRYnAONqv90Yk= Subject key identifier: D9:05:F8:2D:15:44:0C:C5:4C:65:75:B5:54:B9:04:8D:67:4B:EB:EF Certificate issuer: /CN=6A11EE47425D14EBAF2FCD24D2062B0A52BA042C Certificate serial: 0588 Authority key identifier: 6A:11:EE:47:42:5D:14:EB:AF:2F:CD:24:D2:06:2B:0A:52:BA:04:2C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ahHuR0JdFOuvL80k0gYrClK6BCw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/2QX4LRVEDMVMZXW1VLkEjWdL6-8.roa Signing time: Fri 01 Aug 2025 06:36:01 +0000 ROA not before: Fri 01 Aug 2025 06:36:01 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 134768 IP address blocks: 103.236.96.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/ahHuR0JdFOuvL80k0gYrClK6BCw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/ahHuR0JdFOuvL80k0gYrClK6BCw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ahHuR0JdFOuvL80k0gYrClK6BCw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 15:03:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1416 (0x588) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6A11EE47425D14EBAF2FCD24D2062B0A52BA042C Validity Not Before: Aug 1 06:36:01 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=D905F82D15440CC54C6575B554B9048D674BEBEF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:cd:7f:41:ba:66:f0:84:3b:c4:25:85:d7:06: 75:f3:ad:ae:4a:df:df:88:b6:6b:d3:c6:64:82:d6: 79:40:86:be:8a:df:5a:ec:39:f6:b6:a0:cf:02:09: 78:e7:7f:96:00:8a:21:3d:0f:a2:bc:17:2b:ce:b1: f9:74:60:6b:c6:75:e3:ed:f8:c5:75:70:26:2e:27: e0:5e:c0:f8:a6:f4:bb:3d:8d:11:7a:28:d1:4c:81: 22:8a:f6:b1:12:49:4b:f0:b0:9f:02:39:72:23:06: 44:47:f5:6e:60:00:6c:4f:ee:3d:ce:cd:d2:02:7a: 18:97:32:fa:93:60:61:50:a6:d8:95:62:63:c1:e9: 13:b4:3d:eb:5e:cd:7c:53:ce:a6:e2:26:11:c1:e9: 22:1f:73:a5:34:84:7f:78:ed:b6:22:ec:9b:62:24: 08:63:ea:0c:dc:16:9d:2e:7e:8a:2a:3b:6e:17:c0: 8d:8d:52:80:e1:2d:d5:6e:b8:f0:58:51:70:00:1f: 35:3d:70:14:0d:ea:df:f6:a3:61:6b:64:5e:52:25: cb:b4:f3:07:ed:fa:91:27:15:f1:3f:62:37:8c:7d: 86:2e:64:06:f3:c8:94:a0:26:06:9f:ef:dc:09:3f: d7:65:00:ff:f8:f8:f7:ec:bf:f0:2a:e8:35:23:4c: fe:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:05:F8:2D:15:44:0C:C5:4C:65:75:B5:54:B9:04:8D:67:4B:EB:EF X509v3 Authority Key Identifier: keyid:6A:11:EE:47:42:5D:14:EB:AF:2F:CD:24:D2:06:2B:0A:52:BA:04:2C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/ahHuR0JdFOuvL80k0gYrClK6BCw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ahHuR0JdFOuvL80k0gYrClK6BCw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/2QX4LRVEDMVMZXW1VLkEjWdL6-8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.236.96.0/24 Signature Algorithm: sha256WithRSAEncryption 84:a6:84:04:19:c9:bf:49:28:f5:4c:05:01:16:c3:ea:13:f9: df:b8:b8:98:36:8b:f5:33:86:5c:6d:3a:17:b3:42:6d:ac:a8: 9b:5f:e0:f8:7d:eb:db:bc:24:66:1b:05:e2:f2:b3:72:d6:72: 63:c8:c1:7f:27:84:eb:68:39:77:e0:5a:26:27:ab:1d:60:58: f8:43:3c:cf:c9:38:21:a7:95:db:8f:cb:38:84:23:eb:f3:f3: e4:47:96:5d:58:10:99:f6:2b:d1:7c:9b:e8:9e:2d:f6:22:12: 7a:5c:fa:f5:f4:36:2b:3f:29:45:5c:51:1d:5e:60:25:c8:f1: c9:b0:07:f1:4c:fd:ba:0b:52:15:0e:db:72:6a:4f:98:d1:88: a5:cb:ba:0d:0e:39:3a:33:d0:e0:79:b5:56:00:66:34:a9:f4: c9:b2:ab:30:4a:7e:88:7d:db:18:a7:5d:1d:d1:99:eb:d0:ee: 36:d6:58:6d:c2:e6:e6:db:7f:91:53:6b:e5:12:d6:fe:dc:b4: c3:98:99:28:80:ab:53:a8:2c:36:04:ec:02:5e:cb:ba:28:01: e0:d6:ff:24:d9:4d:84:94:30:0c:3d:ea:59:84:4d:91:c1:5f: f3:05:60:24:41:44:26:f5:87:22:1a:9f:5a:d8:57:c9:9d:bc: a9:e7:c3:88 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBYgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkEx MUVFNDc0MjVEMTRFQkFGMkZDRDI0RDIwNjJCMEE1MkJBMDQyQzAeFw0yNTA4MDEw NjM2MDFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQ5MDVGODJEMTU0NDBD QzU0QzY1NzVCNTU0QjkwNDhENjc0QkVCRUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4zX9BumbwhDvEJYXXBnXzra5K39+ItmvTxmSC1nlAhr6K31rs Ofa2oM8CCXjnf5YAiiE9D6K8FyvOsfl0YGvGdePt+MV1cCYuJ+BewPim9Ls9jRF6 KNFMgSKK9rESSUvwsJ8COXIjBkRH9W5gAGxP7j3OzdICehiXMvqTYGFQptiVYmPB 6RO0PetezXxTzqbiJhHB6SIfc6U0hH947bYi7JtiJAhj6gzcFp0ufooqO24XwI2N UoDhLdVuuPBYUXAAHzU9cBQN6t/2o2FrZF5SJcu08wft+pEnFfE/YjeMfYYuZAbz yJSgJgaf79wJP9dlAP/4+Pfsv/Aq6DUjTP7tAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU2QX4LRVEDMVMZXW1VLkEjWdL6+8wHwYDVR0jBBgwFoAUahHuR0JdFOuvL80k 0gYrClK6BCwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy Ni9haEh1UjBKZEZPdXZMODBrMGdZckNsSzZCQ3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2FoSHVSMEpkRk91dkw4MGswZ1lyQ2xLNkJDdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMjYvMlFYNExSVkVETVZN WlhXMVZMa0VqV2RMNi04LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGfsYDANBgkqhkiG9w0BAQsFAAOCAQEAhKaEBBnJv0ko9UwFARbD6hP537i4 mDaL9TOGXG06F7NCbayom1/g+H3r27wkZhsF4vKzctZyY8jBfyeE62g5d+BaJier HWBY+EM8z8k4IaeV24/LOIQj6/Pz5EeWXVgQmfYr0Xyb6J4t9iISelz69fQ2Kz8p RVxRHV5gJcjxybAH8Uz9ugtSFQ7bcmpPmNGIpcu6DQ45OjPQ4Hm1VgBmNKn0ybKr MEp+iH3bGKddHdGZ69DuNtZYbcLm5tt/kVNr5RLW/ty0w5iZKICrU6gsNgTsAl7L uigB4Nb/JNlNhJQwDD3qWYRNkcFf8wVgJEFEJvWHIhqfWthXyZ28qefDiA== -----END CERTIFICATE-----Generated at Mon Aug 11 12:58:18 2025 by rpki-client