$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3326/5I2N3uPkcWAOBhpxMsJYaIrwDeU.roa File: 5I2N3uPkcWAOBhpxMsJYaIrwDeU.roa (raw, json) Hash identifier: 44C95CbZ0Hm+vZjATMtqmTKaIxfp5f2vHE+5kgVPHqo= Subject key identifier: E4:8D:8D:DE:E3:E4:71:60:0E:06:1A:71:32:C2:58:68:8A:F0:0D:E5 Certificate issuer: /CN=6A11EE47425D14EBAF2FCD24D2062B0A52BA042C Certificate serial: 0579 Authority key identifier: 6A:11:EE:47:42:5D:14:EB:AF:2F:CD:24:D2:06:2B:0A:52:BA:04:2C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ahHuR0JdFOuvL80k0gYrClK6BCw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/5I2N3uPkcWAOBhpxMsJYaIrwDeU.roa Signing time: Fri 01 Aug 2025 06:34:44 +0000 ROA not before: Fri 01 Aug 2025 06:34:44 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 134768 IP address blocks: 103.236.83.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/ahHuR0JdFOuvL80k0gYrClK6BCw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/ahHuR0JdFOuvL80k0gYrClK6BCw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ahHuR0JdFOuvL80k0gYrClK6BCw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 15:03:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1401 (0x579) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6A11EE47425D14EBAF2FCD24D2062B0A52BA042C Validity Not Before: Aug 1 06:34:44 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=E48D8DDEE3E471600E061A7132C258688AF00DE5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:39:36:a8:12:b4:4f:fc:7a:a0:59:69:bb:96: c8:aa:e4:81:90:35:af:d9:87:f6:a1:f0:c2:f3:7c: 67:51:a8:cf:da:54:54:c0:01:a1:46:24:79:89:e7: a2:21:20:eb:00:2b:c4:83:90:83:39:7d:54:17:9d: 91:87:e2:46:22:b1:60:af:a8:86:a0:3a:d0:5a:24: 1f:33:3a:53:3d:44:48:8c:4b:2c:65:7d:69:08:8d: 5f:a9:3c:19:95:f6:da:e4:c7:63:d5:6b:55:ed:17: 40:72:e0:51:5d:52:53:16:08:18:3f:c4:14:47:9e: 5b:4d:c4:40:bc:da:ef:8a:68:ee:ab:08:81:d1:e9: 6f:2e:03:8e:27:03:b2:be:24:ce:8b:d9:e6:35:96: 28:37:28:2f:15:d9:a4:29:4c:60:60:1d:76:5f:b8: 1d:75:d1:78:df:04:8e:91:e6:02:37:62:54:ff:34: d9:4f:67:4b:c4:0f:6a:84:da:7e:c4:6a:66:a5:ea: 70:b0:29:b4:af:27:71:c3:7c:ac:5a:a5:32:08:0a: 9d:52:87:03:73:60:36:63:17:7b:89:e0:63:ec:43: 8d:2c:e0:0c:23:14:48:86:22:f6:74:64:c1:90:7b: 04:4a:3a:fb:35:77:75:22:f0:ac:d9:31:cd:65:9b: bb:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:8D:8D:DE:E3:E4:71:60:0E:06:1A:71:32:C2:58:68:8A:F0:0D:E5 X509v3 Authority Key Identifier: keyid:6A:11:EE:47:42:5D:14:EB:AF:2F:CD:24:D2:06:2B:0A:52:BA:04:2C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/ahHuR0JdFOuvL80k0gYrClK6BCw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ahHuR0JdFOuvL80k0gYrClK6BCw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/5I2N3uPkcWAOBhpxMsJYaIrwDeU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.236.83.0/24 Signature Algorithm: sha256WithRSAEncryption 2d:9b:83:22:30:a3:80:13:72:e9:a4:cd:40:db:d0:33:4b:d6: f2:0b:99:c9:45:63:48:62:35:c2:dd:1c:04:a4:22:da:8e:37: 68:c5:25:d6:73:d5:06:23:fb:bb:7b:c5:b3:71:39:46:51:d3: 29:fc:28:1c:92:99:00:8d:56:e7:7e:ee:35:88:f0:3f:e2:8c: d3:08:af:e4:d4:8c:89:1c:77:f2:44:a7:4b:31:e4:6f:81:a4: 41:41:2c:88:37:c0:26:11:8c:92:92:9d:a7:7e:31:cd:f2:e2: 42:93:3f:b6:40:08:0f:51:cd:87:1a:ac:34:c1:9a:c1:a6:f3: 77:02:71:9c:1e:65:17:73:12:9e:a6:cf:79:4c:2b:de:7f:e9: 69:dd:e8:88:fb:f7:91:c4:9e:ae:dc:99:1c:b1:7e:89:ef:80: 01:32:30:3e:6e:40:3f:66:0f:50:cf:b2:df:83:6f:8d:04:63: b7:4a:11:89:2c:13:69:e8:3d:1b:b7:b7:f5:4e:8e:ff:cb:63: 53:9a:0f:3c:f5:49:b8:69:94:5b:12:51:17:87:6e:fc:34:d0: 82:ec:75:41:e1:08:11:6c:5b:e5:47:02:3e:ad:a3:b2:6f:31: 10:cc:41:2f:83:ca:25:ba:7a:51:60:73:4f:50:7d:99:d0:36: 77:ff:33:df -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBXkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkEx MUVFNDc0MjVEMTRFQkFGMkZDRDI0RDIwNjJCMEE1MkJBMDQyQzAeFw0yNTA4MDEw NjM0NDRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU0OEQ4RERFRTNFNDcx NjAwRTA2MUE3MTMyQzI1ODY4OEFGMDBERTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIOTaoErRP/HqgWWm7lsiq5IGQNa/Zh/ah8MLzfGdRqM/aVFTA AaFGJHmJ56IhIOsAK8SDkIM5fVQXnZGH4kYisWCvqIagOtBaJB8zOlM9REiMSyxl fWkIjV+pPBmV9trkx2PVa1XtF0By4FFdUlMWCBg/xBRHnltNxEC82u+KaO6rCIHR 6W8uA44nA7K+JM6L2eY1lig3KC8V2aQpTGBgHXZfuB110XjfBI6R5gI3YlT/NNlP Z0vED2qE2n7Eamal6nCwKbSvJ3HDfKxapTIICp1ShwNzYDZjF3uJ4GPsQ40s4Awj FEiGIvZ0ZMGQewRKOvs1d3Ui8KzZMc1lm7tHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU5I2N3uPkcWAOBhpxMsJYaIrwDeUwHwYDVR0jBBgwFoAUahHuR0JdFOuvL80k 0gYrClK6BCwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy Ni9haEh1UjBKZEZPdXZMODBrMGdZckNsSzZCQ3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2FoSHVSMEpkRk91dkw4MGswZ1lyQ2xLNkJDdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMjYvNUkyTjN1UGtjV0FP QmhweE1zSllhSXJ3RGVVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGfsUzANBgkqhkiG9w0BAQsFAAOCAQEALZuDIjCjgBNy6aTNQNvQM0vW8guZ yUVjSGI1wt0cBKQi2o43aMUl1nPVBiP7u3vFs3E5RlHTKfwoHJKZAI1W537uNYjw P+KM0wiv5NSMiRx38kSnSzHkb4GkQUEsiDfAJhGMkpKdp34xzfLiQpM/tkAID1HN hxqsNMGawabzdwJxnB5lF3MSnqbPeUwr3n/pad3oiPv3kcSertyZHLF+ie+AATIw Pm5AP2YPUM+y34NvjQRjt0oRiSwTaeg9G7e39U6O/8tjU5oPPPVJuGmUWxJRF4du /DTQgux1QeEIEWxb5UcCPq2jsm8xEMxBL4PKJbp6UWBzT1B9mdA2d/8z3w== -----END CERTIFICATE-----Generated at Mon Aug 11 10:46:51 2025 by rpki-client