$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3326/Qc5I9YO8gRrSoNRXtgZARh5TvQA.roa File: Qc5I9YO8gRrSoNRXtgZARh5TvQA.roa (raw, json) Hash identifier: 3oM+ECH1Cq6aZZOT6oeuBtC615qjF1YCuVF8tJwvO4E= Subject key identifier: 41:CE:48:F5:83:BC:81:1A:D2:A0:D4:57:B6:06:40:46:1E:53:BD:00 Certificate issuer: /CN=6A11EE47425D14EBAF2FCD24D2062B0A52BA042C Certificate serial: 0575 Authority key identifier: 6A:11:EE:47:42:5D:14:EB:AF:2F:CD:24:D2:06:2B:0A:52:BA:04:2C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ahHuR0JdFOuvL80k0gYrClK6BCw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/Qc5I9YO8gRrSoNRXtgZARh5TvQA.roa Signing time: Fri 01 Aug 2025 06:34:44 +0000 ROA not before: Fri 01 Aug 2025 06:34:44 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 134768 IP address blocks: 103.236.75.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/ahHuR0JdFOuvL80k0gYrClK6BCw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/ahHuR0JdFOuvL80k0gYrClK6BCw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ahHuR0JdFOuvL80k0gYrClK6BCw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 15:03:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1397 (0x575) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6A11EE47425D14EBAF2FCD24D2062B0A52BA042C Validity Not Before: Aug 1 06:34:44 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=41CE48F583BC811AD2A0D457B60640461E53BD00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ea:b1:d3:b4:51:4f:17:d3:e4:22:49:f2:1b: 95:a7:a3:a6:d8:26:94:7b:47:f1:02:74:50:c3:45: 69:0d:5d:39:88:6c:c0:9a:d4:fd:5b:44:4d:a5:70: cb:82:b5:f3:68:a5:94:d0:95:0f:9b:41:e7:bf:93: 49:dc:d4:11:ef:64:26:d0:cd:ec:33:3b:62:3f:ac: 15:85:9c:8d:47:d1:32:38:d7:ec:d1:9b:aa:94:3b: f9:53:bf:7d:65:75:98:33:a4:b3:79:c7:7e:d9:8c: 26:6e:5f:1e:ad:b4:b3:76:15:4b:e2:b8:60:8c:50: c0:78:96:f0:24:19:52:17:6b:f7:0b:b2:a2:f1:44: 9f:bf:ce:2a:19:87:10:30:df:87:a5:19:48:a8:0f: 12:de:61:7f:03:3a:d6:09:82:ef:3d:67:1a:bc:40: 0c:53:f1:82:14:db:e6:30:93:c0:b6:b5:de:0b:2c: a6:4e:25:22:1f:d2:d7:6b:e8:c9:a7:1c:1f:5f:e3: 13:2c:5b:ed:9e:c9:bc:5c:8b:fd:59:91:05:d8:94: 1b:82:73:c2:84:73:3b:32:ec:44:25:0a:38:11:fb: f4:65:b4:4d:2f:46:f7:ff:54:d2:ec:aa:4d:12:64: 11:3e:c6:79:7c:92:91:3b:2a:76:63:b7:8a:b6:6a: 8b:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:CE:48:F5:83:BC:81:1A:D2:A0:D4:57:B6:06:40:46:1E:53:BD:00 X509v3 Authority Key Identifier: keyid:6A:11:EE:47:42:5D:14:EB:AF:2F:CD:24:D2:06:2B:0A:52:BA:04:2C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/ahHuR0JdFOuvL80k0gYrClK6BCw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ahHuR0JdFOuvL80k0gYrClK6BCw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/Qc5I9YO8gRrSoNRXtgZARh5TvQA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.236.75.0/24 Signature Algorithm: sha256WithRSAEncryption 42:33:71:d5:5c:0b:0e:35:34:0f:86:98:ed:75:74:53:a6:86: 9f:59:48:64:58:25:85:09:0f:65:3a:6d:28:f9:3a:98:6f:e9: 13:e4:6a:ad:bf:4c:4b:cc:2d:42:30:af:2d:fd:d9:95:76:cb: 2f:a9:7b:90:d2:9e:50:49:19:61:79:36:88:68:1a:ca:5b:05: 6e:50:aa:a3:f5:41:9e:e6:91:e4:ec:79:18:ae:cd:9e:bb:2e: 01:f7:50:f6:6e:04:ee:fe:26:18:a3:ec:40:ef:ed:50:67:8d: 11:41:31:31:41:45:7a:2c:13:79:9d:fa:dd:45:bf:ac:3c:14: 99:a6:01:f1:1c:99:d5:27:7f:51:9d:f8:8b:f8:a5:68:ef:ca: de:23:3d:04:d0:53:80:9a:94:7d:0b:96:1b:a7:4f:3a:79:78: 3b:af:c2:c3:cf:90:7f:67:14:18:b1:0d:a6:fc:79:20:a8:e9: 80:01:5e:ba:41:6f:db:c3:0a:b8:b1:05:c2:fd:20:82:02:a3: ad:04:2d:cc:18:b2:52:d9:63:3f:48:3e:a7:26:02:82:e5:4e: 55:cd:3d:fa:0a:23:03:a3:85:05:7e:d5:f0:7d:2e:8e:6e:92: 9c:c7:21:ea:31:8f:df:80:b5:a5:d8:ca:5e:e0:52:47:b5:ee: 0b:18:fc:41 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBXUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkEx MUVFNDc0MjVEMTRFQkFGMkZDRDI0RDIwNjJCMEE1MkJBMDQyQzAeFw0yNTA4MDEw NjM0NDRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQxQ0U0OEY1ODNCQzgx MUFEMkEwRDQ1N0I2MDY0MDQ2MUU1M0JEMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDP6rHTtFFPF9PkIknyG5Wno6bYJpR7R/ECdFDDRWkNXTmIbMCa 1P1bRE2lcMuCtfNopZTQlQ+bQee/k0nc1BHvZCbQzewzO2I/rBWFnI1H0TI41+zR m6qUO/lTv31ldZgzpLN5x37ZjCZuXx6ttLN2FUviuGCMUMB4lvAkGVIXa/cLsqLx RJ+/zioZhxAw34elGUioDxLeYX8DOtYJgu89Zxq8QAxT8YIU2+Ywk8C2td4LLKZO JSIf0tdr6MmnHB9f4xMsW+2eybxci/1ZkQXYlBuCc8KEczsy7EQlCjgR+/RltE0v Rvf/VNLsqk0SZBE+xnl8kpE7KnZjt4q2aosDAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUQc5I9YO8gRrSoNRXtgZARh5TvQAwHwYDVR0jBBgwFoAUahHuR0JdFOuvL80k 0gYrClK6BCwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy Ni9haEh1UjBKZEZPdXZMODBrMGdZckNsSzZCQ3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2FoSHVSMEpkRk91dkw4MGswZ1lyQ2xLNkJDdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMjYvUWM1STlZTzhnUnJT b05SWHRnWkFSaDVUdlFBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGfsSzANBgkqhkiG9w0BAQsFAAOCAQEAQjNx1VwLDjU0D4aY7XV0U6aGn1lI ZFglhQkPZTptKPk6mG/pE+Rqrb9MS8wtQjCvLf3ZlXbLL6l7kNKeUEkZYXk2iGga ylsFblCqo/VBnuaR5Ox5GK7NnrsuAfdQ9m4E7v4mGKPsQO/tUGeNEUExMUFFeiwT eZ363UW/rDwUmaYB8RyZ1Sd/UZ34i/ilaO/K3iM9BNBTgJqUfQuWG6dPOnl4O6/C w8+Qf2cUGLENpvx5IKjpgAFeukFv28MKuLEFwv0gggKjrQQtzBiyUtljP0g+pyYC guVOVc09+gojA6OFBX7V8H0ujm6SnMch6jGP34C1pdjKXuBSR7XuCxj8QQ== -----END CERTIFICATE-----Generated at Mon Aug 11 10:41:34 2025 by rpki-client