$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3326/Xa7lYx4yjdKh8irwlnQDp6FoQYo.roa File: Xa7lYx4yjdKh8irwlnQDp6FoQYo.roa (raw, json) Hash identifier: ugDi61GfY5BE8B1OHrmov+Wim0xa0cuRzFOrmZy4640= Subject key identifier: 5D:AE:E5:63:1E:32:8D:D2:A1:F2:2A:F0:96:74:03:A7:A1:68:41:8A Certificate issuer: /CN=6A11EE47425D14EBAF2FCD24D2062B0A52BA042C Certificate serial: 0580 Authority key identifier: 6A:11:EE:47:42:5D:14:EB:AF:2F:CD:24:D2:06:2B:0A:52:BA:04:2C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ahHuR0JdFOuvL80k0gYrClK6BCw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/Xa7lYx4yjdKh8irwlnQDp6FoQYo.roa Signing time: Fri 01 Aug 2025 06:34:47 +0000 ROA not before: Fri 01 Aug 2025 06:34:47 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 134768 IP address blocks: 103.236.79.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/ahHuR0JdFOuvL80k0gYrClK6BCw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/ahHuR0JdFOuvL80k0gYrClK6BCw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ahHuR0JdFOuvL80k0gYrClK6BCw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 15:03:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1408 (0x580) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6A11EE47425D14EBAF2FCD24D2062B0A52BA042C Validity Not Before: Aug 1 06:34:47 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=5DAEE5631E328DD2A1F22AF0967403A7A168418A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:49:04:40:3b:f4:8e:06:57:9c:92:2e:d6:ea: cb:9a:6d:60:31:22:af:a8:8e:81:f2:61:ae:bc:8b: 8f:6d:6e:7d:04:a9:36:21:09:e6:84:23:2d:c2:b3: e3:81:0b:66:9e:c1:6d:75:d3:4f:dc:77:af:27:3d: 2c:b5:42:33:76:6e:6a:98:11:31:73:e7:c3:57:a6: fc:57:58:eb:9a:a3:34:6c:ea:73:6d:46:d9:50:b3: 1b:24:d5:f2:81:df:7c:c5:df:d2:9a:b0:ca:dd:5c: 16:f8:97:d8:e4:a6:c4:2f:9f:4d:d1:18:48:25:91: 02:86:54:e0:7f:a2:1d:71:16:f3:74:2d:1e:b4:32: 8f:6b:e4:f4:3d:03:1f:1f:3e:00:12:c8:37:32:9f: 5c:9e:a3:ea:43:25:ce:dd:ce:4b:7a:d0:7b:e2:d2: d0:7f:1f:6b:2d:e8:35:9b:33:5e:f0:40:86:bb:74: 75:41:cb:ac:ee:35:2c:e8:e4:bd:92:d5:fd:bf:79: 6c:5c:c0:35:cd:a6:9c:ae:5f:1f:d5:45:99:81:92: 73:65:d8:a7:dc:f8:ec:78:7e:51:b1:f5:1f:e5:39: 38:dc:49:2a:06:4b:38:40:64:86:02:74:19:d8:3a: 92:81:40:4b:f8:c5:ac:72:a2:a6:ef:cc:a6:49:93: a1:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:AE:E5:63:1E:32:8D:D2:A1:F2:2A:F0:96:74:03:A7:A1:68:41:8A X509v3 Authority Key Identifier: keyid:6A:11:EE:47:42:5D:14:EB:AF:2F:CD:24:D2:06:2B:0A:52:BA:04:2C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/ahHuR0JdFOuvL80k0gYrClK6BCw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ahHuR0JdFOuvL80k0gYrClK6BCw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3326/Xa7lYx4yjdKh8irwlnQDp6FoQYo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.236.79.0/24 Signature Algorithm: sha256WithRSAEncryption 01:e9:59:6a:65:56:56:0d:3f:b6:29:92:10:e5:09:0a:02:96: 67:1c:a2:0b:c4:fc:92:9c:35:7d:3f:88:ee:c0:f7:34:ca:5b: b4:3e:3d:e6:bb:aa:6b:e9:b1:0a:c4:50:bc:83:aa:3b:43:b4: fc:0c:de:95:cd:3b:d1:fd:77:7a:f0:38:8f:05:82:bd:f8:28: 9d:ef:33:1d:b7:41:18:26:25:fb:f9:54:29:47:63:7a:f8:83: cd:3a:9a:48:f0:51:bf:c9:99:2c:6a:f5:8b:c8:a7:46:15:8b: e4:45:ad:7b:ad:87:10:9f:b5:32:22:ac:76:a6:40:02:c3:4a: 74:8f:8b:88:76:a8:f9:28:03:7f:bb:9c:c4:da:34:09:d1:e9: d2:82:f3:f4:0b:cd:47:1f:f7:d2:e7:5a:08:b4:19:72:30:32: d9:6d:cf:82:61:63:2a:8e:be:9b:2c:48:a9:2f:35:a2:52:08: 72:9e:01:ff:80:18:58:87:ff:32:71:29:84:b2:3a:8e:6c:7a: 68:ef:a1:1f:f0:80:79:8d:66:19:3a:0a:44:fd:9b:44:07:ba: 8d:4e:1c:3e:74:73:cc:78:07:67:6f:c0:38:8a:03:af:ec:7f: a6:f4:77:e7:c1:3a:f5:f7:82:a3:3a:ca:d8:cd:e4:03:e4:9e: 6f:3a:fc:04 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBYAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkEx MUVFNDc0MjVEMTRFQkFGMkZDRDI0RDIwNjJCMEE1MkJBMDQyQzAeFw0yNTA4MDEw NjM0NDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVEQUVFNTYzMUUzMjhE RDJBMUYyMkFGMDk2NzQwM0E3QTE2ODQxOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDmSQRAO/SOBlecki7W6suabWAxIq+ojoHyYa68i49tbn0EqTYh CeaEIy3Cs+OBC2aewW1100/cd68nPSy1QjN2bmqYETFz58NXpvxXWOuaozRs6nNt RtlQsxsk1fKB33zF39KasMrdXBb4l9jkpsQvn03RGEglkQKGVOB/oh1xFvN0LR60 Mo9r5PQ9Ax8fPgASyDcyn1yeo+pDJc7dzkt60Hvi0tB/H2st6DWbM17wQIa7dHVB y6zuNSzo5L2S1f2/eWxcwDXNppyuXx/VRZmBknNl2Kfc+Ox4flGx9R/lOTjcSSoG SzhAZIYCdBnYOpKBQEv4xaxyoqbvzKZJk6GHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUXa7lYx4yjdKh8irwlnQDp6FoQYowHwYDVR0jBBgwFoAUahHuR0JdFOuvL80k 0gYrClK6BCwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy Ni9haEh1UjBKZEZPdXZMODBrMGdZckNsSzZCQ3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2FoSHVSMEpkRk91dkw4MGswZ1lyQ2xLNkJDdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMjYvWGE3bFl4NHlqZEto OGlyd2xuUURwNkZvUVlvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGfsTzANBgkqhkiG9w0BAQsFAAOCAQEAAelZamVWVg0/timSEOUJCgKWZxyi C8T8kpw1fT+I7sD3NMpbtD495ruqa+mxCsRQvIOqO0O0/Azelc070f13evA4jwWC vfgone8zHbdBGCYl+/lUKUdjeviDzTqaSPBRv8mZLGr1i8inRhWL5EWte62HEJ+1 MiKsdqZAAsNKdI+LiHao+SgDf7ucxNo0CdHp0oLz9AvNRx/30udaCLQZcjAy2W3P gmFjKo6+myxIqS81olIIcp4B/4AYWIf/MnEphLI6jmx6aO+hH/CAeY1mGToKRP2b RAe6jU4cPnRzzHgHZ2/AOIoDr+x/pvR358E69feCozrK2M3kA+Sebzr8BA== -----END CERTIFICATE-----Generated at Mon Aug 11 10:40:05 2025 by rpki-client