$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1211/6KrY2nhm8MLXD2NpreDTj3cWQAw.roa File: 6KrY2nhm8MLXD2NpreDTj3cWQAw.roa (raw, json) Hash identifier: kagSMQFROzOr1+AcUZPropBGIQWonqaQ+9kiwKcBNuQ= Subject key identifier: E8:AA:D8:DA:78:66:F0:C2:D7:0F:63:69:AD:E0:D3:8F:77:16:40:0C Certificate issuer: /CN=183D882201945BE13993B4C6DAC954F8EE426C97 Certificate serial: 1403 Authority key identifier: 18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/6KrY2nhm8MLXD2NpreDTj3cWQAw.roa Signing time: Sat 13 Sep 2025 03:06:55 +0000 ROA not before: Sat 13 Sep 2025 03:06:55 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63701 IP address blocks: 103.88.96.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 13:36:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5123 (0x1403) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=183D882201945BE13993B4C6DAC954F8EE426C97 Validity Not Before: Sep 13 03:06:55 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=E8AAD8DA7866F0C2D70F6369ADE0D38F7716400C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:0b:98:85:57:d6:fc:dc:2c:78:87:b1:b5:36: e0:18:d8:c9:cc:9e:9d:b0:fb:a0:00:e6:a1:46:d6: b2:17:29:6d:1a:8a:31:69:2c:dd:b4:a6:3c:d7:33: fa:95:d3:92:9d:5a:8c:c6:8f:b2:37:d2:db:15:00: ac:db:c0:00:a9:51:fb:56:36:7d:1a:17:96:82:44: e9:2b:32:e9:f8:c1:59:b3:d7:3a:bf:e9:71:22:1a: d9:1b:d1:bf:8a:79:32:fa:3e:a9:c3:27:c1:1b:33: 3d:65:06:a6:64:ef:6f:5c:2a:ae:68:08:74:e5:42: 75:ee:9c:bb:c7:e5:3a:5d:07:e1:2d:d9:c4:33:3e: aa:50:21:4d:f4:bd:3a:0a:cf:a9:bc:d2:90:8b:b1: 82:cf:35:83:91:33:cf:bc:d0:14:16:8d:c8:eb:76: 54:2b:a1:45:2a:80:10:95:ca:7d:b2:ea:4f:af:34: f6:88:0a:73:63:39:d1:84:c4:4c:b5:62:21:32:90: 36:56:c5:b7:a9:38:4d:d1:e2:37:09:6f:3b:98:39: c6:55:1b:71:3f:f1:2f:6f:7d:47:0f:80:a4:1e:93: 34:21:22:f3:ca:b2:c1:84:6b:2f:dc:68:b3:4f:6e: d5:26:a7:df:6d:87:25:7c:b3:93:08:53:18:6d:f8: 96:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:AA:D8:DA:78:66:F0:C2:D7:0F:63:69:AD:E0:D3:8F:77:16:40:0C X509v3 Authority Key Identifier: keyid:18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/6KrY2nhm8MLXD2NpreDTj3cWQAw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.88.96.0/22 Signature Algorithm: sha256WithRSAEncryption 8d:46:e9:68:39:26:0f:3e:be:c9:ee:f1:9b:7d:16:c2:d2:e5: 50:6d:2d:bd:d1:e6:2b:eb:27:ac:2c:33:90:d7:ea:1f:f1:1b: 1b:b6:26:e2:21:59:b4:2f:ff:09:e4:49:b4:a0:d5:37:f6:78: 73:5d:32:6b:c6:a6:ea:2f:2a:3b:a0:96:19:aa:2a:d6:1e:fd: 67:70:65:62:d9:da:85:b2:f7:62:1b:cb:12:40:30:87:19:ae: 07:70:5e:d9:da:48:9f:e9:f7:35:71:8b:33:c7:db:5b:46:f8: 56:b7:1d:26:85:19:40:52:f0:5c:45:20:d1:64:08:fe:05:13: 3c:60:66:77:36:87:d5:e1:de:1c:c9:b4:07:79:17:3a:79:c3: 2b:0c:e1:f3:6e:87:9b:c8:7b:54:ea:d6:e6:36:9e:da:0e:93: dc:1a:b6:a8:79:90:26:df:5d:8d:8c:d4:bf:ba:e9:46:6e:44: ba:0f:02:03:89:4b:99:08:f3:f8:6a:25:59:67:ea:91:d0:32: ae:77:d4:83:dd:1d:88:79:01:51:8d:6c:16:06:6e:e7:22:33: 34:6a:5f:5f:3b:62:34:74:cb:2c:66:37:fd:a4:4a:32:12:5c: 9b:23:2f:c3:6e:8f:da:97:79:47:87:9e:a0:74:c0:97:53:d2: 2c:59:e2:02 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFAMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTgz RDg4MjIwMTk0NUJFMTM5OTNCNEM2REFDOTU0RjhFRTQyNkM5NzAeFw0yNTA5MTMw MzA2NTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEU4QUFEOERBNzg2NkYw QzJENzBGNjM2OUFERTBEMzhGNzcxNjQwMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGC5iFV9b83Cx4h7G1NuAY2MnMnp2w+6AA5qFG1rIXKW0aijFp LN20pjzXM/qV05KdWozGj7I30tsVAKzbwACpUftWNn0aF5aCROkrMun4wVmz1zq/ 6XEiGtkb0b+KeTL6PqnDJ8EbMz1lBqZk729cKq5oCHTlQnXunLvH5TpdB+Et2cQz PqpQIU30vToKz6m80pCLsYLPNYORM8+80BQWjcjrdlQroUUqgBCVyn2y6k+vNPaI CnNjOdGExEy1YiEykDZWxbepOE3R4jcJbzuYOcZVG3E/8S9vfUcPgKQekzQhIvPK ssGEay/caLNPbtUmp99thyV8s5MIUxht+JYtAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU6KrY2nhm8MLXD2NpreDTj3cWQAwwHwYDVR0jBBgwFoAUGD2IIgGUW+E5k7TG 2slU+O5CbJcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx MS9HRDJJSWdHVVctRTVrN1RHMnNsVS1PNUNiSmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0dEMklJZ0dVVy1FNWs3VEcyc2xVLU81Q2JKYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTEvNktyWTJuaG04TUxY RDJOcHJlRFRqM2NXUUF3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdYYDANBgkqhkiG9w0BAQsFAAOCAQEAjUbpaDkmDz6+ye7xm30WwtLlUG0t vdHmK+snrCwzkNfqH/EbG7Ym4iFZtC//CeRJtKDVN/Z4c10ya8am6i8qO6CWGaoq 1h79Z3BlYtnahbL3YhvLEkAwhxmuB3Be2dpIn+n3NXGLM8fbW0b4VrcdJoUZQFLw XEUg0WQI/gUTPGBmdzaH1eHeHMm0B3kXOnnDKwzh826Hm8h7VOrW5jae2g6T3Bq2 qHmQJt9djYzUv7rpRm5Eug8CA4lLmQjz+GolWWfqkdAyrnfUg90diHkBUY1sFgZu 5yIzNGpfXztiNHTLLGY3/aRKMhJcmyMvw26P2pd5R4eeoHTAl1PSLFniAg== -----END CERTIFICATE-----Generated at Tue Oct 21 11:28:41 2025 by rpki-client