$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1228/TFcbNvCszglN0jbjMZDchmyixaE.roa File: TFcbNvCszglN0jbjMZDchmyixaE.roa (raw, json) Hash identifier: SCLjZ6jZjuUwcCYvhj5JUtnFHk6vbVrb1Kq+nU8tdko= Subject key identifier: 4C:57:1B:36:F0:AC:CE:09:4D:D2:36:E3:31:90:DC:86:6C:A2:C5:A1 Certificate issuer: /CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C Certificate serial: D0 Authority key identifier: AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/TFcbNvCszglN0jbjMZDchmyixaE.roa Signing time: Fri 20 Jun 2025 06:53:32 +0000 ROA not before: Fri 20 Jun 2025 06:53:32 +0000 ROA not after: Sat 16 May 2026 10:06:17 +0000 asID: 62468 IP address blocks: 103.8.223.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 16:14:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 208 (0xd0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C Validity Not Before: Jun 20 06:53:32 2025 GMT Not After : May 16 10:06:17 2026 GMT Subject: CN=4C571B36F0ACCE094DD236E33190DC866CA2C5A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:83:8b:71:a3:b5:46:2a:82:71:9f:13:14:f2: 28:24:26:5a:04:39:4a:64:be:7f:46:1f:c5:99:1d: ce:fa:99:b0:10:98:71:86:68:83:7e:63:6b:12:db: 84:65:46:76:82:fa:2a:d9:8f:2e:a7:cf:a9:14:75: 9e:75:82:c6:8c:ba:5a:d5:a9:1d:0b:4a:a6:ae:d2: 3f:cb:9b:00:e2:70:6f:70:71:b0:f0:a0:ad:06:16: 9f:04:f4:f3:53:c2:4e:09:db:c0:92:fc:41:e6:f6: d8:15:3b:e7:61:08:62:0f:37:bd:90:7a:fe:44:bc: 68:88:b7:ef:d2:41:08:3a:f4:cc:9b:bf:04:b4:07: db:54:4c:fc:18:9a:b7:f4:13:f3:c5:5b:f6:dd:3b: 29:51:da:1e:97:83:44:96:36:a9:d4:3a:65:ca:cb: 1c:f6:f7:f3:d1:3f:3c:e5:5c:c1:88:57:81:cb:41: 24:ae:0e:93:ab:bd:1b:74:4b:e0:9a:5d:f8:6a:bd: ea:0b:6a:f6:26:2c:04:20:aa:25:70:e2:6f:fc:2e: 3a:5b:b3:a2:d4:22:97:52:c5:3e:99:08:15:3c:33: 08:de:22:5e:94:ec:19:89:27:65:55:c1:7b:44:c6: 34:de:cf:60:2e:91:ff:c0:b4:61:cb:c3:d2:ff:2e: 4c:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:57:1B:36:F0:AC:CE:09:4D:D2:36:E3:31:90:DC:86:6C:A2:C5:A1 X509v3 Authority Key Identifier: keyid:AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/TFcbNvCszglN0jbjMZDchmyixaE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.8.223.0/24 Signature Algorithm: sha256WithRSAEncryption 47:a5:5c:fd:df:89:f5:79:bd:bf:57:a2:e2:b4:e0:2f:3d:b9: aa:e1:64:e0:9b:04:5b:cd:cc:a0:6e:a2:88:1e:78:ef:9b:50: ef:5a:8a:57:7d:11:c8:7b:35:2c:4b:64:1d:71:1f:51:2d:32: 52:fc:60:88:0a:fe:a0:2b:e8:e1:56:a0:49:26:7f:19:d9:ef: 14:42:3e:43:79:89:af:5d:fd:dd:7d:d4:30:16:a6:df:a6:c7: 11:e9:c6:50:26:19:95:91:2c:b6:18:6f:94:f7:8c:1c:90:51: 12:b3:01:1c:d3:b1:34:a7:d2:73:8d:fb:2d:89:7e:7a:2d:8e: b2:36:02:38:f2:6e:81:e0:99:a0:ca:57:8d:63:9e:70:8e:89: cc:4b:df:6c:22:5e:97:ad:a8:59:2a:38:f6:44:4f:79:3e:13: 38:bf:18:c0:d9:83:24:0c:2d:94:77:56:35:6b:62:55:94:19: ac:21:4c:1c:83:dd:f8:c8:51:96:c7:6c:18:ed:db:27:43:8d: 41:87:9e:9d:51:a4:95:75:a4:2b:dc:02:5a:4e:bc:10:71:d7: b7:77:87:bf:62:39:62:43:cd:64:12:46:39:4e:9d:aa:07:bb: 9c:d3:1f:3b:64:9a:0d:33:d4:00:8a:14:60:33:47:41:c1:06: 42:84:08:f3 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICANAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQURE MjcyNkRENkZGOUY1QTQ1OUFFNUIwQTlFRThFN0RERkM3RjA3QzAeFw0yNTA2MjAw NjUzMzJaFw0yNjA1MTYxMDA2MTdaMDMxMTAvBgNVBAMTKDRDNTcxQjM2RjBBQ0NF MDk0REQyMzZFMzMxOTBEQzg2NkNBMkM1QTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUg4txo7VGKoJxnxMU8igkJloEOUpkvn9GH8WZHc76mbAQmHGG aIN+Y2sS24RlRnaC+irZjy6nz6kUdZ51gsaMulrVqR0LSqau0j/LmwDicG9wcbDw oK0GFp8E9PNTwk4J28CS/EHm9tgVO+dhCGIPN72Qev5EvGiIt+/SQQg69MybvwS0 B9tUTPwYmrf0E/PFW/bdOylR2h6Xg0SWNqnUOmXKyxz29/PRPzzlXMGIV4HLQSSu DpOrvRt0S+CaXfhqveoLavYmLAQgqiVw4m/8Ljpbs6LUIpdSxT6ZCBU8MwjeIl6U 7BmJJ2VVwXtExjTez2Aukf/AtGHLw9L/Lkz3AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUTFcbNvCszglN0jbjMZDchmyixaEwHwYDVR0jBBgwFoAUrdJybdb/n1pFmuWw qe6Ofd/H8HwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIy OC9yZEp5YmRiX24xcEZtdVd3cWU2T2ZkX0g4SHcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3JkSnliZGJfbjFwRm11V3dxZTZPZmRfSDhIdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMjgvVEZjYk52Q3N6Z2xO MGpiak1aRGNobXlpeGFFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGcI3zANBgkqhkiG9w0BAQsFAAOCAQEAR6Vc/d+J9Xm9v1ei4rTgLz25quFk 4JsEW83MoG6iiB5475tQ71qKV30RyHs1LEtkHXEfUS0yUvxgiAr+oCvo4VagSSZ/ GdnvFEI+Q3mJr1393X3UMBam36bHEenGUCYZlZEsthhvlPeMHJBRErMBHNOxNKfS c437LYl+ei2OsjYCOPJugeCZoMpXjWOecI6JzEvfbCJel62oWSo49kRPeT4TOL8Y wNmDJAwtlHdWNWtiVZQZrCFMHIPd+MhRlsdsGO3bJ0ONQYeenVGklXWkK9wCWk68 EHHXt3eHv2I5YkPNZBJGOU6dqge7nNMfO2SaDTPUAIoUYDNHQcEGQoQI8w== -----END CERTIFICATE-----Generated at Thu Jul 3 15:46:27 2025 by rpki-client