$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/58THhEXzjthXcJ3JkS4y2F974wo.roa File: 58THhEXzjthXcJ3JkS4y2F974wo.roa (raw, json) Hash identifier: n6B30sBXQzpOFqAYNXwpmNsB5fr8NsO+S1I7Nm70WUE= Subject key identifier: E7:C4:C7:84:45:F3:8E:D8:57:70:9D:C9:91:2E:32:D8:5F:7B:E3:0A Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 24ED Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/58THhEXzjthXcJ3JkS4y2F974wo.roa Signing time: Sat 13 Sep 2025 03:08:50 +0000 ROA not before: Sat 13 Sep 2025 03:08:50 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 212237 IP address blocks: 103.31.236.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Oct 2025 23:37:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9453 (0x24ed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 13 03:08:50 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=E7C4C78445F38ED857709DC9912E32D85F7BE30A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:a3:b9:69:bb:42:61:2b:f6:1c:5d:8f:8c:17: 7a:3e:23:13:3a:b4:03:e6:b0:1d:d8:f8:05:37:3b: 6a:ca:46:e9:c7:b7:17:cd:e4:ab:79:10:3a:25:41: 17:00:aa:4a:c4:92:ee:52:56:9e:2e:c9:e5:3d:56: 68:58:90:37:f1:35:4b:b7:e6:61:4b:97:61:94:3b: 73:a7:77:66:f5:9e:6a:10:17:91:ba:0d:ca:63:8d: 5c:85:41:7a:ba:73:0c:0a:5d:6e:bf:e9:47:2d:81: fa:1c:64:d1:f2:d1:63:49:ff:4f:9a:9a:71:2a:5f: 98:b5:b3:c8:ab:8a:ed:f7:66:c5:75:d1:d7:19:99: 55:5f:12:d3:ec:9c:82:52:7b:04:8e:b5:59:3b:46: 55:2e:36:be:29:29:c4:1f:da:c6:76:77:ca:71:ea: a2:73:0a:d9:ea:80:6b:b6:5a:57:8e:6a:66:e8:80: 42:35:d1:56:e9:84:88:99:ab:49:e3:ab:3c:01:72: 8f:70:50:da:e3:1b:0f:13:3f:d9:c7:dc:4b:4d:88: 59:f1:73:ef:d4:4c:a0:20:fd:29:31:ef:33:41:57: 7c:0c:33:e6:28:c0:c6:15:b0:c1:e9:7b:94:a2:b4: e1:21:16:1c:a0:4a:65:37:d0:bb:5f:b3:3d:d6:aa: 6a:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:C4:C7:84:45:F3:8E:D8:57:70:9D:C9:91:2E:32:D8:5F:7B:E3:0A X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/58THhEXzjthXcJ3JkS4y2F974wo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.31.236.0/22 Signature Algorithm: sha256WithRSAEncryption d9:5a:2d:76:f2:0d:57:50:a6:60:cd:2c:b9:a0:74:22:9d:8e: 82:57:18:0d:2f:b6:3d:19:e8:95:2d:42:50:e3:ea:0d:34:bf: 64:69:20:55:ff:78:9b:36:d9:6d:8a:ed:92:44:87:84:ec:53: b5:c8:61:e7:b4:e0:a9:e5:c7:65:24:e1:fc:dd:9a:77:2c:58: f6:a7:fa:72:3a:be:f3:21:e7:88:14:41:92:06:77:0a:1a:67: 1b:cf:00:1d:d5:6f:d0:39:4f:58:7c:dd:81:44:4b:ed:23:03: 42:17:68:93:88:10:13:1a:b4:11:21:1b:99:5c:1e:0c:01:a0: e2:f7:29:8a:85:67:48:65:f2:f7:4a:b4:c8:3b:b2:36:a0:14: b6:eb:b6:66:fa:71:78:33:36:45:af:16:2e:1f:a0:41:38:cf: 88:d9:54:b9:32:2c:ce:75:80:31:e9:a2:be:d9:55:9c:d5:53: f7:af:97:5c:98:44:94:4d:b6:af:97:93:92:7d:3e:a2:3e:12: 30:eb:43:83:87:f9:3a:b5:11:39:43:d8:b9:fa:30:ef:09:88: 35:fc:60:2c:d6:b4:37:d9:98:75:2d:c8:00:cd:58:4a:0c:a0: af:26:3d:c1:33:52:ff:37:cf:e2:61:73:78:24:5c:00:a9:0f: 28:3c:ec:74 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICJO0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTA5MTMw MzA4NTBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEU3QzRDNzg0NDVGMzhF RDg1NzcwOURDOTkxMkUzMkQ4NUY3QkUzMEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpo7lpu0JhK/YcXY+MF3o+IxM6tAPmsB3Y+AU3O2rKRunHtxfN 5Kt5EDolQRcAqkrEku5SVp4uyeU9VmhYkDfxNUu35mFLl2GUO3Ond2b1nmoQF5G6 DcpjjVyFQXq6cwwKXW6/6UctgfocZNHy0WNJ/0+amnEqX5i1s8iriu33ZsV10dcZ mVVfEtPsnIJSewSOtVk7RlUuNr4pKcQf2sZ2d8px6qJzCtnqgGu2WleOambogEI1 0VbphIiZq0njqzwBco9wUNrjGw8TP9nH3EtNiFnxc+/UTKAg/Skx7zNBV3wMM+Yo wMYVsMHpe5SitOEhFhygSmU30Ltfsz3Wqmr1AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU58THhEXzjthXcJ3JkS4y2F974wowHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvNThUSGhFWHpqdGhY Y0ozSmtTNHkyRjk3NHdvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmcf7DANBgkqhkiG9w0BAQsFAAOCAQEA2VotdvINV1CmYM0suaB0Ip2OglcY DS+2PRnolS1CUOPqDTS/ZGkgVf94mzbZbYrtkkSHhOxTtchh57TgqeXHZSTh/N2a dyxY9qf6cjq+8yHniBRBkgZ3ChpnG88AHdVv0DlPWHzdgURL7SMDQhdok4gQExq0 ESEbmVweDAGg4vcpioVnSGXy90q0yDuyNqAUtuu2ZvpxeDM2Ra8WLh+gQTjPiNlU uTIsznWAMemivtlVnNVT96+XXJhElE22r5eTkn0+oj4SMOtDg4f5OrUROUPYufow 7wmINfxgLNa0N9mYdS3IAM1YSgygryY9wTNS/zfP4mFzeCRcAKkPKDzsdA== -----END CERTIFICATE-----Generated at Sun Oct 19 20:11:12 2025 by rpki-client