$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2722/47hrNvzVcZJw6v6P5agMtQOOujk.roa File: 47hrNvzVcZJw6v6P5agMtQOOujk.roa (raw, json) Hash identifier: eYlijcy4BK3MqwbIE3h0JqU0lEjfO1urThnUFR1wpLM= Subject key identifier: E3:B8:6B:36:FC:D5:71:92:70:EA:FE:8F:E5:A8:0C:B5:03:8E:BA:39 Certificate issuer: /CN=75637BADD837B67150E80F9C8E2F0C5AE551B791 Certificate serial: 2077 Authority key identifier: 75:63:7B:AD:D8:37:B6:71:50:E8:0F:9C:8E:2F:0C:5A:E5:51:B7:91 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dWN7rdg3tnFQ6A-cji8MWuVRt5E.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2722/47hrNvzVcZJw6v6P5agMtQOOujk.roa Signing time: Sat 13 Sep 2025 03:02:29 +0000 ROA not before: Sat 13 Sep 2025 03:02:29 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137806 IP address blocks: 103.114.236.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2722/dWN7rdg3tnFQ6A-cji8MWuVRt5E.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2722/dWN7rdg3tnFQ6A-cji8MWuVRt5E.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dWN7rdg3tnFQ6A-cji8MWuVRt5E.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 04:04:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8311 (0x2077) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75637BADD837B67150E80F9C8E2F0C5AE551B791 Validity Not Before: Sep 13 03:02:29 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=E3B86B36FCD5719270EAFE8FE5A80CB5038EBA39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:60:fe:cb:fc:35:2b:87:69:ae:bc:b8:ee:41: b3:f2:c0:9e:b3:b5:75:24:86:e6:38:7b:3d:06:ad: 16:23:94:5e:45:01:60:b9:3f:f5:bc:5a:4f:7a:70: 64:44:12:a9:66:d1:7e:ec:24:fe:99:9e:ef:fc:b9: 71:7c:06:da:3e:71:95:eb:05:fb:62:ad:9a:6f:a3: 02:2a:d0:37:9b:25:75:64:60:f0:dc:d8:47:7f:d3: 2e:0b:d7:67:12:18:13:a6:26:4d:13:d8:5f:49:94: be:c9:75:74:5b:cb:c4:f6:55:30:2c:24:b7:84:71: ff:ea:1b:d2:f5:3e:70:16:34:96:8e:bb:bc:ec:8d: 6c:81:b1:55:be:b2:d0:25:2e:df:d8:21:c8:a1:32: 94:07:51:09:06:55:e6:0a:fd:36:3f:1f:85:24:e6: 55:a9:40:b5:2f:91:3b:00:27:07:6e:5e:14:c4:f4: c2:fb:ec:c0:69:18:81:14:14:a0:d4:e7:d5:be:ad: 40:59:6e:00:9c:4a:20:31:df:0a:c8:4e:ef:8a:19: 28:56:6e:19:f6:fd:5f:a5:12:e6:db:6b:38:da:5b: 64:4c:29:21:07:f3:76:08:de:e1:4d:64:af:29:9c: e4:88:17:cd:41:6e:c0:c1:9b:6f:3c:47:20:ea:2d: ef:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:B8:6B:36:FC:D5:71:92:70:EA:FE:8F:E5:A8:0C:B5:03:8E:BA:39 X509v3 Authority Key Identifier: keyid:75:63:7B:AD:D8:37:B6:71:50:E8:0F:9C:8E:2F:0C:5A:E5:51:B7:91 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2722/dWN7rdg3tnFQ6A-cji8MWuVRt5E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dWN7rdg3tnFQ6A-cji8MWuVRt5E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2722/47hrNvzVcZJw6v6P5agMtQOOujk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.114.236.0/24 Signature Algorithm: sha256WithRSAEncryption 26:fe:84:61:39:f6:39:cd:ed:1d:c4:03:1e:b1:05:61:e2:20: 0e:af:72:95:ae:de:2f:00:56:ed:bf:68:25:dd:ca:03:c5:ea: 18:ec:d6:a6:42:de:4f:bb:7c:f6:66:ab:b4:5d:98:52:52:f7: 8b:c3:9a:6f:bc:dd:93:e1:8b:ea:da:f5:a7:49:db:0e:71:94: 14:d2:84:67:74:71:2d:8b:4f:f4:44:17:4a:7c:80:e2:49:24: 0e:26:5a:b7:b3:dc:71:ca:f0:bc:7f:bd:26:39:44:c4:84:18: 04:fc:5c:82:6d:03:fb:8e:5d:47:ee:de:31:78:70:0d:1f:77: e8:ac:95:41:72:af:a4:97:89:3c:3d:21:cb:5b:20:8b:30:3c: 83:75:4d:be:27:b0:cd:f3:27:09:76:08:a6:3c:6b:2d:02:3e: 4b:26:bc:6f:fa:c1:b0:1e:21:77:fd:c2:90:e1:8d:6f:ae:0f: b7:58:7f:0d:71:bc:1a:b3:ed:98:ac:37:4c:b3:29:15:62:a3: bf:64:40:3a:5c:a1:2f:62:0c:7d:60:58:80:b9:62:fb:c9:73: 44:b4:6e:6b:d8:ee:ab:08:d5:f2:74:eb:bc:b1:d8:fd:88:34: 7a:25:9c:55:a5:35:12:7e:4d:b3:ca:bf:d8:04:96:db:75:11: e3:59:04:c9 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIHcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzU2 MzdCQUREODM3QjY3MTUwRTgwRjlDOEUyRjBDNUFFNTUxQjc5MTAeFw0yNTA5MTMw MzAyMjlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEUzQjg2QjM2RkNENTcx OTI3MEVBRkU4RkU1QTgwQ0I1MDM4RUJBMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8YP7L/DUrh2muvLjuQbPywJ6ztXUkhuY4ez0GrRYjlF5FAWC5 P/W8Wk96cGREEqlm0X7sJP6Znu/8uXF8Bto+cZXrBftirZpvowIq0DebJXVkYPDc 2Ed/0y4L12cSGBOmJk0T2F9JlL7JdXRby8T2VTAsJLeEcf/qG9L1PnAWNJaOu7zs jWyBsVW+stAlLt/YIcihMpQHUQkGVeYK/TY/H4Uk5lWpQLUvkTsAJwduXhTE9ML7 7MBpGIEUFKDU59W+rUBZbgCcSiAx3wrITu+KGShWbhn2/V+lEubbazjaW2RMKSEH 83YI3uFNZK8pnOSIF81BbsDBm288RyDqLe+HAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU47hrNvzVcZJw6v6P5agMtQOOujkwHwYDVR0jBBgwFoAUdWN7rdg3tnFQ6A+c ji8MWuVRt5EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcy Mi9kV043cmRnM3RuRlE2QS1jamk4TVd1VlJ0NUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2RXTjdyZGczdG5GUTZBLWNqaThNV3VWUnQ1RS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MjIvNDdock52elZjWkp3 NnY2UDVhZ010UU9PdWprLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGdy7DANBgkqhkiG9w0BAQsFAAOCAQEAJv6EYTn2Oc3tHcQDHrEFYeIgDq9y la7eLwBW7b9oJd3KA8XqGOzWpkLeT7t89martF2YUlL3i8Oab7zdk+GL6tr1p0nb DnGUFNKEZ3RxLYtP9EQXSnyA4kkkDiZat7PcccrwvH+9JjlExIQYBPxcgm0D+45d R+7eMXhwDR936KyVQXKvpJeJPD0hy1sgizA8g3VNviewzfMnCXYIpjxrLQI+Sya8 b/rBsB4hd/3CkOGNb64Pt1h/DXG8GrPtmKw3TLMpFWKjv2RAOlyhL2IMfWBYgLli +8lzRLRua9juqwjV8nTrvLHY/Yg0eiWcVaU1En5Ns8q/2ASW23UR41kEyQ== -----END CERTIFICATE-----Generated at Tue Oct 21 02:19:23 2025 by rpki-client