$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2741/CHHbDf38ok5HgG-AYJgAhy91wqY.roa File: CHHbDf38ok5HgG-AYJgAhy91wqY.roa (raw, json) Hash identifier: KxJWeGq5HBzWbxvVwSmjxZ9pOeTHY0fE5UXqtx6WfOk= Subject key identifier: 08:71:DB:0D:FD:FC:A2:4E:47:80:6F:80:60:98:00:87:2F:75:C2:A6 Certificate issuer: /CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F Certificate serial: 1126 Authority key identifier: FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/CHHbDf38ok5HgG-AYJgAhy91wqY.roa Signing time: Fri 12 Sep 2025 04:50:25 +0000 ROA not before: Fri 12 Sep 2025 04:50:25 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 41717 IP address blocks: 103.116.151.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4390 (0x1126) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F Validity Not Before: Sep 12 04:50:25 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=0871DB0DFDFCA24E47806F80609800872F75C2A6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:b6:7f:1f:8c:d0:ba:9a:61:d6:03:99:64:44: 3c:eb:40:ba:d5:da:f5:75:0b:1f:d8:21:eb:05:05: 58:7d:8b:a6:58:b8:2f:43:1f:99:02:bc:5c:6e:b1: e6:00:b6:47:f4:1d:22:b4:06:ea:f6:39:02:b1:db: df:24:db:bc:c0:10:6d:61:57:bf:68:b7:6d:c5:96: b5:e1:52:ec:ef:23:88:eb:48:bd:c4:0c:d3:bc:73: 82:b4:b8:39:1a:93:f9:2b:d2:ed:09:65:01:cc:ee: de:7c:fc:0a:1c:91:b3:27:fd:0f:96:ef:7b:ee:19: 91:7d:47:8e:63:40:6f:26:a7:9c:46:4b:53:67:00: e5:b3:4d:7c:6d:e5:d6:b1:72:fb:e8:c6:09:81:54: da:90:bf:18:24:e1:56:76:70:df:cd:69:24:6e:89: 36:c2:d0:5d:fa:84:dd:45:d0:83:d7:98:dd:f5:12: 72:f9:0c:9f:03:cc:62:d2:bb:bd:9e:04:fc:44:c9: bd:1d:f4:71:d9:36:f8:8e:3b:0e:15:eb:10:08:32: 6a:d1:66:0e:0c:46:06:28:d6:c4:49:e4:c0:d7:e2: c8:dd:4f:91:70:dd:fa:af:42:2b:ef:71:f7:a6:c4: 21:81:3e:bf:83:9f:7e:a0:12:6f:30:cf:99:6d:bc: ee:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:71:DB:0D:FD:FC:A2:4E:47:80:6F:80:60:98:00:87:2F:75:C2:A6 X509v3 Authority Key Identifier: keyid:FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/CHHbDf38ok5HgG-AYJgAhy91wqY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.116.151.0/24 Signature Algorithm: sha256WithRSAEncryption 4b:8d:9e:58:c2:5d:32:7d:67:71:fa:1b:21:96:a4:12:a0:f9: 00:0d:a1:d2:dd:54:1d:66:ad:08:dd:a3:54:65:d2:f8:d4:60: eb:82:87:51:50:3e:a9:50:ac:b1:0e:5c:ea:fd:25:3a:26:58: 8f:7a:3f:bb:c2:20:84:25:ff:59:f4:61:eb:19:08:56:bb:e6: 41:91:7b:b1:31:02:7a:1f:e5:b3:9e:29:41:94:7b:f1:a7:32: f1:5e:26:ba:75:1e:0e:69:09:de:fb:1d:92:20:2d:19:e4:4c: 90:4a:20:ce:6a:24:ce:27:d7:82:b9:5d:a2:26:f3:08:a5:72: a0:30:eb:dc:7f:eb:cc:f3:5f:f2:63:02:71:67:f0:a1:d5:0f: 36:42:3e:24:00:31:ef:38:0f:eb:a2:59:02:11:27:22:97:90: 95:03:26:6a:b9:be:9d:9b:e0:9b:4e:91:c2:cb:19:f8:54:3b: 24:ab:73:a3:12:0f:05:1f:15:73:6e:df:9f:3b:88:51:54:1e: f2:b1:ec:db:88:75:a2:40:4b:93:99:32:1b:41:5f:6b:65:4b: e6:d4:4d:cf:f8:f0:23:de:6f:84:3b:97:56:75:be:55:66:37: 5a:47:b2:cc:34:75:e4:68:1b:4f:97:f4:21:59:b1:78:21:6e: b3:f3:da:27 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICESYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkFE NkI0M0MwOUQwNDkwQTBERjdGODkxREY5RjYzQjUyMENGMjEwRjAeFw0yNTA5MTIw NDUwMjVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDA4NzFEQjBERkRGQ0Ey NEU0NzgwNkY4MDYwOTgwMDg3MkY3NUMyQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9tn8fjNC6mmHWA5lkRDzrQLrV2vV1Cx/YIesFBVh9i6ZYuC9D H5kCvFxuseYAtkf0HSK0Bur2OQKx298k27zAEG1hV79ot23FlrXhUuzvI4jrSL3E DNO8c4K0uDkak/kr0u0JZQHM7t58/AockbMn/Q+W73vuGZF9R45jQG8mp5xGS1Nn AOWzTXxt5daxcvvoxgmBVNqQvxgk4VZ2cN/NaSRuiTbC0F36hN1F0IPXmN31EnL5 DJ8DzGLSu72eBPxEyb0d9HHZNviOOw4V6xAIMmrRZg4MRgYo1sRJ5MDX4sjdT5Fw 3fqvQivvcfemxCGBPr+Dn36gEm8wz5ltvO7xAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUCHHbDf38ok5HgG+AYJgAhy91wqYwHwYDVR0jBBgwFoAU+ta0PAnQSQoN9/iR 359jtSDPIQ8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0 MS8tdGEwUEFuUVNRb045X2lSMzU5anRTRFBJUTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLy10YTBQQW5RU1FvTjlfaVIzNTlqdFNEUElROC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDEvQ0hIYkRmMzhvazVI Z0ctQVlKZ0FoeTkxd3FZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGd0lzANBgkqhkiG9w0BAQsFAAOCAQEAS42eWMJdMn1ncfobIZakEqD5AA2h 0t1UHWatCN2jVGXS+NRg64KHUVA+qVCssQ5c6v0lOiZYj3o/u8IghCX/WfRh6xkI VrvmQZF7sTECeh/ls54pQZR78acy8V4munUeDmkJ3vsdkiAtGeRMkEogzmokzifX grldoibzCKVyoDDr3H/rzPNf8mMCcWfwodUPNkI+JAAx7zgP66JZAhEnIpeQlQMm arm+nZvgm06RwssZ+FQ7JKtzoxIPBR8Vc27fnzuIUVQe8rHs24h1okBLk5kyG0Ff a2VL5tRNz/jwI95vhDuXVnW+VWY3WkeyzDR15GgbT5f0IVmxeCFus/PaJw== -----END CERTIFICATE-----Generated at Mon Oct 20 05:45:36 2025 by rpki-client