$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2742/-a1jdxdHPICbVsGbYZhm8xBMOls.roa File: -a1jdxdHPICbVsGbYZhm8xBMOls.roa (raw, json) Hash identifier: 9kCwOnNKxY6VM8dDFxiIule25mLmEQcmiPBStuJwclU= Subject key identifier: F9:AD:63:77:17:47:3C:80:9B:56:C1:9B:61:98:66:F3:10:4C:3A:5B Certificate issuer: /CN=D6DD0B467EE8D75B15146628C991AC3140558F94 Certificate serial: 2009 Authority key identifier: D6:DD:0B:46:7E:E8:D7:5B:15:14:66:28:C9:91:AC:31:40:55:8F:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1t0LRn7o11sVFGYoyZGsMUBVj5Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2742/-a1jdxdHPICbVsGbYZhm8xBMOls.roa Signing time: Sat 13 Sep 2025 03:10:04 +0000 ROA not before: Sat 13 Sep 2025 03:10:04 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 56005 IP address blocks: 103.22.188.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2742/1t0LRn7o11sVFGYoyZGsMUBVj5Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2742/1t0LRn7o11sVFGYoyZGsMUBVj5Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1t0LRn7o11sVFGYoyZGsMUBVj5Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8201 (0x2009) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D6DD0B467EE8D75B15146628C991AC3140558F94 Validity Not Before: Sep 13 03:10:04 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=F9AD637717473C809B56C19B619866F3104C3A5B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:ac:b7:8f:d1:fb:67:d5:4a:7c:5a:26:ca:e2: c7:77:af:24:3f:0c:11:27:8a:0f:c6:68:03:bc:2b: bb:30:0b:5b:a1:af:0f:4a:ab:75:51:84:85:19:26: bd:8e:da:1e:aa:aa:36:7b:f6:9d:fa:b4:93:5a:67: 93:f6:10:63:cd:38:a7:b3:26:00:de:5d:d5:4d:27: aa:db:d0:ec:18:d1:ab:18:3e:0c:7a:70:da:ae:66: 80:35:ba:dc:97:93:14:be:c8:d9:4b:8b:cd:f2:38: f1:51:27:42:64:97:71:0b:b6:86:ff:b3:74:7e:4c: 75:5b:74:f1:37:05:ef:d6:d8:8a:4a:94:37:df:74: 4d:c6:86:99:61:5e:3d:13:13:df:c6:ba:a1:36:56: 3b:14:43:53:39:1c:c2:a0:28:d1:0a:c6:26:4e:f2: 39:de:33:0a:cc:af:b1:4d:cf:c1:08:43:10:bf:17: 2f:1a:db:7c:63:df:80:e9:c2:3c:ea:eb:d2:95:31: 23:a8:93:53:78:fc:b2:03:dd:78:34:df:aa:88:6a: 93:5d:1d:a6:49:98:a3:3d:ef:fd:a9:b9:da:4d:ef: c6:da:5c:5e:61:d2:7b:3c:1c:c0:86:08:a4:a1:92: 89:be:04:e5:5a:39:fc:a1:87:1b:0c:12:ac:2d:8e: 49:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:AD:63:77:17:47:3C:80:9B:56:C1:9B:61:98:66:F3:10:4C:3A:5B X509v3 Authority Key Identifier: keyid:D6:DD:0B:46:7E:E8:D7:5B:15:14:66:28:C9:91:AC:31:40:55:8F:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2742/1t0LRn7o11sVFGYoyZGsMUBVj5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1t0LRn7o11sVFGYoyZGsMUBVj5Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2742/-a1jdxdHPICbVsGbYZhm8xBMOls.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.22.188.0/24 Signature Algorithm: sha256WithRSAEncryption 78:a0:56:76:2d:69:de:df:32:93:48:c6:0e:43:60:71:74:29: 77:55:ed:d8:6c:10:d6:f7:46:03:7a:80:9e:d7:70:00:82:eb: a0:2c:50:e6:be:5f:68:55:0e:cb:49:37:44:c4:89:b6:9f:20: 19:3b:35:47:54:45:71:79:23:99:62:5d:2f:0d:a3:70:36:bd: 0b:db:dd:14:2d:90:67:18:a5:94:ac:d5:a7:68:20:88:7a:0e: 92:cb:fe:c4:ce:ba:6a:2f:3a:c3:37:a6:24:f5:90:d6:07:7c: c8:75:a7:46:06:f9:ff:ba:9c:f6:de:08:be:22:ab:83:54:f1: 25:6e:0e:db:4c:fe:78:d5:2b:85:13:9c:cc:9b:f4:6e:ad:7c: 59:de:47:7d:83:6d:ab:d4:af:49:5d:f0:20:47:16:d3:3f:e9: 78:38:63:4d:23:62:87:0b:33:e5:16:9c:26:f1:1c:f3:d5:0c: 56:93:93:4c:5c:89:2d:ea:51:67:55:16:ed:d5:3e:0c:3d:f9: a8:75:81:5f:f4:50:57:dc:49:c8:b4:0f:86:a1:b6:29:dc:94: c3:57:39:d2:58:de:d8:d5:2e:1c:c7:ae:76:c4:07:6e:f6:ea: 86:06:e1:04:bd:81:49:48:fe:de:7b:8f:ab:1e:60:30:0b:93: f6:14:3c:2e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIAkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDZE RDBCNDY3RUU4RDc1QjE1MTQ2NjI4Qzk5MUFDMzE0MDU1OEY5NDAeFw0yNTA5MTMw MzEwMDRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEY5QUQ2Mzc3MTc0NzND ODA5QjU2QzE5QjYxOTg2NkYzMTA0QzNBNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNrLeP0ftn1Up8WibK4sd3ryQ/DBEnig/GaAO8K7swC1uhrw9K q3VRhIUZJr2O2h6qqjZ79p36tJNaZ5P2EGPNOKezJgDeXdVNJ6rb0OwY0asYPgx6 cNquZoA1utyXkxS+yNlLi83yOPFRJ0Jkl3ELtob/s3R+THVbdPE3Be/W2IpKlDff dE3GhplhXj0TE9/GuqE2VjsUQ1M5HMKgKNEKxiZO8jneMwrMr7FNz8EIQxC/Fy8a 23xj34Dpwjzq69KVMSOok1N4/LID3Xg036qIapNdHaZJmKM97/2pudpN78baXF5h 0ns8HMCGCKShkom+BOVaOfyhhxsMEqwtjklbAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU+a1jdxdHPICbVsGbYZhm8xBMOlswHwYDVR0jBBgwFoAU1t0LRn7o11sVFGYo yZGsMUBVj5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0 Mi8xdDBMUm43bzExc1ZGR1lveVpHc01VQlZqNVEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzF0MExSbjdvMTFzVkZHWW95WkdzTVVCVmo1US5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDIvLWExamR4ZEhQSUNi VnNHYllaaG04eEJNT2xzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGcWvDANBgkqhkiG9w0BAQsFAAOCAQEAeKBWdi1p3t8yk0jGDkNgcXQpd1Xt 2GwQ1vdGA3qAntdwAILroCxQ5r5faFUOy0k3RMSJtp8gGTs1R1RFcXkjmWJdLw2j cDa9C9vdFC2QZxillKzVp2ggiHoOksv+xM66ai86wzemJPWQ1gd8yHWnRgb5/7qc 9t4IviKrg1TxJW4O20z+eNUrhROczJv0bq18Wd5HfYNtq9SvSV3wIEcW0z/peDhj TSNihwsz5RacJvEc89UMVpOTTFyJLepRZ1UW7dU+DD35qHWBX/RQV9xJyLQPhqG2 KdyUw1c50lje2NUuHMeudsQHbvbqhgbhBL2BSUj+3nuPqx5gMAuT9hQ8Lg== -----END CERTIFICATE-----Generated at Mon Oct 20 11:19:13 2025 by rpki-client