$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3026/MXwOSZHCaoPvb25YZ56czi2fazA.roa File: MXwOSZHCaoPvb25YZ56czi2fazA.roa (raw, json) Hash identifier: Yw/PR4p3h5AXTNKn49kUWhD9o02vHsqXzq6mOO9H2Iw= Subject key identifier: 31:7C:0E:49:91:C2:6A:83:EF:6F:6E:58:67:9E:9C:CE:2D:9F:6B:30 Certificate issuer: /CN=0CB04CC5A6B39B148DD710EF5C6E3F2D9380B455 Certificate serial: 06F1 Authority key identifier: 0C:B0:4C:C5:A6:B3:9B:14:8D:D7:10:EF:5C:6E:3F:2D:93:80:B4:55 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DLBMxaazmxSN1xDvXG4_LZOAtFU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3026/MXwOSZHCaoPvb25YZ56czi2fazA.roa Signing time: Fri 22 Aug 2025 15:20:09 +0000 ROA not before: Fri 22 Aug 2025 15:20:09 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 55991 IP address blocks: 103.235.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3026/DLBMxaazmxSN1xDvXG4_LZOAtFU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3026/DLBMxaazmxSN1xDvXG4_LZOAtFU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DLBMxaazmxSN1xDvXG4_LZOAtFU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 11:04:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1777 (0x6f1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0CB04CC5A6B39B148DD710EF5C6E3F2D9380B455 Validity Not Before: Aug 22 15:20:09 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=317C0E4991C26A83EF6F6E58679E9CCE2D9F6B30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:53:85:5c:e4:25:92:6e:2f:42:15:21:93:7d: 08:bf:d5:7e:51:ec:86:44:41:d4:d6:15:05:d5:f5: be:87:7d:8e:70:c7:68:7f:9d:55:e3:7b:3a:d0:5f: eb:41:74:3c:75:e2:e7:8b:32:82:3f:ef:81:e8:81: 18:93:35:41:38:be:f1:08:81:24:90:ba:6a:c7:b3: 04:a1:c7:6c:6d:9e:0c:28:71:16:5d:49:e8:39:23: 14:7d:3d:b3:5c:da:80:eb:46:04:a9:53:56:d7:b3: b8:cf:d0:a4:b7:89:d6:73:a9:e2:fe:f2:e6:76:13: d6:fb:3e:2e:b1:dd:1a:c2:2f:fe:6c:ff:c2:82:2a: 25:6a:ed:3c:83:e0:82:06:62:64:c2:00:61:57:31: f6:39:e5:64:44:34:17:98:57:c5:bf:e2:ef:d5:08: d7:b2:17:ab:c9:0d:a3:5d:8b:c2:f4:1e:09:58:b4: 46:a1:ad:89:00:76:fc:55:ce:c1:75:c1:15:e1:d4: b0:f9:29:23:54:a0:bf:43:32:07:7b:fc:18:95:fd: 11:02:1a:5b:c0:88:cb:2c:36:ab:ca:77:ea:10:68: b2:e5:ae:7f:8e:7b:fb:e1:d0:96:cd:f8:d0:44:9a: 17:33:61:db:86:59:99:d0:d1:5d:d8:66:95:64:c8: d8:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:7C:0E:49:91:C2:6A:83:EF:6F:6E:58:67:9E:9C:CE:2D:9F:6B:30 X509v3 Authority Key Identifier: keyid:0C:B0:4C:C5:A6:B3:9B:14:8D:D7:10:EF:5C:6E:3F:2D:93:80:B4:55 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3026/DLBMxaazmxSN1xDvXG4_LZOAtFU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DLBMxaazmxSN1xDvXG4_LZOAtFU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3026/MXwOSZHCaoPvb25YZ56czi2fazA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.235.103.0/24 Signature Algorithm: sha256WithRSAEncryption 64:a5:d5:ff:03:10:b0:87:ec:54:ce:78:b4:a5:a0:eb:d7:2b: dd:5d:1f:f9:a7:52:20:28:83:ca:d2:8f:a5:41:ae:ee:28:cd: d0:59:0c:8b:d7:45:d4:0a:93:97:37:49:07:d2:72:54:c1:22: 4d:38:4b:9c:d1:6a:68:e6:80:9e:14:72:82:f8:03:da:45:d4: a1:c8:61:33:08:f8:b3:86:0f:90:da:ad:0f:57:89:63:4a:79: 13:bb:d3:70:e5:ef:a7:a4:90:df:3e:ac:17:f6:98:d4:0d:68: be:ef:0a:10:88:f3:1e:b8:14:e5:51:aa:1c:0a:67:22:77:a2: f3:66:e3:9f:80:15:a5:cb:9e:19:8d:ab:c6:40:ed:ea:23:bf: 85:8b:3b:ff:ef:f8:4f:f0:da:76:9b:4e:ba:68:b9:d9:90:7d: 47:2d:2f:ae:fb:25:7e:1e:c7:62:17:0b:7a:49:c5:2b:f5:44: b3:5f:98:a9:85:db:66:a6:86:2c:4f:77:6a:1b:8a:4a:f1:46: 52:1e:94:03:7c:8f:c7:fb:d3:47:5d:56:5f:2b:45:b6:94:ce: 4d:d1:ff:f1:33:61:1e:45:d9:2f:e0:4d:52:32:73:67:d0:47: 29:71:fc:54:76:86:ca:e6:5a:38:02:0c:07:44:6f:ac:db:64: 2a:13:69:b2 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBvEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMENC MDRDQzVBNkIzOUIxNDhERDcxMEVGNUM2RTNGMkQ5MzgwQjQ1NTAeFw0yNTA4MjIx NTIwMDlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDMxN0MwRTQ5OTFDMjZB ODNFRjZGNkU1ODY3OUU5Q0NFMkQ5RjZCMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDSU4Vc5CWSbi9CFSGTfQi/1X5R7IZEQdTWFQXV9b6HfY5wx2h/ nVXjezrQX+tBdDx14ueLMoI/74HogRiTNUE4vvEIgSSQumrHswShx2xtngwocRZd Seg5IxR9PbNc2oDrRgSpU1bXs7jP0KS3idZzqeL+8uZ2E9b7Pi6x3RrCL/5s/8KC KiVq7TyD4IIGYmTCAGFXMfY55WRENBeYV8W/4u/VCNeyF6vJDaNdi8L0HglYtEah rYkAdvxVzsF1wRXh1LD5KSNUoL9DMgd7/BiV/RECGlvAiMssNqvKd+oQaLLlrn+O e/vh0JbN+NBEmhczYduGWZnQ0V3YZpVkyNivAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUMXwOSZHCaoPvb25YZ56czi2fazAwHwYDVR0jBBgwFoAUDLBMxaazmxSN1xDv XG4/LZOAtFUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAy Ni9ETEJNeGFhem14U04xeER2WEc0X0xaT0F0RlUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0RMQk14YWF6bXhTTjF4RHZYRzRfTFpPQXRGVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMjYvTVh3T1NaSENhb1B2 YjI1WVo1NmN6aTJmYXpBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGfrZzANBgkqhkiG9w0BAQsFAAOCAQEAZKXV/wMQsIfsVM54tKWg69cr3V0f +adSICiDytKPpUGu7ijN0FkMi9dF1AqTlzdJB9JyVMEiTThLnNFqaOaAnhRygvgD 2kXUochhMwj4s4YPkNqtD1eJY0p5E7vTcOXvp6SQ3z6sF/aY1A1ovu8KEIjzHrgU 5VGqHApnInei82bjn4AVpcueGY2rxkDt6iO/hYs7/+/4T/DadptOumi52ZB9Ry0v rvslfh7HYhcLeknFK/VEs1+YqYXbZqaGLE93ahuKSvFGUh6UA3yPx/vTR11WXytF tpTOTdH/8TNhHkXZL+BNUjJzZ9BHKXH8VHaGyuZaOAIMB0RvrNtkKhNpsg== -----END CERTIFICATE-----Generated at Sun Aug 24 09:03:06 2025 by rpki-client