$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3181/aoCzfRxZ2-L1gM2xlNnF5TJocgc.roa File: aoCzfRxZ2-L1gM2xlNnF5TJocgc.roa (raw, json) Hash identifier: 5UBuha1VpzUGgTtdOzk2lSCl0/m1ejK0SAA7aTXxIU4= Subject key identifier: 6A:80:B3:7D:1C:59:DB:E2:F5:80:CD:B1:94:D9:C5:E5:32:68:72:07 Certificate issuer: /CN=136A39C7630A3C7491050D3E9DBD5B6F7906FD75 Certificate serial: 0E2B Authority key identifier: 13:6A:39:C7:63:0A:3C:74:91:05:0D:3E:9D:BD:5B:6F:79:06:FD:75 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3181/aoCzfRxZ2-L1gM2xlNnF5TJocgc.roa Signing time: Sat 13 Sep 2025 03:04:01 +0000 ROA not before: Sat 13 Sep 2025 03:04:01 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 38378 IP address blocks: 103.29.24.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3181/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3181/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 23:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3627 (0xe2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=136A39C7630A3C7491050D3E9DBD5B6F7906FD75 Validity Not Before: Sep 13 03:04:01 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=6A80B37D1C59DBE2F580CDB194D9C5E532687207 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:0a:02:d3:77:b7:f8:69:d9:7e:b0:99:1e:0e: c6:14:ca:e6:53:54:84:92:1f:4f:29:80:9c:44:25: 1a:a1:e6:93:ad:07:2b:9f:32:5c:08:dc:e0:d3:9b: 89:73:38:ae:2c:df:55:50:5f:bd:f6:03:ed:fa:08: 66:d4:f3:1c:4b:b6:e1:81:7c:60:34:bb:92:1d:a5: 4a:46:14:b4:1a:bf:cc:31:df:96:4f:16:d8:da:45: c7:b9:59:29:92:15:05:4d:e2:65:1e:52:73:d5:f9: c9:4f:f7:c9:a2:5e:98:21:66:9b:93:35:d2:d8:c2: b6:d5:5e:af:9e:d5:17:f7:e7:7e:74:7b:52:67:35: e6:05:92:f3:b3:29:79:fb:31:c0:a5:9d:3a:5b:1c: ba:66:dd:53:6a:00:9b:17:e7:c4:36:f5:c0:81:91: bd:9d:e7:d7:d8:fd:2a:89:09:8b:dc:8c:7d:5f:e4: a2:f3:15:68:d2:e7:59:62:8d:27:f4:9c:e6:66:a0: 87:88:c6:2b:1a:59:40:b6:7c:93:93:a6:67:aa:65: 8a:4a:62:3b:49:d8:bf:6a:9d:85:d1:8c:bf:02:9e: ef:89:46:79:63:4b:91:33:1a:8a:58:b1:6e:29:d5: af:1f:21:49:26:30:d0:2f:b8:39:be:4e:5a:80:8e: de:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:80:B3:7D:1C:59:DB:E2:F5:80:CD:B1:94:D9:C5:E5:32:68:72:07 X509v3 Authority Key Identifier: keyid:13:6A:39:C7:63:0A:3C:74:91:05:0D:3E:9D:BD:5B:6F:79:06:FD:75 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3181/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3181/aoCzfRxZ2-L1gM2xlNnF5TJocgc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.29.24.0/23 Signature Algorithm: sha256WithRSAEncryption 8a:75:b8:0d:e9:59:2b:f2:11:ab:e9:cf:9b:f5:a4:38:30:de: 50:7a:8d:ae:5a:1e:bf:c8:f2:17:49:34:47:d4:9f:40:f4:02: 5c:63:83:5b:f7:a6:4c:e4:65:7a:a6:23:d1:0b:4f:b7:46:4a: 57:d9:88:37:ec:d5:cd:d5:fc:08:5d:a1:cd:b9:71:e5:6a:fe: 59:19:0f:08:95:3e:a8:f4:78:ce:28:fd:a5:30:1a:ad:88:ec: 68:66:1b:f5:f2:81:e3:ae:d1:e4:1e:da:49:02:f1:9d:05:49: b5:00:4c:54:85:00:04:9e:1f:8a:0e:ab:59:ef:b4:c0:8a:a8: fb:8f:5c:3d:89:96:25:86:38:ab:48:86:8f:16:53:24:d5:c3: c6:81:3f:e9:fb:e2:52:f3:26:72:12:55:9a:26:77:13:63:db: 37:69:c8:bd:8c:83:e2:4b:29:b6:af:a7:70:e4:b5:94:a2:97: 76:1a:54:25:e3:8e:3c:3f:c4:75:79:1c:45:fc:9c:aa:f6:a4: 14:d3:f2:54:dd:26:30:31:1f:35:da:7d:86:3f:ca:47:a0:6d: 3b:36:57:7f:0e:1a:cf:e4:9e:cb:d0:e8:bf:df:7f:f4:fc:17: 98:41:98:94:e3:16:8f:2e:bd:5a:d7:79:88:98:7f:53:30:3e: 77:20:95:03 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDiswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTM2 QTM5Qzc2MzBBM0M3NDkxMDUwRDNFOURCRDVCNkY3OTA2RkQ3NTAeFw0yNTA5MTMw MzA0MDFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDZBODBCMzdEMUM1OURC RTJGNTgwQ0RCMTk0RDlDNUU1MzI2ODcyMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6CgLTd7f4adl+sJkeDsYUyuZTVISSH08pgJxEJRqh5pOtByuf MlwI3ODTm4lzOK4s31VQX732A+36CGbU8xxLtuGBfGA0u5IdpUpGFLQav8wx35ZP FtjaRce5WSmSFQVN4mUeUnPV+clP98miXpghZpuTNdLYwrbVXq+e1Rf35350e1Jn NeYFkvOzKXn7McClnTpbHLpm3VNqAJsX58Q29cCBkb2d59fY/SqJCYvcjH1f5KLz FWjS51lijSf0nOZmoIeIxisaWUC2fJOTpmeqZYpKYjtJ2L9qnYXRjL8Cnu+JRnlj S5EzGopYsW4p1a8fIUkmMNAvuDm+TlqAjt5fAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUaoCzfRxZ2+L1gM2xlNnF5TJocgcwHwYDVR0jBBgwFoAUE2o5x2MKPHSRBQ0+ nb1bb3kG/XUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE4 MS9FMm81eDJNS1BIU1JCUTAtbmIxYmIza0dfWFUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0UybzV4Mk1LUEhTUkJRMC1uYjFiYjNrR19YVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxODEvYW9DemZSeFoyLUwx Z00yeGxObkY1VEpvY2djLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWcdGDANBgkqhkiG9w0BAQsFAAOCAQEAinW4DelZK/IRq+nPm/WkODDeUHqN rloev8jyF0k0R9SfQPQCXGODW/emTORleqYj0QtPt0ZKV9mIN+zVzdX8CF2hzblx 5Wr+WRkPCJU+qPR4zij9pTAarYjsaGYb9fKB467R5B7aSQLxnQVJtQBMVIUABJ4f ig6rWe+0wIqo+49cPYmWJYY4q0iGjxZTJNXDxoE/6fviUvMmchJVmiZ3E2PbN2nI vYyD4ksptq+ncOS1lKKXdhpUJeOOPD/EdXkcRfycqvakFNPyVN0mMDEfNdp9hj/K R6BtOzZXfw4az+Sey9Dov99/9PwXmEGYlOMWjy69Wtd5iJh/UzA+dyCVAw== -----END CERTIFICATE-----Generated at Mon Oct 20 19:56:06 2025 by rpki-client