$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3262/KJR8ywAjft0Ebav0gxo5Vor6iqU.roa File: KJR8ywAjft0Ebav0gxo5Vor6iqU.roa (raw, json) Hash identifier: y/TUS30ttZh7Tbbrnb1iAfQFi1mKqTquXgUczH2KUM8= Subject key identifier: 28:94:7C:CB:00:23:7E:DD:04:6D:AB:F4:83:1A:39:56:8A:FA:8A:A5 Certificate issuer: /CN=E5C6CEFC8782F89731A2C72966EDC181DAB5AE22 Certificate serial: 0B00 Authority key identifier: E5:C6:CE:FC:87:82:F8:97:31:A2:C7:29:66:ED:C1:81:DA:B5:AE:22 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5cbO_IeC-JcxoscpZu3Bgdq1riI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/KJR8ywAjft0Ebav0gxo5Vor6iqU.roa Signing time: Sun 17 Aug 2025 01:39:50 +0000 ROA not before: Sun 17 Aug 2025 01:39:50 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 37969 IP address blocks: 103.98.98.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/5cbO_IeC-JcxoscpZu3Bgdq1riI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/5cbO_IeC-JcxoscpZu3Bgdq1riI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5cbO_IeC-JcxoscpZu3Bgdq1riI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:02:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2816 (0xb00) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E5C6CEFC8782F89731A2C72966EDC181DAB5AE22 Validity Not Before: Aug 17 01:39:50 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=28947CCB00237EDD046DABF4831A39568AFA8AA5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:b8:79:b7:8e:27:e0:c9:1f:d1:e9:63:33:89: 61:66:ef:27:2c:c4:34:aa:0c:d3:ef:91:d8:7f:eb: 03:de:e3:18:2c:03:a8:a3:61:de:91:80:17:54:93: 0b:ee:f3:e3:de:84:de:01:0a:23:71:cc:f4:28:5f: 0c:4e:03:6f:f4:c0:30:7b:55:2f:2e:45:45:0c:00: 70:02:d8:ef:9c:5f:e5:fb:51:02:7d:8b:e0:00:be: f1:16:15:50:07:fe:7d:14:04:04:e5:ed:56:7f:8a: c1:54:35:ff:e9:50:ab:b2:6a:ad:ca:f7:64:67:c4: 98:a7:68:0e:d3:69:ad:09:e7:96:e5:07:fa:c7:ea: c0:98:fd:ad:40:53:4e:b0:55:90:39:f2:16:45:4f: 2f:fa:42:d4:45:b1:13:e9:4e:0b:e6:b0:55:b8:e5: 12:e8:5b:3a:10:39:dc:c9:e8:a0:56:68:7e:17:cb: 04:d2:3a:c9:06:80:a6:42:44:8d:82:b2:ec:6d:3b: 25:0b:02:14:1a:3a:7c:7a:44:0e:86:51:d8:3c:f7: c1:d5:c6:19:20:72:a0:8c:f1:53:38:d7:43:70:77: c3:ae:83:f9:63:fb:82:f4:9c:ad:92:b0:59:df:e3: 0b:29:14:cd:05:dd:24:30:db:7c:59:a0:b1:c7:e1: a0:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:94:7C:CB:00:23:7E:DD:04:6D:AB:F4:83:1A:39:56:8A:FA:8A:A5 X509v3 Authority Key Identifier: keyid:E5:C6:CE:FC:87:82:F8:97:31:A2:C7:29:66:ED:C1:81:DA:B5:AE:22 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/5cbO_IeC-JcxoscpZu3Bgdq1riI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5cbO_IeC-JcxoscpZu3Bgdq1riI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/KJR8ywAjft0Ebav0gxo5Vor6iqU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.98.98.0/23 Signature Algorithm: sha256WithRSAEncryption 60:62:40:59:6e:1c:e1:13:de:96:16:b9:15:cc:f5:20:40:02: 53:cd:e0:ed:e9:3c:ea:81:5b:7f:af:69:ab:64:97:30:43:0c: 18:34:df:21:30:09:ef:26:4e:bf:80:f4:4a:72:18:01:6d:2b: a8:d5:7c:1b:e8:64:b1:ed:77:1c:7a:cb:dd:82:53:42:1b:25: 01:51:48:ca:ff:c2:38:9f:a3:dc:11:c4:d7:32:29:6a:96:f9: c9:22:e8:d0:05:a3:4f:db:7a:f6:78:f4:99:65:79:b9:91:8e: 36:ea:75:61:2b:bf:de:e4:21:bf:1e:9f:0d:92:9d:86:20:3e: 72:f1:4e:e0:33:6c:5a:0b:c4:bf:4f:b8:9d:0a:d3:96:62:04: bb:11:b2:85:80:4e:9b:b2:8e:76:a9:c4:07:2c:64:60:0b:a6: c7:9b:f7:28:6e:3c:c7:2e:92:b7:97:8a:1f:d2:c2:83:d4:44: 06:0a:46:82:30:42:91:5f:82:58:3c:8f:c0:c3:30:9e:8d:e8: 9a:45:b7:73:7a:82:34:5e:3f:00:00:e7:5b:f9:18:16:d1:e8: 14:23:94:62:de:a2:15:ed:d6:5f:bc:83:11:d9:50:c6:d8:ae: a5:64:9f:1f:ea:f3:a3:7d:63:14:0e:2c:a3:af:b1:fb:e1:95: 2b:e5:86:7b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICCwAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTVD NkNFRkM4NzgyRjg5NzMxQTJDNzI5NjZFREMxODFEQUI1QUUyMjAeFw0yNTA4MTcw MTM5NTBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDI4OTQ3Q0NCMDAyMzdF REQwNDZEQUJGNDgzMUEzOTU2OEFGQThBQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCquHm3jifgyR/R6WMziWFm7ycsxDSqDNPvkdh/6wPe4xgsA6ij Yd6RgBdUkwvu8+PehN4BCiNxzPQoXwxOA2/0wDB7VS8uRUUMAHAC2O+cX+X7UQJ9 i+AAvvEWFVAH/n0UBATl7VZ/isFUNf/pUKuyaq3K92RnxJinaA7Taa0J55blB/rH 6sCY/a1AU06wVZA58hZFTy/6QtRFsRPpTgvmsFW45RLoWzoQOdzJ6KBWaH4XywTS OskGgKZCRI2CsuxtOyULAhQaOnx6RA6GUdg898HVxhkgcqCM8VM410Nwd8Oug/lj +4L0nK2SsFnf4wspFM0F3SQw23xZoLHH4aBvAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUKJR8ywAjft0Ebav0gxo5Vor6iqUwHwYDVR0jBBgwFoAU5cbO/IeC+Jcxoscp Zu3Bgdq1riIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 Mi81Y2JPX0llQy1KY3hvc2NwWnUzQmdkcTFyaUkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzVjYk9fSWVDLUpjeG9zY3BadTNCZ2RxMXJpSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjIvS0pSOHl3QWpmdDBF YmF2MGd4bzVWb3I2aXFVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWdiYjANBgkqhkiG9w0BAQsFAAOCAQEAYGJAWW4c4RPelha5Fcz1IEACU83g 7ek86oFbf69pq2SXMEMMGDTfITAJ7yZOv4D0SnIYAW0rqNV8G+hkse13HHrL3YJT QhslAVFIyv/COJ+j3BHE1zIpapb5ySLo0AWjT9t69nj0mWV5uZGONup1YSu/3uQh vx6fDZKdhiA+cvFO4DNsWgvEv0+4nQrTlmIEuxGyhYBOm7KOdqnEByxkYAumx5v3 KG48xy6St5eKH9LCg9REBgpGgjBCkV+CWDyPwMMwno3omkW3c3qCNF4/AADnW/kY FtHoFCOUYt6iFe3WX7yDEdlQxtiupWSfH+rzo31jFA4so6+x++GVK+WGew== -----END CERTIFICATE-----Generated at Sun Aug 24 11:39:39 2025 by rpki-client