$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3262/ajRjw7-cLRyVPLz9VqmJwMfeNX4.roa File: ajRjw7-cLRyVPLz9VqmJwMfeNX4.roa (raw, json) Hash identifier: H3si7J3ntZNOIicBdKKsQE5EEp9LUgDBJHSU1IAKRU8= Subject key identifier: 6A:34:63:C3:BF:9C:2D:1C:95:3C:BC:FD:56:A9:89:C0:C7:DE:35:7E Certificate issuer: /CN=E5C6CEFC8782F89731A2C72966EDC181DAB5AE22 Certificate serial: 0AED Authority key identifier: E5:C6:CE:FC:87:82:F8:97:31:A2:C7:29:66:ED:C1:81:DA:B5:AE:22 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5cbO_IeC-JcxoscpZu3Bgdq1riI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/ajRjw7-cLRyVPLz9VqmJwMfeNX4.roa Signing time: Fri 15 Aug 2025 01:17:18 +0000 ROA not before: Fri 15 Aug 2025 01:17:18 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 37969 IP address blocks: 103.98.96.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/5cbO_IeC-JcxoscpZu3Bgdq1riI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/5cbO_IeC-JcxoscpZu3Bgdq1riI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5cbO_IeC-JcxoscpZu3Bgdq1riI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:02:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2797 (0xaed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E5C6CEFC8782F89731A2C72966EDC181DAB5AE22 Validity Not Before: Aug 15 01:17:18 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=6A3463C3BF9C2D1C953CBCFD56A989C0C7DE357E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:cb:69:f9:af:0d:21:ca:44:66:69:95:4d:f4: 1f:fc:67:f4:53:69:fe:71:f4:0e:20:14:1a:44:88: 4f:3f:83:ca:e9:0a:d0:c7:28:69:18:53:8f:35:fd: 81:35:54:bc:6c:c9:16:61:ef:77:17:61:0a:42:b0: 21:40:76:15:a8:a9:58:3a:4d:fe:ad:bd:65:24:ee: 1d:00:83:8a:29:81:78:df:41:89:0f:9c:00:db:23: ff:cc:ab:95:9c:4c:37:58:c2:8d:67:e0:18:71:de: 10:05:ea:ad:88:6b:97:36:85:96:92:9b:5d:8b:39: 92:d0:0a:8e:fa:81:d3:45:e3:45:69:ef:8b:28:d2: 2f:e7:b0:ea:30:9b:17:60:df:43:a7:88:7c:4b:d9: 5b:ec:74:99:ca:9c:9e:fb:5a:47:e1:b8:53:83:3e: f5:25:6b:48:95:48:3b:3a:c1:8e:6b:fc:e8:b6:5d: 80:27:95:96:b6:4f:3e:97:56:f2:48:dc:e5:c5:d3: a8:a0:37:52:c1:a1:49:bc:31:21:a5:66:db:6a:56: 3e:be:7a:a8:ee:d9:4b:82:d9:7b:6a:d9:ed:26:79: 3d:e0:55:77:f2:18:54:d1:2a:1f:fe:92:45:a8:2f: 96:16:ef:33:71:4c:ef:62:42:4f:78:8d:a8:67:6a: 12:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:34:63:C3:BF:9C:2D:1C:95:3C:BC:FD:56:A9:89:C0:C7:DE:35:7E X509v3 Authority Key Identifier: keyid:E5:C6:CE:FC:87:82:F8:97:31:A2:C7:29:66:ED:C1:81:DA:B5:AE:22 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/5cbO_IeC-JcxoscpZu3Bgdq1riI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5cbO_IeC-JcxoscpZu3Bgdq1riI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/ajRjw7-cLRyVPLz9VqmJwMfeNX4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.98.96.0/22 Signature Algorithm: sha256WithRSAEncryption 5f:58:ff:3e:c3:ac:52:f5:25:09:40:4d:d1:9a:51:ad:ba:6a: da:55:6f:a6:6e:ca:f0:93:57:b4:9c:b3:76:e9:4b:3c:5f:88: 39:26:ff:3c:dc:f6:d7:81:df:c1:20:82:d4:95:11:33:79:1a: 1d:83:8c:a3:92:30:22:e7:29:95:3a:83:34:34:d2:2a:b6:f7: 22:29:9c:cd:1e:e5:88:4b:c2:49:59:bd:b4:4b:b7:3a:56:e0: 8d:83:03:c9:3d:72:4f:12:1e:75:c1:7c:82:99:87:d8:fb:c4: 46:5f:4f:58:f8:4b:d7:b4:92:30:f0:c8:b8:9f:0e:56:44:56: 80:25:58:cb:d6:60:e1:67:39:ed:f4:fa:df:34:d4:fc:55:7b: 99:b6:73:e5:75:1f:81:e6:07:ce:7d:5b:a4:03:f8:5f:20:38: 6b:4f:f3:e4:65:f9:48:eb:a4:47:a6:db:ec:cb:58:76:93:f5: c2:2c:94:27:f6:e8:00:24:a0:ad:fb:26:67:21:06:8a:a5:d6: f4:19:f8:58:ce:c0:eb:58:fb:1a:0c:b5:e4:02:3c:b3:e9:6a: 2a:63:5c:83:10:94:3d:f7:88:a7:23:b5:d1:6c:7d:dd:c0:4c: 49:ee:ea:81:0e:cc:92:96:2c:b5:cd:cd:d9:cd:dc:26:48:26: ef:00:fb:72 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICCu0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTVD NkNFRkM4NzgyRjg5NzMxQTJDNzI5NjZFREMxODFEQUI1QUUyMjAeFw0yNTA4MTUw MTE3MThaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDZBMzQ2M0MzQkY5QzJE MUM5NTNDQkNGRDU2QTk4OUMwQzdERTM1N0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzy2n5rw0hykRmaZVN9B/8Z/RTaf5x9A4gFBpEiE8/g8rpCtDH KGkYU481/YE1VLxsyRZh73cXYQpCsCFAdhWoqVg6Tf6tvWUk7h0Ag4opgXjfQYkP nADbI//Mq5WcTDdYwo1n4Bhx3hAF6q2Ia5c2hZaSm12LOZLQCo76gdNF40Vp74so 0i/nsOowmxdg30OniHxL2VvsdJnKnJ77WkfhuFODPvUla0iVSDs6wY5r/Oi2XYAn lZa2Tz6XVvJI3OXF06igN1LBoUm8MSGlZttqVj6+eqju2UuC2Xtq2e0meT3gVXfy GFTRKh/+kkWoL5YW7zNxTO9iQk94jahnahJjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUajRjw7+cLRyVPLz9VqmJwMfeNX4wHwYDVR0jBBgwFoAU5cbO/IeC+Jcxoscp Zu3Bgdq1riIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 Mi81Y2JPX0llQy1KY3hvc2NwWnUzQmdkcTFyaUkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzVjYk9fSWVDLUpjeG9zY3BadTNCZ2RxMXJpSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjIvYWpSanc3LWNMUnlW UEx6OVZxbUp3TWZlTlg0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdiYDANBgkqhkiG9w0BAQsFAAOCAQEAX1j/PsOsUvUlCUBN0ZpRrbpq2lVv pm7K8JNXtJyzdulLPF+IOSb/PNz214HfwSCC1JURM3kaHYOMo5IwIucplTqDNDTS Krb3IimczR7liEvCSVm9tEu3OlbgjYMDyT1yTxIedcF8gpmH2PvERl9PWPhL17SS MPDIuJ8OVkRWgCVYy9Zg4Wc57fT63zTU/FV7mbZz5XUfgeYHzn1bpAP4XyA4a0/z 5GX5SOukR6bb7MtYdpP1wiyUJ/boACSgrfsmZyEGiqXW9Bn4WM7A61j7Ggy15AI8 s+lqKmNcgxCUPfeIpyO10Wx93cBMSe7qgQ7MkpYstc3N2c3cJkgm7wD7cg== -----END CERTIFICATE-----Generated at Sun Aug 24 11:38:44 2025 by rpki-client