$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/aghMBIRR7OIu6io7_RAJ3p4L67k.roa File: aghMBIRR7OIu6io7_RAJ3p4L67k.roa (raw, json) Hash identifier: Oj5Fw4+yFisOOBrVkJj3ju68QW6loESH7GK+py1/yAY= Subject key identifier: 6A:08:4C:04:84:51:EC:E2:2E:EA:2A:3B:FD:10:09:DE:9E:0B:EB:B9 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1EBC Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/aghMBIRR7OIu6io7_RAJ3p4L67k.roa Signing time: Sat 13 Sep 2025 03:05:25 +0000 ROA not before: Sat 13 Sep 2025 03:05:25 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 139259 IP address blocks: 103.221.24.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7868 (0x1ebc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 13 03:05:25 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=6A084C048451ECE22EEA2A3BFD1009DE9E0BEBB9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:f4:d3:29:56:b3:88:63:60:5f:2a:95:ab:99: 97:f6:6a:69:07:4e:a0:0e:40:56:98:3a:16:62:c5: ab:89:b6:0a:cf:69:28:0a:24:1c:4d:6f:79:30:a5: 26:63:6d:ee:b8:88:f5:5f:3a:0f:b0:c0:f2:22:70: 57:28:06:a8:ee:20:42:9b:d1:d9:c4:2b:98:dd:55: de:e1:c3:3c:1f:5b:0d:4a:5d:dd:a2:74:5e:22:b2: 4f:17:94:b8:13:d2:b9:84:18:98:f2:77:00:63:88: 74:23:e0:13:0f:ed:ea:00:88:dd:44:b4:3e:2b:7f: 1a:e1:7c:b0:e9:1d:e1:45:e4:7e:79:8a:91:88:74: 41:1e:72:b3:87:68:72:2d:23:53:2d:34:51:5e:5e: bf:20:10:e7:cb:1f:be:98:d2:40:d6:3f:04:f5:c0: 90:a0:4c:48:80:cc:14:c4:83:7d:45:02:05:fb:b5: 06:d9:aa:0b:ae:05:05:b7:4a:4e:76:c5:0f:56:12: a4:22:12:87:d1:de:1b:52:df:e3:8b:e6:b6:a1:9f: 01:08:23:d6:94:4b:a4:fc:aa:34:46:c9:ac:a4:05: 79:81:59:fd:16:50:8f:7e:93:e5:45:2a:5f:64:66: 5e:75:a5:34:2d:a9:2e:08:49:52:f7:9d:11:4e:e2: 15:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:08:4C:04:84:51:EC:E2:2E:EA:2A:3B:FD:10:09:DE:9E:0B:EB:B9 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/aghMBIRR7OIu6io7_RAJ3p4L67k.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.24.0/22 Signature Algorithm: sha256WithRSAEncryption 8d:d0:88:62:79:55:a4:8c:0b:f9:eb:23:b6:bf:d2:af:10:bc: 50:47:41:cd:48:bc:dd:f6:cd:9e:ab:1e:5f:52:0d:07:de:ef: 4e:19:fb:0b:e3:73:43:dc:6d:22:b8:92:19:93:3d:fc:fc:73: 99:f5:4e:e5:10:fc:c3:38:45:d2:1c:53:04:c0:c5:a3:4d:8c: 4c:29:d7:8a:f3:ce:ac:e3:95:60:4a:37:3f:c8:53:4e:68:de: 03:db:9a:09:fe:00:90:5e:15:f7:83:67:ba:ec:11:90:27:71: 43:4e:cc:bd:7e:70:7a:1b:8f:9b:c5:36:13:65:b5:5b:d7:e5: 82:d1:03:ab:25:13:e8:5d:a2:f7:28:a4:5b:5b:c9:84:71:63: f2:00:de:64:9b:85:e7:30:15:59:93:a0:95:fb:1e:62:06:8f: b0:07:ce:4b:fb:ca:34:0b:df:29:15:61:53:d8:2a:f5:f2:a1: 51:fa:7c:77:1a:86:63:40:8a:9d:df:f5:56:d4:ba:1d:ff:93: 3e:84:04:71:6e:29:a7:fe:93:55:56:49:a1:e6:99:58:73:74: ea:84:fd:e7:c5:f8:f8:fa:f8:d3:73:a5:ba:57:95:1d:56:54: 9e:ca:ce:48:d7:81:b6:82:de:b4:cc:57:07:d4:c8:0d:60:dd: 74:06:48:3f -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHrwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTMw MzA1MjVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDZBMDg0QzA0ODQ1MUVD RTIyRUVBMkEzQkZEMTAwOURFOUUwQkVCQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC19NMpVrOIY2BfKpWrmZf2amkHTqAOQFaYOhZixauJtgrPaSgK JBxNb3kwpSZjbe64iPVfOg+wwPIicFcoBqjuIEKb0dnEK5jdVd7hwzwfWw1KXd2i dF4isk8XlLgT0rmEGJjydwBjiHQj4BMP7eoAiN1EtD4rfxrhfLDpHeFF5H55ipGI dEEecrOHaHItI1MtNFFeXr8gEOfLH76Y0kDWPwT1wJCgTEiAzBTEg31FAgX7tQbZ qguuBQW3Sk52xQ9WEqQiEofR3htS3+OL5rahnwEII9aUS6T8qjRGyaykBXmBWf0W UI9+k+VFKl9kZl51pTQtqS4ISVL3nRFO4hX3AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUaghMBIRR7OIu6io7/RAJ3p4L67kwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2FnaE1CSVJSN09JdTZp bzdfUkFKM3A0TDY3ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3RgwDQYJKoZIhvcNAQELBQADggEBAI3QiGJ5VaSMC/nrI7a/0q8QvFBHQc1I vN32zZ6rHl9SDQfe704Z+wvjc0PcbSK4khmTPfz8c5n1TuUQ/MM4RdIcUwTAxaNN jEwp14rzzqzjlWBKNz/IU05o3gPbmgn+AJBeFfeDZ7rsEZAncUNOzL1+cHobj5vF NhNltVvX5YLRA6slE+hdovcopFtbyYRxY/IA3mSbhecwFVmToJX7HmIGj7AHzkv7 yjQL3ykVYVPYKvXyoVH6fHcahmNAip3f9VbUuh3/kz6EBHFuKaf+k1VWSaHmmVhz dOqE/efF+Pj6+NNzpbpXlR1WVJ7KzkjXgbaC3rTMVwfUyA1g3XQGSD8= -----END CERTIFICATE-----Generated at Mon Oct 20 13:31:06 2025 by rpki-client