$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/cVRq_KmISs8jA_YPdCjYBCQ5kTc.roa File: cVRq_KmISs8jA_YPdCjYBCQ5kTc.roa (raw, json) Hash identifier: Sksv/IM1jZC1hZ0MSPfBP+FrKOgsA8MZANzitkQ0gYo= Subject key identifier: 71:54:6A:FC:A9:88:4A:CF:23:03:F6:0F:74:28:D8:04:24:39:91:37 Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Certificate serial: 0D21 Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/cVRq_KmISs8jA_YPdCjYBCQ5kTc.roa Signing time: Wed 02 Jul 2025 09:18:35 +0000 ROA not before: Wed 02 Jul 2025 09:18:35 +0000 ROA not after: Thu 09 Apr 2026 06:41:00 +0000 asID: 63567 IP address blocks: 103.37.44.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 06:45:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3361 (0xd21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Validity Not Before: Jul 2 09:18:35 2025 GMT Not After : Apr 9 06:41:00 2026 GMT Subject: CN=71546AFCA9884ACF2303F60F7428D80424399137 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:9d:1c:6e:28:b3:4e:64:a9:b3:f9:8f:37:ce: 11:1d:36:51:67:86:f9:88:74:64:9a:6f:ed:3c:b6: c4:ea:d8:02:92:f3:a1:9a:31:cf:9a:5c:99:42:55: 36:f5:40:e1:2c:fd:fe:59:e2:d6:86:27:89:ee:21: 0b:39:b9:b4:6d:aa:d4:c2:0a:ae:7b:01:92:7b:34: c5:12:cd:c8:d4:22:d2:b7:45:ab:d3:91:08:4f:eb: 2f:15:95:21:a8:b6:eb:fb:82:6f:68:ec:36:5a:e1: 4f:21:1a:7c:7f:0d:35:b6:c2:e9:38:fd:26:32:c2: 1f:9a:5f:d4:b8:ba:da:0c:7d:28:28:5a:8d:4d:c0: f7:eb:f3:ad:4f:b3:75:4e:2a:9c:38:2c:61:86:ca: ec:5f:ab:70:1b:ad:7a:ee:3d:29:1d:1c:b1:d7:d9: 03:59:3b:29:70:de:0b:29:1e:51:c3:23:d1:02:be: 89:b7:f1:f5:64:9b:ed:5e:5f:e4:b2:93:14:69:74: 6a:87:a6:a4:4d:fa:c3:81:9c:bc:57:93:e8:85:26: b6:51:ba:6d:4a:e1:d9:de:c1:6a:d1:ec:cd:43:b0: 50:8f:e0:39:51:c3:30:a8:a6:08:fb:4a:d4:fb:6a: 20:72:b6:a0:21:9f:18:46:95:14:3a:b7:3f:3c:3c: 8d:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:54:6A:FC:A9:88:4A:CF:23:03:F6:0F:74:28:D8:04:24:39:91:37 X509v3 Authority Key Identifier: keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/cVRq_KmISs8jA_YPdCjYBCQ5kTc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.37.44.0/22 Signature Algorithm: sha256WithRSAEncryption 14:74:36:88:37:1f:a8:27:0e:41:1f:38:54:c2:fa:ca:c7:93: 0f:4d:e4:a1:dc:9b:13:c3:fa:72:7b:71:07:af:31:e5:8c:32: cc:fc:dc:6a:64:8a:98:be:bb:bc:77:97:74:a0:b2:4b:8f:a4: d9:97:e9:3d:5e:f3:ba:94:a9:3a:46:6c:a6:2a:28:9a:1d:cc: d1:c3:59:eb:1d:3b:9d:e0:43:ad:a4:28:ea:e1:19:33:f7:94: de:50:14:7c:8f:a7:79:b1:d2:c5:70:53:73:b3:ac:c3:4c:65: 60:17:ba:b4:ba:69:90:72:7f:fe:71:7b:8b:e3:82:bd:c0:ef: 56:4f:e4:25:e2:67:d5:14:7c:61:67:10:b1:a4:96:12:dd:75: 59:06:63:73:bd:e3:5e:cc:d0:62:96:7c:3f:84:7e:95:7d:5d: 57:90:5b:cc:09:3a:a2:21:6f:62:bd:43:10:53:23:19:16:35: 0b:2d:d2:03:b7:a5:af:e2:a5:d3:16:14:64:30:63:23:e7:fc: 27:0c:69:76:58:c8:ea:d8:c0:ae:1b:06:f5:47:b3:2a:97:a5: 61:21:7d:fc:04:e3:3b:82:86:a6:ea:c5:bb:c1:03:ba:0a:e6: 18:aa:52:93:a2:b8:b2:6f:66:b1:1d:20:83:02:cf:60:c4:6d: ce:bb:7c:3a -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDSEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA3MDIw OTE4MzVaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKDcxNTQ2QUZDQTk4ODRB Q0YyMzAzRjYwRjc0MjhEODA0MjQzOTkxMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDcnRxuKLNOZKmz+Y83zhEdNlFnhvmIdGSab+08tsTq2AKS86Ga Mc+aXJlCVTb1QOEs/f5Z4taGJ4nuIQs5ubRtqtTCCq57AZJ7NMUSzcjUItK3RavT kQhP6y8VlSGotuv7gm9o7DZa4U8hGnx/DTW2wuk4/SYywh+aX9S4utoMfSgoWo1N wPfr861Ps3VOKpw4LGGGyuxfq3AbrXruPSkdHLHX2QNZOylw3gspHlHDI9ECvom3 8fVkm+1eX+SykxRpdGqHpqRN+sOBnLxXk+iFJrZRum1K4dnewWrR7M1DsFCP4DlR wzCopgj7StT7aiBytqAhnxhGlRQ6tz88PI1lAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUcVRq/KmISs8jA/YPdCjYBCQ5kTcwHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/ AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL2NWUnFfS21JU3M4akFf WVBkQ2pZQkNRNWtUYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJnJSwwDQYJKoZIhvcNAQELBQADggEBABR0Nog3H6gnDkEfOFTC+srHkw9N5KHc mxPD+nJ7cQevMeWMMsz83Gpkipi+u7x3l3SgskuPpNmX6T1e87qUqTpGbKYqKJod zNHDWesdO53gQ62kKOrhGTP3lN5QFHyPp3mx0sVwU3OzrMNMZWAXurS6aZByf/5x e4vjgr3A71ZP5CXiZ9UUfGFnELGklhLddVkGY3O9417M0GKWfD+EfpV9XVeQW8wJ OqIhb2K9QxBTIxkWNQst0gO3pa/ipdMWFGQwYyPn/CcMaXZYyOrYwK4bBvVHsyqX pWEhffwE4zuChqbqxbvBA7oK5hiqUpOiuLJvZrEdIIMCz2DEbc67fDo= -----END CERTIFICATE-----Generated at Sat Jul 5 05:11:23 2025 by rpki-client