$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/3S-JJhWMuWVyrRY3NMUXWv1Lrkw.roa File: 3S-JJhWMuWVyrRY3NMUXWv1Lrkw.roa (raw, json) Hash identifier: WXvd9QB7Uh5iRlrNASzIFlCNdocvZ2KZjUoMp7FqB7Q= Subject key identifier: DD:2F:89:26:15:8C:B9:65:72:AD:16:37:34:C5:17:5A:FD:4B:AE:4C Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 24E4 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/3S-JJhWMuWVyrRY3NMUXWv1Lrkw.roa Signing time: Sat 13 Sep 2025 03:08:48 +0000 ROA not before: Sat 13 Sep 2025 03:08:48 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 209242 IP address blocks: 103.244.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Sep 2025 03:06:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9444 (0x24e4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 13 03:08:48 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=DD2F8926158CB96572AD163734C5175AFD4BAE4C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:6f:66:b5:f9:59:bb:35:a8:71:bb:19:f7:34: bb:29:7d:2c:24:97:79:65:c4:85:2a:d0:db:01:76: f1:e7:8d:4c:a0:81:e3:46:89:6a:ff:eb:69:20:13: 63:53:39:81:b0:41:33:70:d4:39:4c:47:c1:3f:50: 24:66:8a:0f:05:1a:2b:90:9a:e4:4e:bb:c4:4b:36: 2d:3a:47:25:15:50:4e:f2:8b:a7:cf:87:fb:26:b4: 67:b5:ae:b3:1e:79:5a:23:c2:cf:98:3f:c8:68:49: d4:ab:42:49:74:68:a6:76:88:d0:a8:70:e3:29:b6: 39:12:50:70:61:4e:be:ac:60:e7:56:ed:b9:1d:0c: eb:b5:51:94:a2:55:16:c1:c4:91:e0:db:26:58:af: 40:4b:64:70:ce:c2:6d:7f:0f:5b:ca:a4:08:81:91: 92:9b:da:1d:a7:bf:0a:49:33:2f:6a:ec:84:43:0d: 66:45:87:2f:6a:6a:5e:fe:1b:6a:d1:40:a1:7b:46: fb:59:6c:91:3c:1d:61:05:89:dc:f3:f3:17:af:de: c1:c7:ce:fd:1c:a6:8c:8a:89:12:17:07:a8:b6:ca: 91:d1:ac:2a:cf:86:d2:65:6d:dc:95:65:33:18:f3: 81:e3:ca:05:88:a1:d3:dc:72:af:b1:20:54:34:d4: 65:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:2F:89:26:15:8C:B9:65:72:AD:16:37:34:C5:17:5A:FD:4B:AE:4C X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/3S-JJhWMuWVyrRY3NMUXWv1Lrkw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.244.119.0/24 Signature Algorithm: sha256WithRSAEncryption 8a:e6:48:ee:5e:2a:7c:5f:76:18:ab:3b:f6:8d:67:dc:b8:68: 97:f6:3a:8d:78:d9:42:22:49:3c:27:fb:b5:36:b5:bc:37:92: 51:9f:c8:8b:ef:24:0c:d2:a3:3a:c3:e7:c3:18:44:3e:da:bb: 6d:9e:49:36:ad:e6:4e:8e:5f:2a:c2:88:77:e8:5d:c5:b7:90: 7c:9d:e4:98:2d:11:8f:7a:99:f3:cd:14:78:f7:a8:4a:d0:4f: 0d:8f:39:f8:f1:d4:82:cf:cf:84:f5:d7:1d:0e:d1:df:57:95: 21:6f:a9:3a:d6:a0:59:2f:6d:2b:6f:a4:48:b6:cf:74:bb:d2: aa:c4:ba:f8:a3:6a:4e:fd:75:0c:27:8b:1d:a7:73:32:9f:51: eb:34:62:08:18:1b:c7:c6:d1:32:6f:70:24:e9:e3:0e:a4:2b: 7c:91:08:26:0f:b8:3a:a8:7c:80:59:7c:41:76:9d:8a:8a:be: e1:37:58:99:54:ae:b2:5a:e9:ec:b5:44:46:a1:dd:06:15:b6: 4c:60:13:52:8b:71:17:f1:ec:17:80:8a:bb:78:54:5f:81:db: b9:7e:0a:48:7c:e1:8f:f3:97:c0:e1:cc:e4:fa:52:21:ec:9d: 4c:a7:b3:21:ce:4f:7f:30:e3:b1:fb:c2:c0:ff:0a:15:18:0f: d8:b7:3a:d5 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICJOQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTA5MTMw MzA4NDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEREMkY4OTI2MTU4Q0I5 NjU3MkFEMTYzNzM0QzUxNzVBRkQ0QkFFNEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFb2a1+Vm7Nahxuxn3NLspfSwkl3llxIUq0NsBdvHnjUyggeNG iWr/62kgE2NTOYGwQTNw1DlMR8E/UCRmig8FGiuQmuROu8RLNi06RyUVUE7yi6fP h/smtGe1rrMeeVojws+YP8hoSdSrQkl0aKZ2iNCocOMptjkSUHBhTr6sYOdW7bkd DOu1UZSiVRbBxJHg2yZYr0BLZHDOwm1/D1vKpAiBkZKb2h2nvwpJMy9q7IRDDWZF hy9qal7+G2rRQKF7RvtZbJE8HWEFidzz8xev3sHHzv0cpoyKiRIXB6i2ypHRrCrP htJlbdyVZTMY84HjygWIodPccq+xIFQ01GVHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU3S+JJhWMuWVyrRY3NMUXWv1LrkwwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvM1MtSkpoV011V1Z5 clJZM05NVVhXdjFMcmt3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGf0dzANBgkqhkiG9w0BAQsFAAOCAQEAiuZI7l4qfF92GKs79o1n3Lhol/Y6 jXjZQiJJPCf7tTa1vDeSUZ/Ii+8kDNKjOsPnwxhEPtq7bZ5JNq3mTo5fKsKId+hd xbeQfJ3kmC0Rj3qZ880UePeoStBPDY85+PHUgs/PhPXXHQ7R31eVIW+pOtagWS9t K2+kSLbPdLvSqsS6+KNqTv11DCeLHadzMp9R6zRiCBgbx8bRMm9wJOnjDqQrfJEI Jg+4Oqh8gFl8QXadioq+4TdYmVSuslrp7LVERqHdBhW2TGATUotxF/HsF4CKu3hU X4HbuX4KSHzhj/OXwOHM5PpSIeydTKezIc5PfzDjsfvCwP8KFRgP2Lc61Q== -----END CERTIFICATE-----Generated at Thu Sep 18 02:06:30 2025 by rpki-client