$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2625/8voVhgIMSHYOly56t_xyMcphEAk.roa File: 8voVhgIMSHYOly56t_xyMcphEAk.roa (raw, json) Hash identifier: Zve3JGBpr96I7P2FGoZun6H4kwIc0NADRMp0+IZbH2M= Subject key identifier: F2:FA:15:86:02:0C:48:76:0E:97:2E:7A:B7:FC:72:31:CA:61:10:09 Certificate issuer: /CN=C3DAFDFF828F3B435D127064A956F5DD53A2BC3D Certificate serial: 17 Authority key identifier: C3:DA:FD:FF:82:8F:3B:43:5D:12:70:64:A9:56:F5:DD:53:A2:BC:3D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/w9r9_4KPO0NdEnBkqVb13VOivD0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/8voVhgIMSHYOly56t_xyMcphEAk.roa Signing time: Mon 01 Sep 2025 02:34:51 +0000 ROA not before: Mon 01 Sep 2025 02:34:51 +0000 ROA not after: Fri 28 Aug 2026 02:37:23 +0000 asID: 131541 IP address blocks: 103.103.36.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/w9r9_4KPO0NdEnBkqVb13VOivD0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 10:05:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23 (0x17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C3DAFDFF828F3B435D127064A956F5DD53A2BC3D Validity Not Before: Sep 1 02:34:51 2025 GMT Not After : Aug 28 02:37:23 2026 GMT Subject: CN=F2FA1586020C48760E972E7AB7FC7231CA611009 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:6d:00:4f:ef:7e:9d:90:52:e9:ef:01:c1:ff: 28:2b:74:0b:22:c4:bf:55:de:b2:c0:06:d6:d0:b6: 5d:51:89:18:dc:f1:53:58:e0:e5:a0:39:b9:05:33: 70:37:e4:d1:fe:bd:78:cf:ad:9a:56:bf:ef:75:e9: 9b:12:50:25:34:cf:c0:27:04:fc:69:10:a8:50:bf: 14:46:e4:62:b3:b0:2c:0a:22:9f:81:d9:e8:65:9f: 86:67:a9:0f:8b:55:83:84:ca:b4:31:a2:f9:9e:3f: 82:01:b5:7c:c3:f4:b0:b3:c8:5d:96:f6:5b:0c:b3: ad:19:cf:80:f0:b5:72:cc:fd:9c:68:b7:8e:8a:9f: a2:71:4e:f8:de:b1:a0:5d:ab:c7:0f:31:e5:fd:2c: b8:60:b0:c3:01:0f:8a:8f:25:9f:62:64:89:1d:72: a5:67:1a:cc:6f:69:b0:72:57:30:f7:82:81:27:a2: d6:bf:4a:44:31:18:9a:f8:2b:37:e7:cf:7d:27:ef: 26:5a:23:38:3d:b7:a0:54:07:de:dc:0e:c9:1e:ad: dd:a3:14:22:0e:99:0c:84:10:92:27:e6:a4:92:21: 19:1c:ae:de:6c:31:a7:de:27:57:87:91:b8:f2:f5: 2c:c0:59:fb:51:a6:8f:32:a0:ed:b8:55:13:6c:27: 59:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:FA:15:86:02:0C:48:76:0E:97:2E:7A:B7:FC:72:31:CA:61:10:09 X509v3 Authority Key Identifier: keyid:C3:DA:FD:FF:82:8F:3B:43:5D:12:70:64:A9:56:F5:DD:53:A2:BC:3D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/w9r9_4KPO0NdEnBkqVb13VOivD0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/w9r9_4KPO0NdEnBkqVb13VOivD0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2625/8voVhgIMSHYOly56t_xyMcphEAk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.103.36.0/24 Signature Algorithm: sha256WithRSAEncryption 6b:91:6e:cb:7a:cd:6f:2a:19:36:9c:fe:2b:ee:bc:2b:9f:17: 15:ed:3c:5b:12:d3:c6:e9:01:85:79:aa:52:7b:8a:48:e2:dd: 82:a6:4e:08:a5:01:73:88:1a:6e:91:ba:86:54:93:f6:7e:06: 48:51:2a:ed:38:89:40:28:7e:72:e3:3e:5c:c0:84:14:ef:16: 62:82:49:db:9f:1a:0a:7c:44:1f:71:de:db:57:7e:d1:17:5a: 95:96:6f:0e:8a:aa:42:3e:51:5d:40:4b:7d:48:a5:73:02:25: ba:ab:4d:4d:f9:a3:53:c9:fb:ab:24:b5:77:03:7e:07:e5:92: 52:f4:13:ae:e9:29:ff:4d:0a:66:c5:42:fd:e6:12:db:cc:7f: f8:00:98:7a:e4:1c:3d:b4:81:9e:5c:42:0c:3d:ee:8b:cb:f9: 19:5d:b2:18:44:a6:d1:c1:18:1a:98:4b:dc:c6:1f:fb:b5:b8: 8a:cb:b8:f0:0a:e9:cb:ce:e0:d0:17:4c:e6:16:90:b4:b8:04: b0:ae:05:15:2b:a8:1c:87:8e:97:52:ec:36:1e:85:c3:41:b1: 05:63:8f:50:87:93:12:2e:a5:c6:9f:4e:f8:84:fa:d6:69:2d: 75:6c:55:89:a7:77:28:2c:a9:13:8b:54:65:70:7c:74:e2:e5: a3:09:5e:bd -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhDM0RB RkRGRjgyOEYzQjQzNUQxMjcwNjRBOTU2RjVERDUzQTJCQzNEMB4XDTI1MDkwMTAy MzQ1MVoXDTI2MDgyODAyMzcyM1owMzExMC8GA1UEAxMoRjJGQTE1ODYwMjBDNDg3 NjBFOTcyRTdBQjdGQzcyMzFDQTYxMTAwOTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALJtAE/vfp2QUunvAcH/KCt0CyLEv1XessAG1tC2XVGJGNzxU1jg 5aA5uQUzcDfk0f69eM+tmla/73XpmxJQJTTPwCcE/GkQqFC/FEbkYrOwLAoin4HZ 6GWfhmepD4tVg4TKtDGi+Z4/ggG1fMP0sLPIXZb2WwyzrRnPgPC1csz9nGi3joqf onFO+N6xoF2rxw8x5f0suGCwwwEPio8ln2JkiR1ypWcazG9psHJXMPeCgSei1r9K RDEYmvgrN+fPfSfvJlojOD23oFQH3twOyR6t3aMUIg6ZDIQQkifmpJIhGRyu3mwx p94nV4eRuPL1LMBZ+1GmjzKg7bhVE2wnWYsCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBTy+hWGAgxIdg6XLnq3/HIxymEQCTAfBgNVHSMEGDAWgBTD2v3/go87Q10ScGSp VvXdU6K8PTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjI1 L3c5cjlfNEtQTzBOZEVuQmtxVmIxM1ZPaXZEMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdzlyOV80S1BPME5kRW5Ca3FWYjEzVk9pdkQwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYyNS84dm9WaGdJTVNIWU9s eTU2dF94eU1jcGhFQWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ2ckMA0GCSqGSIb3DQEBCwUAA4IBAQBrkW7Les1vKhk2nP4r7rwrnxcV7Txb EtPG6QGFeapSe4pI4t2Cpk4IpQFziBpukbqGVJP2fgZIUSrtOIlAKH5y4z5cwIQU 7xZigknbnxoKfEQfcd7bV37RF1qVlm8OiqpCPlFdQEt9SKVzAiW6q01N+aNTyfur JLV3A34H5ZJS9BOu6Sn/TQpmxUL95hLbzH/4AJh65Bw9tIGeXEIMPe6Ly/kZXbIY RKbRwRgamEvcxh/7tbiKy7jwCunLzuDQF0zmFpC0uASwrgUVK6gch46XUuw2HoXD QbEFY49Qh5MSLqXGn074hPrWaS11bFWJp3coLKkTi1RlcHx04uWjCV69 -----END CERTIFICATE-----Generated at Mon Sep 8 09:10:27 2025 by rpki-client