$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2679/XvYEMmLJSyx8duUutj0Fn9nJkWg.roa File: XvYEMmLJSyx8duUutj0Fn9nJkWg.roa (raw, json) Hash identifier: 9s5HYoZAeLN3UBpj4eBNuwDTW6TszuX6jBCRwnxlvYo= Subject key identifier: 5E:F6:04:32:62:C9:4B:2C:7C:76:E5:2E:B6:3D:05:9F:D9:C9:91:68 Certificate issuer: /CN=59356C1537C3BE2316FFA0DEB3910C4076B47D99 Certificate serial: 03 Authority key identifier: 59:35:6C:15:37:C3:BE:23:16:FF:A0:DE:B3:91:0C:40:76:B4:7D:99 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WTVsFTfDviMW_6Des5EMQHa0fZk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2679/XvYEMmLJSyx8duUutj0Fn9nJkWg.roa Signing time: Thu 28 Aug 2025 06:29:01 +0000 ROA not before: Thu 28 Aug 2025 06:29:01 +0000 ROA not after: Fri 28 Aug 2026 06:22:23 +0000 asID: 137749 IP address blocks: 103.108.224.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2679/WTVsFTfDviMW_6Des5EMQHa0fZk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2679/WTVsFTfDviMW_6Des5EMQHa0fZk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WTVsFTfDviMW_6Des5EMQHa0fZk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 16:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=59356C1537C3BE2316FFA0DEB3910C4076B47D99 Validity Not Before: Aug 28 06:29:01 2025 GMT Not After : Aug 28 06:22:23 2026 GMT Subject: CN=5EF6043262C94B2C7C76E52EB63D059FD9C99168 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:99:01:62:51:6c:29:24:64:9d:03:74:e3:f1: 61:87:24:ca:6d:37:1b:30:29:42:25:82:9e:a7:60: 35:70:de:03:98:2a:70:cf:ae:d1:cf:bb:65:70:ee: 85:2a:fd:48:9a:33:d0:66:90:0f:16:7c:4f:19:6c: 7a:6d:47:63:54:e9:68:bb:6c:9f:b7:0e:86:59:38: ff:c1:5d:18:f9:14:c3:4f:b3:c9:f8:91:b5:36:46: ac:c4:dd:f1:ff:63:e4:b5:91:ca:c1:cc:69:24:ae: eb:e1:4a:f3:37:01:f9:1a:7a:75:e2:4f:fa:b0:fb: b8:ed:81:13:77:83:d4:ee:ce:2a:68:38:de:d9:0a: ec:84:96:a4:88:ea:08:e3:2b:ef:e9:61:30:0e:16: 66:99:7a:54:a0:3b:ef:4f:cc:a9:61:e9:7c:e2:7f: f3:92:98:13:ee:35:46:58:00:8d:36:a4:67:86:30: 06:7f:04:5b:f3:69:26:9f:77:f6:d8:a8:0b:76:9c: 8e:a1:60:0b:0d:86:1c:06:64:94:8f:8f:ce:4f:7d: b7:73:8a:20:17:08:9e:97:2c:17:65:da:6a:00:bf: 4d:c7:73:cb:ea:59:5c:97:34:c5:7b:66:6c:f5:2b: af:49:85:68:7f:7b:da:81:92:b2:99:17:f6:fa:d8: 2c:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:F6:04:32:62:C9:4B:2C:7C:76:E5:2E:B6:3D:05:9F:D9:C9:91:68 X509v3 Authority Key Identifier: keyid:59:35:6C:15:37:C3:BE:23:16:FF:A0:DE:B3:91:0C:40:76:B4:7D:99 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2679/WTVsFTfDviMW_6Des5EMQHa0fZk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WTVsFTfDviMW_6Des5EMQHa0fZk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2679/XvYEMmLJSyx8duUutj0Fn9nJkWg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.108.224.0/22 Signature Algorithm: sha256WithRSAEncryption 22:41:79:32:5a:0e:d1:36:b8:22:50:e8:9a:38:9f:dc:96:a5: 2a:43:22:68:47:b2:be:11:63:05:83:a2:ab:fa:e2:35:1a:2f: b8:cf:20:31:e8:18:d4:59:82:b1:5e:00:fa:43:78:05:92:61: 26:19:b6:75:f9:86:c5:07:5e:e6:bb:ea:8c:7f:76:c1:1e:7b: e4:7a:b6:02:ba:b0:10:ab:c7:eb:eb:c2:1b:98:7b:8f:44:f9: 13:54:96:8e:7e:a2:8c:b5:d8:80:61:22:60:eb:07:22:73:24: b4:bb:b0:8e:4f:3c:1a:1f:6d:b0:16:a3:64:20:53:92:05:37: 9d:ec:10:ff:0e:34:d6:d5:41:32:ed:4f:74:bc:78:d0:71:56: f6:72:f2:c0:3f:54:91:da:3d:ab:c3:b1:c7:19:83:cb:76:5d: bb:d7:e0:52:1c:e5:1a:71:cd:c9:ae:2b:b9:6a:8f:47:d6:4b: 7e:1f:5c:22:25:09:91:e1:81:fa:0f:98:29:63:c7:13:3a:51: bc:da:02:ff:76:8e:63:76:30:14:56:69:10:68:3d:09:92:ec: 2d:00:08:dc:cd:e5:ea:50:a4:6b:d2:79:26:4e:ca:a8:a0:42: ff:5d:f2:91:52:ea:34:a0:48:5b:e6:16:dc:0e:27:f6:d3:0b: 77:33:7e:72 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1OTM1 NkMxNTM3QzNCRTIzMTZGRkEwREVCMzkxMEM0MDc2QjQ3RDk5MB4XDTI1MDgyODA2 MjkwMVoXDTI2MDgyODA2MjIyM1owMzExMC8GA1UEAxMoNUVGNjA0MzI2MkM5NEIy QzdDNzZFNTJFQjYzRDA1OUZEOUM5OTE2ODCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKGZAWJRbCkkZJ0DdOPxYYckym03GzApQiWCnqdgNXDeA5gqcM+u 0c+7ZXDuhSr9SJoz0GaQDxZ8Txlsem1HY1TpaLtsn7cOhlk4/8FdGPkUw0+zyfiR tTZGrMTd8f9j5LWRysHMaSSu6+FK8zcB+Rp6deJP+rD7uO2BE3eD1O7OKmg43tkK 7ISWpIjqCOMr7+lhMA4WZpl6VKA770/MqWHpfOJ/85KYE+41RlgAjTakZ4YwBn8E W/NpJp939tioC3acjqFgCw2GHAZklI+Pzk99t3OKIBcInpcsF2XaagC/Tcdzy+pZ XJc0xXtmbPUrr0mFaH972oGSspkX9vrYLJkCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBRe9gQyYslLLHx25S62PQWf2cmRaDAfBgNVHSMEGDAWgBRZNWwVN8O+Ixb/oN6z kQxAdrR9mTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjc5 L1dUVnNGVGZEdmlNV182RGVzNUVNUUhhMGZaay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV1RWc0ZUZkR2aU1XXzZEZXM1RU1RSGEwZlprLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3OS9YdllFTW1MSlN5eDhk dVV1dGowRm45bkprV2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ2zgMA0GCSqGSIb3DQEBCwUAA4IBAQAiQXkyWg7RNrgiUOiaOJ/clqUqQyJo R7K+EWMFg6Kr+uI1Gi+4zyAx6BjUWYKxXgD6Q3gFkmEmGbZ1+YbFB17mu+qMf3bB HnvkerYCurAQq8fr68IbmHuPRPkTVJaOfqKMtdiAYSJg6wcicyS0u7COTzwaH22w FqNkIFOSBTed7BD/DjTW1UEy7U90vHjQcVb2cvLAP1SR2j2rw7HHGYPLdl271+BS HOUacc3Jriu5ao9H1kt+H1wiJQmR4YH6D5gpY8cTOlG82gL/do5jdjAUVmkQaD0J kuwtAAjczeXqUKRr0nkmTsqooEL/XfKRUuo0oEhb5hbcDif20wt3M35y -----END CERTIFICATE-----Generated at Tue Sep 9 12:21:16 2025 by rpki-client