$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/1nR-qlKxPGHzYVkozF8iS3ZHf_A.roa File: 1nR-qlKxPGHzYVkozF8iS3ZHf_A.roa (raw, json) Hash identifier: ZizY9TfAZIh3GW6hVIp7AhIdzA4TiznQoGQHr+5/9j0= Subject key identifier: D6:74:7E:AA:52:B1:3C:61:F3:61:59:28:CC:5F:22:4B:76:47:7F:F0 Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Certificate serial: 2023 Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/1nR-qlKxPGHzYVkozF8iS3ZHf_A.roa Signing time: Tue 26 Aug 2025 05:01:08 +0000 ROA not before: Tue 26 Aug 2025 05:01:08 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23724 IP address blocks: 103.227.76.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 05:06:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8227 (0x2023) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Validity Not Before: Aug 26 05:01:08 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D6747EAA52B13C61F3615928CC5F224B76477FF0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:cf:98:58:4e:d1:6f:f8:b8:4c:82:07:1a:89: f0:ac:1d:6b:f1:72:aa:8a:04:ee:6f:68:0d:49:ea: e9:6e:2a:a6:ac:00:c5:fc:c3:38:6c:e2:4a:c8:0b: 03:96:31:f5:88:f2:07:a5:69:b9:5d:bd:dd:25:d6: 05:3c:20:4d:d2:c8:a3:34:f7:50:5b:41:8b:fa:37: 6d:10:4e:02:fa:f9:60:6d:17:44:8d:b3:f5:af:b3: 81:08:77:21:09:cf:d4:6e:f2:75:61:b9:5d:6d:ec: 88:41:f6:86:24:45:84:29:ce:5f:9b:b4:c9:ca:75: 5e:43:37:9c:2b:3b:b5:4a:54:21:59:49:39:ab:e6: 3e:e7:c7:05:28:9a:6e:da:a8:cf:5a:b6:89:28:3f: 9e:aa:03:5e:22:49:c3:8d:50:92:1e:fc:22:22:cf: a3:eb:68:95:1e:79:2d:d8:ac:fb:63:56:4b:24:77: 51:d9:34:2c:85:ee:56:54:b7:70:fb:69:35:89:7a: a8:d6:04:8e:c2:40:88:55:73:aa:2b:b6:ac:62:10: 89:9d:20:8c:55:40:f4:f4:34:7c:94:8c:a2:fe:99: 80:6e:b9:d4:6e:e9:c0:3f:1f:6d:8b:3a:ba:76:95: 29:72:c2:11:7c:74:03:5a:c1:14:7d:3a:ee:c8:b9: 4a:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:74:7E:AA:52:B1:3C:61:F3:61:59:28:CC:5F:22:4B:76:47:7F:F0 X509v3 Authority Key Identifier: keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/1nR-qlKxPGHzYVkozF8iS3ZHf_A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.227.76.0/22 Signature Algorithm: sha256WithRSAEncryption c6:0b:25:20:8c:db:64:b2:04:d7:ab:a0:c2:ca:df:89:a7:8a: 48:4f:78:33:42:df:dd:16:c7:12:fc:08:3d:92:66:a2:fc:df: 14:1d:7d:3b:1d:fa:b5:7f:6c:1c:62:98:90:3e:6e:e9:5b:af: 29:31:04:b3:7a:77:ad:76:cb:68:e1:30:d7:65:7e:00:4c:e2: 6b:d3:85:c9:40:e4:d0:f2:a4:3f:09:78:d0:14:c3:9d:9c:63: e0:16:9c:d2:d4:c2:86:eb:5d:cf:47:c0:20:f8:28:1a:89:63: fe:65:9c:a9:5a:c9:81:59:12:68:61:e4:64:29:7c:75:7a:31: 2f:ff:a1:50:cc:0e:3f:60:d6:e0:b0:93:e6:31:99:d5:7a:74: 31:55:99:dd:5a:77:1c:19:c4:d4:f5:ef:36:bd:6d:e5:d0:3f: eb:6b:cb:a0:3a:c1:df:12:ed:4a:92:de:50:8a:3c:9a:a6:5d: ae:75:e8:d3:83:77:ab:e8:86:ad:25:be:59:5f:82:98:cc:cd: 0d:c9:0b:41:02:e9:7c:78:a9:f4:ea:a8:38:51:f6:af:4b:e7: 14:ed:17:f1:5d:6b:c0:18:08:93:c2:15:19:3d:9a:d3:70:1a: c6:d3:14:59:73:76:9b:54:69:29:e7:2e:aa:57:5b:63:45:aa: 73:72:1a:88 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICICMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTA4MjYw NTAxMDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQ2NzQ3RUFBNTJCMTND NjFGMzYxNTkyOENDNUYyMjRCNzY0NzdGRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDsz5hYTtFv+LhMggcaifCsHWvxcqqKBO5vaA1J6uluKqasAMX8 wzhs4krICwOWMfWI8gelabldvd0l1gU8IE3SyKM091BbQYv6N20QTgL6+WBtF0SN s/Wvs4EIdyEJz9Ru8nVhuV1t7IhB9oYkRYQpzl+btMnKdV5DN5wrO7VKVCFZSTmr 5j7nxwUomm7aqM9atokoP56qA14iScONUJIe/CIiz6PraJUeeS3YrPtjVkskd1HZ NCyF7lZUt3D7aTWJeqjWBI7CQIhVc6ortqxiEImdIIxVQPT0NHyUjKL+mYBuudRu 6cA/H22LOrp2lSlywhF8dANawRR9Ou7IuUr1AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU1nR+qlKxPGHzYVkozF8iS3ZHf/AwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow 7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxLzFuUi1xbEt4UEdIellW a296RjhpUzNaSGZfQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn40wwDQYJKoZIhvcNAQELBQADggEBAMYLJSCM22SyBNeroMLK34mnikhPeDNC 390WxxL8CD2SZqL83xQdfTsd+rV/bBximJA+bulbrykxBLN6d612y2jhMNdlfgBM 4mvThclA5NDypD8JeNAUw52cY+AWnNLUwobrXc9HwCD4KBqJY/5lnKlayYFZEmhh 5GQpfHV6MS//oVDMDj9g1uCwk+YxmdV6dDFVmd1adxwZxNT17za9beXQP+try6A6 wd8S7UqS3lCKPJqmXa516NODd6vohq0lvllfgpjMzQ3JC0EC6Xx4qfTqqDhR9q9L 5xTtF/Fda8AYCJPCFRk9mtNwGsbTFFlzdptUaSnnLqpXW2NFqnNyGog= -----END CERTIFICATE-----Generated at Mon Sep 8 02:38:58 2025 by rpki-client