$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/E3PcjUP8DYJk3L_Pr8mSBtEciCQ.roa File: E3PcjUP8DYJk3L_Pr8mSBtEciCQ.roa (raw, json) Hash identifier: nTOOrq73lnfh4E41HZJL7wJ3UFZXkT/oRTt/cQn/po4= Subject key identifier: 13:73:DC:8D:43:FC:0D:82:64:DC:BF:CF:AF:C9:92:06:D1:1C:88:24 Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Certificate serial: 2035 Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/E3PcjUP8DYJk3L_Pr8mSBtEciCQ.roa Signing time: Tue 26 Aug 2025 05:15:36 +0000 ROA not before: Tue 26 Aug 2025 05:15:36 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4808 IP address blocks: 103.235.236.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 04:06:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8245 (0x2035) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Validity Not Before: Aug 26 05:15:36 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=1373DC8D43FC0D8264DCBFCFAFC99206D11C8824 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:d5:96:2d:3d:b3:2f:f8:d8:97:97:e0:8a:6e: f5:40:e9:43:03:86:90:99:7d:2d:46:6d:56:c5:41: 41:67:93:c1:04:c7:c4:4b:5c:f2:64:14:9e:b9:3e: 04:b3:05:4e:56:48:28:80:a4:f3:7d:1a:61:4f:d7: 46:a3:97:8b:2d:d8:ea:ca:0b:d2:20:68:51:63:f3: 52:4c:dc:c9:39:50:65:70:5f:9d:b1:99:f2:39:5e: 99:7a:f8:28:ae:d2:ac:38:d1:05:93:58:47:33:d0: 5e:c9:08:56:e5:53:be:f6:ce:61:0c:76:f9:af:b1: 11:99:b7:14:61:5f:23:c0:84:eb:ac:d0:b5:39:53: 16:48:2f:1a:4e:b3:d3:9a:f8:67:0c:aa:ed:c4:bb: 8f:56:97:69:81:62:ef:0d:62:69:a3:f2:a3:ed:ed: 5a:c4:10:a1:6c:92:d6:9d:23:d3:d2:d6:2f:25:68: 79:fb:af:c5:80:80:13:4b:a1:fe:09:ce:96:60:16: 0f:5b:1e:b2:c7:bb:16:9b:60:41:a1:10:8c:4c:d6: 6d:e4:88:88:c1:a5:f6:18:e9:06:3f:fe:ee:64:82: c7:d1:92:bb:c9:b1:be:a2:e2:f2:d6:98:65:b7:7b: ad:aa:42:97:20:a9:b1:05:b2:93:9d:a3:2c:7e:17: e7:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:73:DC:8D:43:FC:0D:82:64:DC:BF:CF:AF:C9:92:06:D1:1C:88:24 X509v3 Authority Key Identifier: keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/E3PcjUP8DYJk3L_Pr8mSBtEciCQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.235.236.0/22 Signature Algorithm: sha256WithRSAEncryption 84:c7:b4:63:68:88:6d:94:bb:e9:74:90:85:57:84:60:6d:0a: 17:da:e3:4b:54:92:a1:8e:11:93:31:a5:08:86:de:45:0a:18: 7d:87:72:6c:d6:e9:f2:2c:50:82:12:d7:64:43:b7:b5:5c:76: 5e:ca:bd:45:87:85:3f:62:ea:c2:bb:11:85:c2:e0:1d:27:5e: 1c:c5:87:6a:53:2b:b1:7c:82:1a:71:cb:98:0a:c9:f6:90:41: 90:33:08:be:22:b9:41:27:08:b7:34:42:8b:c1:b7:16:8e:7c: a4:5c:eb:ec:3e:00:f5:22:75:43:95:57:83:33:47:f8:3a:c6: 12:c6:42:71:7b:48:61:28:f9:d0:46:29:b7:ab:8e:e7:b3:b0: e3:b4:1d:9b:ce:b3:66:30:2a:ea:a3:de:a9:86:c3:49:1b:49: e4:4f:59:3d:c1:89:e1:d7:c9:57:07:46:b7:c3:b2:09:f4:f7: fd:f9:42:02:7f:98:e4:29:ad:fd:b1:22:db:3c:e2:c1:2f:f5: f1:35:60:76:dd:ff:42:3a:b3:a0:36:d5:25:d2:bf:86:6e:94: b3:d4:7c:46:b3:f5:42:35:77:3e:a2:0a:70:3b:43:5d:a0:07: 1e:aa:d8:33:46:aa:3a:e9:b9:74:28:c7:7b:f8:d3:c6:c9:8f: 4c:25:6a:13 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIDUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTA4MjYw NTE1MzZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDEzNzNEQzhENDNGQzBE ODI2NERDQkZDRkFGQzk5MjA2RDExQzg4MjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDt1ZYtPbMv+NiXl+CKbvVA6UMDhpCZfS1GbVbFQUFnk8EEx8RL XPJkFJ65PgSzBU5WSCiApPN9GmFP10ajl4st2OrKC9IgaFFj81JM3Mk5UGVwX52x mfI5Xpl6+Ciu0qw40QWTWEcz0F7JCFblU772zmEMdvmvsRGZtxRhXyPAhOus0LU5 UxZILxpOs9Oa+GcMqu3Eu49Wl2mBYu8NYmmj8qPt7VrEEKFsktadI9PS1i8laHn7 r8WAgBNLof4JzpZgFg9bHrLHuxabYEGhEIxM1m3kiIjBpfYY6QY//u5kgsfRkrvJ sb6i4vLWmGW3e62qQpcgqbEFspOdoyx+F+e7AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUE3PcjUP8DYJk3L/Pr8mSBtEciCQwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow 7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL0UzUGNqVVA4RFlKazNM X1ByOG1TQnRFY2lDUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn6+wwDQYJKoZIhvcNAQELBQADggEBAITHtGNoiG2Uu+l0kIVXhGBtChfa40tU kqGOEZMxpQiG3kUKGH2HcmzW6fIsUIIS12RDt7Vcdl7KvUWHhT9i6sK7EYXC4B0n XhzFh2pTK7F8ghpxy5gKyfaQQZAzCL4iuUEnCLc0QovBtxaOfKRc6+w+APUidUOV V4MzR/g6xhLGQnF7SGEo+dBGKberjuezsOO0HZvOs2YwKuqj3qmGw0kbSeRPWT3B ieHXyVcHRrfDsgn09/35QgJ/mOQprf2xIts84sEv9fE1YHbd/0I6s6A21SXSv4Zu lLPUfEaz9UI1dz6iCnA7Q12gBx6q2DNGqjrpuXQox3v408bJj0wlahM= -----END CERTIFICATE-----Generated at Sun Sep 7 03:29:22 2025 by rpki-client