$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/Tdn525gJFvoZW9r981k2VWq-c7Q.roa File: Tdn525gJFvoZW9r981k2VWq-c7Q.roa (raw, json) Hash identifier: UZ3RZdzOfHK8z9q8/v0gy/aC5DXPam8slNieg1gqXdU= Subject key identifier: 4D:D9:F9:DB:98:09:16:FA:19:5B:DA:FD:F3:59:36:55:6A:BE:73:B4 Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Certificate serial: 2024 Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/Tdn525gJFvoZW9r981k2VWq-c7Q.roa Signing time: Tue 26 Aug 2025 05:01:08 +0000 ROA not before: Tue 26 Aug 2025 05:01:08 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 56282 IP address blocks: 103.227.76.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 05:06:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8228 (0x2024) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Validity Not Before: Aug 26 05:01:08 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=4DD9F9DB980916FA195BDAFDF35936556ABE73B4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:0e:26:22:c4:87:71:1e:08:3e:d7:40:7c:45: 6f:a3:7c:15:fc:86:a3:9c:8d:e2:ca:65:26:e4:3a: d6:a0:08:93:48:12:b8:ef:e9:ee:5e:3b:2f:cb:f8: 86:36:34:74:13:ac:45:9c:11:f3:3b:99:4a:93:c3: ce:56:8e:ca:82:b8:c1:c8:22:a9:d8:f5:56:71:b3: 7c:00:51:6d:1c:b7:be:93:e8:c2:f0:5b:14:00:b5: 01:38:ce:14:12:4b:81:6b:b4:1d:82:7a:d4:6c:44: 47:f0:bb:0c:eb:62:ec:26:20:07:40:4b:b1:dc:5e: e4:b9:dd:ec:ca:fd:f3:8a:a2:61:50:fc:cb:b4:7e: fc:41:4e:63:f9:fa:c9:4b:f8:44:90:b9:b0:de:07: 02:79:01:30:c3:3b:76:4b:a5:97:4f:91:ef:9b:c6: 62:01:d2:04:7f:9e:30:de:5a:4c:e7:25:e0:4d:45: c4:7d:ae:3c:21:42:2a:33:2d:70:8c:d1:22:95:3f: 3d:f5:85:e9:36:75:9d:11:16:61:1b:f0:75:63:16: 0b:16:fa:40:4c:58:79:70:f7:bd:e8:e6:2b:d2:d8: 5a:ab:15:1e:99:2c:58:84:0a:9e:f8:0a:6c:15:2e: 5b:19:b2:2f:56:2f:0b:37:90:fe:7c:77:d4:63:3b: 40:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:D9:F9:DB:98:09:16:FA:19:5B:DA:FD:F3:59:36:55:6A:BE:73:B4 X509v3 Authority Key Identifier: keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/Tdn525gJFvoZW9r981k2VWq-c7Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.227.76.0/22 Signature Algorithm: sha256WithRSAEncryption bc:7d:cc:a2:a4:89:2e:66:22:10:14:5f:a1:7a:04:31:a2:e8: bb:6b:22:f9:e6:25:ae:e6:a6:d7:49:88:26:0d:e6:b3:dc:09: fb:71:e0:3e:7d:2d:96:cf:9e:1d:bc:9c:df:06:23:f3:8f:41: 98:3b:08:35:26:2d:45:9a:d0:1a:d0:38:e6:32:70:bc:96:02: c2:9d:0f:31:91:70:90:a3:21:28:8b:4c:54:99:4d:3b:e7:e4: 6d:56:60:8c:a4:0a:38:26:c1:7f:3c:d9:fe:02:8c:d6:63:e9: 97:54:ff:5e:29:fb:4a:b9:18:a7:8a:e8:2e:93:fc:96:9e:39: 1e:c2:4f:72:a7:31:4a:4d:b6:7f:85:c8:49:c8:52:50:5c:37: ab:96:66:30:e0:2c:ba:de:2e:d4:d0:90:8a:c6:63:58:45:97: cc:9b:4e:59:45:71:2e:bd:34:af:f5:e1:d2:00:b0:53:39:25: 21:36:1c:7f:9b:ef:3c:07:2e:78:7f:8c:28:d7:0b:88:09:96: 55:9e:08:02:8f:2b:2d:b2:f5:50:04:80:3d:fc:02:63:19:50: c0:a3:d7:14:f3:bc:ab:32:8a:9f:cd:16:14:cb:4f:e6:ab:23: ca:4d:ed:e9:33:2e:da:65:7f:81:73:d0:1c:fb:cb:77:83:ae: 85:b8:18:59 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICICQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTA4MjYw NTAxMDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDRERDlGOURCOTgwOTE2 RkExOTVCREFGREYzNTkzNjU1NkFCRTczQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCuDiYixIdxHgg+10B8RW+jfBX8hqOcjeLKZSbkOtagCJNIErjv 6e5eOy/L+IY2NHQTrEWcEfM7mUqTw85WjsqCuMHIIqnY9VZxs3wAUW0ct76T6MLw WxQAtQE4zhQSS4FrtB2CetRsREfwuwzrYuwmIAdAS7HcXuS53ezK/fOKomFQ/Mu0 fvxBTmP5+slL+ESQubDeBwJ5ATDDO3ZLpZdPke+bxmIB0gR/njDeWkznJeBNRcR9 rjwhQiozLXCM0SKVPz31hek2dZ0RFmEb8HVjFgsW+kBMWHlw973o5ivS2FqrFR6Z LFiECp74CmwVLlsZsi9WLws3kP58d9RjO0CBAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUTdn525gJFvoZW9r981k2VWq+c7QwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow 7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL1RkbjUyNWdKRnZvWlc5 cjk4MWsyVldxLWM3US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn40wwDQYJKoZIhvcNAQELBQADggEBALx9zKKkiS5mIhAUX6F6BDGi6LtrIvnm Ja7mptdJiCYN5rPcCftx4D59LZbPnh28nN8GI/OPQZg7CDUmLUWa0BrQOOYycLyW AsKdDzGRcJCjISiLTFSZTTvn5G1WYIykCjgmwX882f4CjNZj6ZdU/14p+0q5GKeK 6C6T/JaeOR7CT3KnMUpNtn+FyEnIUlBcN6uWZjDgLLreLtTQkIrGY1hFl8ybTllF cS69NK/14dIAsFM5JSE2HH+b7zwHLnh/jCjXC4gJllWeCAKPKy2y9VAEgD38AmMZ UMCj1xTzvKsyip/NFhTLT+arI8pN7ekzLtplf4Fz0Bz7y3eDroW4GFk= -----END CERTIFICATE-----Generated at Mon Sep 8 02:38:57 2025 by rpki-client