$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/yJkdqV4x_br63OEb6iTa4wbddpk.roa File: yJkdqV4x_br63OEb6iTa4wbddpk.roa (raw, json) Hash identifier: 2zxCwWSRnbEv9aiwQc0ehVDbox1n5X7vLejzeXie0mo= Subject key identifier: C8:99:1D:A9:5E:31:FD:BA:FA:DC:E1:1B:EA:24:DA:E3:06:DD:76:99 Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Certificate serial: 2031 Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/yJkdqV4x_br63OEb6iTa4wbddpk.roa Signing time: Tue 26 Aug 2025 05:12:01 +0000 ROA not before: Tue 26 Aug 2025 05:12:01 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4808 IP address blocks: 103.235.224.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 04:06:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8241 (0x2031) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Validity Not Before: Aug 26 05:12:01 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C8991DA95E31FDBAFADCE11BEA24DAE306DD7699 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:e2:45:90:fe:ec:60:31:06:85:ec:19:5a:9a: f5:19:10:d2:0f:6f:b1:39:89:23:86:95:af:19:a7: 11:24:8a:f8:07:14:dc:d2:32:dd:e5:c4:69:9f:b8: 63:de:ad:79:be:7e:b1:2f:21:69:2f:3e:74:d6:46: 35:f6:89:31:c8:c5:99:8f:5a:6e:fb:f2:76:71:2b: 8c:a5:5d:46:77:e6:34:76:cf:d2:02:c6:61:32:d8: ca:32:2d:3c:61:bf:a4:9c:83:18:cf:04:19:dd:9f: f8:12:0e:3f:f8:d0:8b:10:82:04:a6:bd:30:27:f9: 67:c2:ae:e6:cb:c8:15:bd:0c:52:a1:50:6c:cb:64: f5:dd:07:08:68:4d:a3:7b:e7:87:1f:fb:bf:ea:40: ab:50:dc:dc:94:d8:65:bc:9d:6a:0a:b6:e2:f5:1a: 77:6d:25:49:8d:29:7f:99:4f:d5:c6:3a:d3:22:1f: d5:0c:e0:88:3a:bb:87:fc:76:47:0d:21:fc:9b:b5: d3:04:63:a2:ca:db:b9:a8:cc:49:77:91:4f:03:f6: 85:45:02:1d:48:d5:96:c2:74:eb:98:c3:da:c2:9f: 1b:76:36:27:7e:aa:9d:eb:2f:65:34:69:49:59:4e: b4:32:eb:20:a7:51:55:26:83:cc:97:a2:30:7c:cd: 91:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:99:1D:A9:5E:31:FD:BA:FA:DC:E1:1B:EA:24:DA:E3:06:DD:76:99 X509v3 Authority Key Identifier: keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/yJkdqV4x_br63OEb6iTa4wbddpk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.235.224.0/22 Signature Algorithm: sha256WithRSAEncryption 17:f7:2d:0a:60:84:91:8c:46:72:d5:7a:fd:45:80:2d:6c:2c: d3:ab:b1:30:69:b6:5b:f9:6e:9c:fc:52:ea:44:44:83:c2:21: 99:ae:eb:4a:55:e0:86:93:90:ab:26:5e:6f:f7:24:5b:f3:03: e0:d2:1f:2b:67:02:e6:50:5c:12:47:dd:ff:db:1a:76:49:6b: bb:c5:02:f7:89:45:6c:e0:a9:73:6a:99:a3:87:f4:d1:67:d0: 7e:1a:fa:04:5a:f8:8c:90:e4:56:43:e3:19:23:88:fd:a2:cc: cf:98:3c:26:c6:a5:dd:c3:55:8f:36:1c:9b:d8:3b:0a:fb:0a: e6:fb:fa:04:44:9b:87:24:c9:4e:e3:ec:cd:3b:11:1a:89:d1: b1:95:e0:af:6f:54:46:c2:9e:2c:69:05:3c:dd:0c:a3:67:36: 68:c2:12:6e:e0:70:17:09:c7:a6:a8:3f:85:2c:60:b1:57:41: ca:db:e2:1d:2b:69:d4:3c:99:d9:f5:be:bb:44:10:0d:06:18: ad:0c:64:84:ef:18:ee:0d:37:7c:13:13:25:4b:62:da:68:57: e5:f3:94:06:3f:ce:d3:fa:38:73:ab:32:9f:c1:0a:d9:cc:e4: ff:67:74:9f:ba:76:2b:83:5c:4c:32:da:22:8a:b8:e3:d0:39: 99:39:44:21 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIDEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTA4MjYw NTEyMDFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEM4OTkxREE5NUUzMUZE QkFGQURDRTExQkVBMjREQUUzMDZERDc2OTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCo4kWQ/uxgMQaF7BlamvUZENIPb7E5iSOGla8ZpxEkivgHFNzS Mt3lxGmfuGPerXm+frEvIWkvPnTWRjX2iTHIxZmPWm778nZxK4ylXUZ35jR2z9IC xmEy2MoyLTxhv6ScgxjPBBndn/gSDj/40IsQggSmvTAn+WfCrubLyBW9DFKhUGzL ZPXdBwhoTaN754cf+7/qQKtQ3NyU2GW8nWoKtuL1GndtJUmNKX+ZT9XGOtMiH9UM 4Ig6u4f8dkcNIfybtdMEY6LK27mozEl3kU8D9oVFAh1I1ZbCdOuYw9rCnxt2Nid+ qp3rL2U0aUlZTrQy6yCnUVUmg8yXojB8zZGJAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUyJkdqV4x/br63OEb6iTa4wbddpkwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow 7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL3lKa2RxVjR4X2JyNjNP RWI2aVRhNHdiZGRway5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn6+AwDQYJKoZIhvcNAQELBQADggEBABf3LQpghJGMRnLVev1FgC1sLNOrsTBp tlv5bpz8UupERIPCIZmu60pV4IaTkKsmXm/3JFvzA+DSHytnAuZQXBJH3f/bGnZJ a7vFAveJRWzgqXNqmaOH9NFn0H4a+gRa+IyQ5FZD4xkjiP2izM+YPCbGpd3DVY82 HJvYOwr7Cub7+gREm4ckyU7j7M07ERqJ0bGV4K9vVEbCnixpBTzdDKNnNmjCEm7g cBcJx6aoP4UsYLFXQcrb4h0radQ8mdn1vrtEEA0GGK0MZITvGO4NN3wTEyVLYtpo V+XzlAY/ztP6OHOrMp/BCtnM5P9ndJ+6diuDXEwy2iKKuOPQOZk5RCE= -----END CERTIFICATE-----Generated at Sun Sep 7 03:31:44 2025 by rpki-client