$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/RltnDJmFrF5SbAmnOorQ5hlYLoQ.roa File: RltnDJmFrF5SbAmnOorQ5hlYLoQ.roa (raw, json) Hash identifier: qqSgqwqswiSIApB5OjEZJdz5Y/FFx3JpkDGiZZqKd04= Subject key identifier: 46:5B:67:0C:99:85:AC:5E:52:6C:09:A7:3A:8A:D0:E6:19:58:2E:84 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 2197 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/RltnDJmFrF5SbAmnOorQ5hlYLoQ.roa Signing time: Fri 29 Aug 2025 09:05:30 +0000 ROA not before: Fri 29 Aug 2025 09:05:30 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 23724 IP address blocks: 101.237.37.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 16:34:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8599 (0x2197) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:30 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=465B670C9985AC5E526C09A73A8AD0E619582E84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:00:f2:7b:d8:6d:58:91:e8:e8:10:2e:19:11: 55:f2:0a:2a:19:23:04:a0:d3:06:5f:84:5d:84:7b: 8f:a6:5f:bd:fb:3c:42:45:88:d2:e4:28:67:a2:48: 3c:d7:8b:3d:69:2c:47:a6:db:4a:9c:d0:d5:7a:6f: 21:f5:0e:19:06:71:21:2b:f6:28:8a:81:27:7b:41: 45:b4:fb:16:af:de:e0:77:d0:6c:db:40:01:16:91: bb:ef:6f:d7:27:6d:6c:dd:10:b1:00:25:03:75:53: 92:a4:81:c2:73:ac:43:a6:a7:1c:f3:2d:03:22:44: 97:af:fe:0f:43:c4:7a:3b:f8:16:7d:2d:86:8e:e4: ae:c1:25:35:39:9e:bc:8e:c3:36:69:c1:0c:c8:1d: bf:91:6c:a2:19:68:51:fa:41:3e:3d:d5:3e:54:6a: 0e:d2:5b:71:d1:75:50:25:5b:46:31:ec:d8:21:fa: f9:f5:dd:bd:8f:fd:f0:32:4b:a5:e9:6c:d7:78:1a: 13:aa:42:bf:84:f8:2e:41:16:a0:c2:80:93:70:d9: 0a:e1:ec:d7:3e:d0:82:0f:8f:99:24:a8:3d:26:0d: 68:ee:96:06:43:d8:81:29:8e:54:c0:44:cb:cb:0a: e0:9f:a5:10:43:ad:b2:2f:f7:22:d8:d5:1d:11:71: b1:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:5B:67:0C:99:85:AC:5E:52:6C:09:A7:3A:8A:D0:E6:19:58:2E:84 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/RltnDJmFrF5SbAmnOorQ5hlYLoQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.237.37.0/24 Signature Algorithm: sha256WithRSAEncryption b9:0f:b6:a1:6e:84:a0:96:3f:e4:b9:c7:c3:da:41:d7:ba:a6: a3:a5:96:68:c3:e7:b1:5a:08:93:3f:e9:94:1c:22:29:78:83: 6e:cb:a6:ed:67:ad:da:4e:14:0a:20:f5:60:d1:92:d3:8c:48: a2:7e:d4:c4:e9:4b:64:6d:08:a0:c5:21:4a:9c:69:5a:ca:06: 5f:cf:f3:b4:a7:de:2d:f0:bf:b5:2b:aa:29:4c:ed:46:c7:89: 71:ec:4a:f4:03:bd:62:9b:37:f4:52:d6:26:ae:cd:f5:c8:50: 59:8b:5c:98:4c:60:ef:61:76:d7:a5:a3:65:60:4a:36:d7:59: 6e:03:e1:8b:14:9f:3f:45:92:d6:56:f6:87:8b:4e:a3:43:2e: cf:71:85:ea:f6:95:b6:dd:dc:de:75:e8:01:9c:7e:bc:9e:00: 6b:f4:d3:29:7b:5d:07:bb:89:ef:3e:8a:d2:95:d3:e1:c1:c1: c5:c9:c3:6c:f3:4a:b4:70:d9:af:06:b4:17:20:9e:da:cd:91: 67:43:8b:d3:ad:3e:11:a3:db:33:79:c7:9c:6f:87:fc:9e:bc: f8:57:f1:b1:5a:62:c9:1b:f4:9d:d7:da:ec:b6:03:a6:a6:99: cc:59:8c:34:77:87:c6:be:42:3d:f4:88:7e:5e:48:f5:2a:04: ba:6b:2e:2c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIZcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MzBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQ2NUI2NzBDOTk4NUFD NUU1MjZDMDlBNzNBOEFEMEU2MTk1ODJFODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxAPJ72G1YkejoEC4ZEVXyCioZIwSg0wZfhF2Ee4+mX737PEJF iNLkKGeiSDzXiz1pLEem20qc0NV6byH1DhkGcSEr9iiKgSd7QUW0+xav3uB30Gzb QAEWkbvvb9cnbWzdELEAJQN1U5KkgcJzrEOmpxzzLQMiRJev/g9DxHo7+BZ9LYaO 5K7BJTU5nryOwzZpwQzIHb+RbKIZaFH6QT491T5Uag7SW3HRdVAlW0Yx7Ngh+vn1 3b2P/fAyS6XpbNd4GhOqQr+E+C5BFqDCgJNw2Qrh7Nc+0IIPj5kkqD0mDWjulgZD 2IEpjlTARMvLCuCfpRBDrbIv9yLY1R0RcbH1AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQURltnDJmFrF5SbAmnOorQ5hlYLoQwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L1JsdG5ESm1GckY1U2JB bW5Pb3JRNWhsWUxvUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABl7SUwDQYJKoZIhvcNAQELBQADggEBALkPtqFuhKCWP+S5x8PaQde6pqOllmjD 57FaCJM/6ZQcIil4g27Lpu1nrdpOFAog9WDRktOMSKJ+1MTpS2RtCKDFIUqcaVrK Bl/P87Sn3i3wv7UrqilM7UbHiXHsSvQDvWKbN/RS1iauzfXIUFmLXJhMYO9hdtel o2VgSjbXWW4D4YsUnz9FktZW9oeLTqNDLs9xher2lbbd3N516AGcfryeAGv00yl7 XQe7ie8+itKV0+HBwcXJw2zzSrRw2a8GtBcgntrNkWdDi9OtPhGj2zN5x5xvh/ye vPhX8bFaYskb9J3X2uy2A6ammcxZjDR3h8a+Qj30iH5eSPUqBLprLiw= -----END CERTIFICATE-----Generated at Mon Sep 8 13:35:12 2025 by rpki-client