$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/-IUqExRKP7y5gWIPx4AoNjI_Wd0.roa File: -IUqExRKP7y5gWIPx4AoNjI_Wd0.roa (raw, json) Hash identifier: Ydcg4RZOlBxu9R7/CENxNwNoHQ112Uy16IALUJ858yY= Subject key identifier: F8:85:2A:13:14:4A:3F:BC:B9:81:62:0F:C7:80:28:36:32:3F:59:DD Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Certificate serial: 07B0 Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/-IUqExRKP7y5gWIPx4AoNjI_Wd0.roa Signing time: Thu 17 Jul 2025 05:49:01 +0000 ROA not before: Thu 17 Jul 2025 05:49:01 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146761 IP address blocks: 103.2.158.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 12:41:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1968 (0x7b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Validity Not Before: Jul 17 05:49:01 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=F8852A13144A3FBCB981620FC7802836323F59DD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:2d:95:ea:bd:f8:59:03:42:3c:13:ab:3b:d2: 54:d4:1f:c2:5a:2e:cb:ac:51:88:c9:07:23:a8:ed: e5:c4:64:7b:30:9f:53:dd:0a:e7:87:4c:bc:75:0c: cf:b2:f1:4c:e3:ec:93:87:a7:d2:ea:3e:23:fe:b5: a5:05:83:3f:67:75:80:4d:9d:b4:cf:38:d5:06:b8: bc:08:09:63:64:d7:8d:a7:21:e3:e2:c0:f1:76:70: ed:e8:bf:d1:d5:a9:0a:46:82:6c:cb:98:5e:c6:20: 96:1d:76:62:a3:7d:28:d4:13:c0:03:0b:79:b2:c3: 15:15:e9:ce:46:be:db:48:7b:2f:42:f8:80:cd:8e: 82:4d:ff:60:be:eb:5b:61:a4:56:c4:0f:b6:1d:2c: 17:16:23:a5:bb:86:e0:87:5e:39:1f:09:81:cc:50: 99:bc:a8:9d:e0:8e:69:46:04:db:01:83:17:dd:48: a2:76:18:f7:7b:77:2b:d7:68:a9:23:47:2a:99:81: 95:8d:ef:6b:1a:bb:39:d7:5c:29:79:30:51:e6:1a: 4d:14:26:1c:f5:49:d0:88:67:83:bc:76:61:fa:d9: 2f:78:11:f3:63:c0:a5:8e:58:f3:03:46:fb:60:04: 69:85:18:77:08:b9:d3:e4:15:e5:57:d4:12:cc:2e: 0f:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:85:2A:13:14:4A:3F:BC:B9:81:62:0F:C7:80:28:36:32:3F:59:DD X509v3 Authority Key Identifier: keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/-IUqExRKP7y5gWIPx4AoNjI_Wd0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.2.158.0/23 Signature Algorithm: sha256WithRSAEncryption 4d:b8:9a:7a:b4:c1:7c:15:55:e4:40:04:14:c5:75:5f:3c:09: e5:5e:1f:54:a1:95:e2:4e:3c:f7:3e:7d:44:0e:09:fc:74:62: c3:cf:5c:2a:4c:cf:f7:26:c9:16:bd:7a:ba:14:9d:dd:54:4c: ff:76:3e:52:00:b1:cc:ef:44:4f:79:57:c0:a9:ec:82:f9:0c: fe:f7:4b:f3:2f:03:dc:9e:ea:03:33:eb:0c:01:c4:5f:32:c5: 17:c5:66:8b:31:42:ed:aa:65:63:c5:29:f5:d6:2e:a0:a8:26: f1:7c:6c:53:d8:2b:6f:65:2b:9f:40:b5:b8:ae:a0:e6:49:0e: 7c:d1:4a:9a:ec:35:af:fb:10:cf:5d:57:d1:eb:92:14:94:36: 77:1c:31:83:f5:90:4c:0b:87:a9:60:a8:fe:5b:e7:67:97:63: b2:9c:0a:ef:dc:ae:ca:7e:f7:80:a1:54:b2:53:c6:d8:a7:fe: c9:02:fe:3f:39:87:ad:19:30:c6:d9:27:41:37:65:3b:e2:4b: 55:7d:e3:9f:e2:92:9a:dc:fc:3e:d9:d7:7e:8f:2a:a4:8b:3c: 17:47:e9:76:49:e9:aa:9b:93:69:8b:41:6d:77:a5:17:c8:52: 1f:b9:33:2e:a1:0e:c4:b4:7b:bd:64:e8:98:93:24:7d:92:dc: 36:17:ec:45 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICB7AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNTA3MTcw NTQ5MDFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEY4ODUyQTEzMTQ0QTNG QkNCOTgxNjIwRkM3ODAyODM2MzIzRjU5REQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4LZXqvfhZA0I8E6s70lTUH8JaLsusUYjJByOo7eXEZHswn1Pd CueHTLx1DM+y8Uzj7JOHp9LqPiP+taUFgz9ndYBNnbTPONUGuLwICWNk142nIePi wPF2cO3ov9HVqQpGgmzLmF7GIJYddmKjfSjUE8ADC3mywxUV6c5GvttIey9C+IDN joJN/2C+61thpFbED7YdLBcWI6W7huCHXjkfCYHMUJm8qJ3gjmlGBNsBgxfdSKJ2 GPd7dyvXaKkjRyqZgZWN72sauznXXCl5MFHmGk0UJhz1SdCIZ4O8dmH62S94EfNj wKWOWPMDRvtgBGmFGHcIudPkFeVX1BLMLg9rAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU+IUqExRKP7y5gWIPx4AoNjI/Wd0wHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvLUlVcUV4UktQN3k1 Z1dJUHg0QW9OaklfV2QwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWcCnjANBgkqhkiG9w0BAQsFAAOCAQEATbiaerTBfBVV5EAEFMV1XzwJ5V4f VKGV4k489z59RA4J/HRiw89cKkzP9ybJFr16uhSd3VRM/3Y+UgCxzO9ET3lXwKns gvkM/vdL8y8D3J7qAzPrDAHEXzLFF8VmizFC7aplY8Up9dYuoKgm8XxsU9grb2Ur n0C1uK6g5kkOfNFKmuw1r/sQz11X0euSFJQ2dxwxg/WQTAuHqWCo/lvnZ5djspwK 79yuyn73gKFUslPG2Kf+yQL+PzmHrRkwxtknQTdlO+JLVX3jn+KSmtz8PtnXfo8q pIs8F0fpdknpqpuTaYtBbXelF8hSH7kzLqEOxLR7vWTomJMkfZLcNhfsRQ== -----END CERTIFICATE-----Generated at Sun Jul 20 12:41:12 2025 by rpki-client