$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3171/1YwlzG7SVAMiL_GIZDdsZR7B5wA.roa File: 1YwlzG7SVAMiL_GIZDdsZR7B5wA.roa (raw, json) Hash identifier: U/gSMXrMfKSW4YHznPrzwscggCQatFIZj8NLRUfNXtY= Subject key identifier: D5:8C:25:CC:6E:D2:54:03:22:2F:F1:88:64:37:6C:65:1E:C1:E7:00 Certificate issuer: /CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Certificate serial: 15D8 Authority key identifier: 02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/1YwlzG7SVAMiL_GIZDdsZR7B5wA.roa Signing time: Sat 13 Sep 2025 03:03:56 +0000 ROA not before: Sat 13 Sep 2025 03:03:56 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 137443 IP address blocks: 103.139.92.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 16 Sep 2025 02:03:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5592 (0x15d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Validity Not Before: Sep 13 03:03:56 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=D58C25CC6ED25403222FF18864376C651EC1E700 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:51:1a:d6:20:55:b6:f1:29:db:ef:0d:0a:d0: 1b:c8:ca:a9:d1:99:f5:e7:96:3b:16:d2:72:5f:89: f3:36:6f:42:db:da:03:5e:fe:5d:50:65:da:47:0e: d1:f9:e5:c2:66:68:be:b5:99:44:ec:8c:fd:f0:c4: bc:d8:03:a4:c5:b2:77:73:78:ba:2f:9c:32:03:e4: c4:8a:08:d7:d9:39:0a:6b:01:fe:c1:0b:06:c4:6f: d9:18:8b:3c:fe:23:91:7d:70:d0:36:08:e0:53:a1: 06:41:28:f8:a1:99:89:cc:82:a7:7d:49:7e:d5:8a: 1c:ee:26:b8:a6:3a:a0:0a:69:42:03:20:42:20:a1: 47:4e:71:34:94:10:70:57:6b:f5:c1:29:ce:4c:11: 14:4c:5f:5b:08:04:b9:9f:fc:f1:9a:b4:5f:a8:5c: 5c:2c:84:c0:92:1d:69:06:86:53:f5:72:87:50:5a: 8c:6d:4c:a5:7b:74:fc:0d:ea:64:ae:b8:ea:a3:4d: 41:44:20:0d:ae:a3:08:10:c7:69:6d:70:9e:ea:f1: 5b:34:ec:21:9b:eb:6b:4e:ef:98:ae:03:e0:1a:38: 8d:12:14:29:ad:1d:4e:35:b1:16:bd:6d:41:7a:49: fb:6d:66:77:1c:69:52:86:36:b7:a5:37:9e:e3:02: 6d:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:8C:25:CC:6E:D2:54:03:22:2F:F1:88:64:37:6C:65:1E:C1:E7:00 X509v3 Authority Key Identifier: keyid:02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/1YwlzG7SVAMiL_GIZDdsZR7B5wA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.139.92.0/24 Signature Algorithm: sha256WithRSAEncryption 7d:67:de:fd:79:2b:22:72:3f:ca:a5:8a:ef:29:23:55:79:3e: f8:7d:4d:0c:35:d4:74:cf:74:f3:69:e4:6e:f5:8c:b3:6e:c8: 0c:0e:cf:f8:75:9e:12:1f:9a:05:b4:92:6f:46:14:98:cf:53: 11:9d:e3:80:95:6e:f4:16:90:45:64:7e:6b:af:af:9d:7c:aa: f0:ee:12:43:a3:5b:3a:09:38:2c:1a:e4:88:3e:b4:e2:f5:11: b6:d6:bb:d8:ba:74:ca:c2:c8:0f:3b:8d:dc:2c:fe:5c:1e:10: bd:be:88:87:33:00:13:fd:a8:96:d7:c7:46:c3:08:9f:a6:20: 32:da:16:82:ff:a5:44:0a:ba:6b:72:65:73:fd:50:e1:cf:3e: 7c:f8:ef:78:b4:84:02:85:0b:f0:bd:77:4d:bc:45:c2:06:f3: 81:a3:e3:e3:91:9f:6f:9f:82:1e:f7:27:6c:43:21:d4:38:92: 82:04:9d:43:e4:57:74:69:c9:fe:12:26:7e:ad:c3:75:d5:0c: e3:f1:ed:a8:ab:0d:e0:70:9e:c8:7a:b1:78:dc:94:18:8c:a4: e3:ff:89:a0:c9:13:ac:1d:74:f8:aa:b8:1e:a4:f9:97:a6:0a: 2c:f5:11:d4:f2:67:d8:db:3f:b0:b7:6e:9a:5b:8d:cc:f0:06: db:c9:fb:2c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFdgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDJG QjA1REUzQzU0NEE5RjFDMzQ0QTYzRUI1RjZDRkREMzQ4MTE1NjAeFw0yNTA5MTMw MzAzNTZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQ1OEMyNUNDNkVEMjU0 MDMyMjJGRjE4ODY0Mzc2QzY1MUVDMUU3MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCsURrWIFW28Snb7w0K0BvIyqnRmfXnljsW0nJfifM2b0Lb2gNe /l1QZdpHDtH55cJmaL61mUTsjP3wxLzYA6TFsndzeLovnDID5MSKCNfZOQprAf7B CwbEb9kYizz+I5F9cNA2COBToQZBKPihmYnMgqd9SX7VihzuJrimOqAKaUIDIEIg oUdOcTSUEHBXa/XBKc5MERRMX1sIBLmf/PGatF+oXFwshMCSHWkGhlP1codQWoxt TKV7dPwN6mSuuOqjTUFEIA2uowgQx2ltcJ7q8Vs07CGb62tO75iuA+AaOI0SFCmt HU41sRa9bUF6SfttZnccaVKGNrelN57jAm1fAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU1YwlzG7SVAMiL/GIZDdsZR7B5wAwHwYDVR0jBBgwFoAUAvsF3jxUSp8cNEpj 619s/dNIEVYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE3 MS9BdnNGM2p4VVNwOGNORXBqNjE5c19kTklFVlkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0F2c0YzanhVU3A4Y05FcGo2MTlzX2ROSUVWWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNzEvMVl3bHpHN1NWQU1p TF9HSVpEZHNaUjdCNXdBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGeLXDANBgkqhkiG9w0BAQsFAAOCAQEAfWfe/XkrInI/yqWK7ykjVXk++H1N DDXUdM9082nkbvWMs27IDA7P+HWeEh+aBbSSb0YUmM9TEZ3jgJVu9BaQRWR+a6+v nXyq8O4SQ6NbOgk4LBrkiD604vURtta72Lp0ysLIDzuN3Cz+XB4Qvb6IhzMAE/2o ltfHRsMIn6YgMtoWgv+lRAq6a3Jlc/1Q4c8+fPjveLSEAoUL8L13TbxFwgbzgaPj 45Gfb5+CHvcnbEMh1DiSggSdQ+RXdGnJ/hImfq3DddUM4/HtqKsN4HCeyHqxeNyU GIyk4/+JoMkTrB10+Kq4HqT5l6YKLPUR1PJn2Ns/sLdumluNzPAG28n7LA== -----END CERTIFICATE-----Generated at Tue Sep 16 01:40:54 2025 by rpki-client