$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3331/Ys2nhSycv6NRYM6jWyuoIMv_vis.roa File: Ys2nhSycv6NRYM6jWyuoIMv_vis.roa (raw, json) Hash identifier: W5cyuGnXu8eMKmG3Umq71Yhc6fLj1DCdrbEAqM/j5Bk= Subject key identifier: 62:CD:A7:85:2C:9C:BF:A3:51:60:CE:A3:5B:2B:A8:20:CB:FF:BE:2B Certificate issuer: /CN=2EC2CCB83DDFBF43332266B76A6221362143E365 Certificate serial: 0551 Authority key identifier: 2E:C2:CC:B8:3D:DF:BF:43:33:22:66:B7:6A:62:21:36:21:43:E3:65 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LsLMuD3fv0MzIma3amIhNiFD42U.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3331/Ys2nhSycv6NRYM6jWyuoIMv_vis.roa Signing time: Sun 24 Aug 2025 14:15:44 +0000 ROA not before: Sun 24 Aug 2025 14:15:44 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4816 IP address blocks: 103.109.20.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3331/LsLMuD3fv0MzIma3amIhNiFD42U.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3331/LsLMuD3fv0MzIma3amIhNiFD42U.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LsLMuD3fv0MzIma3amIhNiFD42U.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 01:05:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1361 (0x551) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2EC2CCB83DDFBF43332266B76A6221362143E365 Validity Not Before: Aug 24 14:15:44 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=62CDA7852C9CBFA35160CEA35B2BA820CBFFBE2B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:17:08:15:59:6a:ec:ae:85:62:45:0a:5a:63: 1b:70:41:44:e9:89:fb:7a:03:74:19:31:48:1f:b5: 14:a9:e3:ac:e3:70:11:7d:93:81:c0:cc:e3:8d:c2: 53:8b:e4:57:ce:fa:fc:d0:1b:56:54:74:1d:47:1a: 74:b4:da:b1:08:94:4f:40:68:8a:23:09:2f:71:68: fc:a8:d2:ce:69:44:07:41:62:7a:f4:ef:98:6f:3b: 5e:ae:a3:43:5a:1a:6e:bd:7b:06:e3:9e:26:9a:85: 07:0a:fb:15:38:a6:60:a2:71:59:7a:5a:d6:e7:23: 09:98:d7:64:c9:e7:e3:b9:9f:98:e2:4e:0a:0b:8c: 89:9b:c1:85:1c:b5:7d:b4:85:ca:b1:4e:b1:6e:4a: 38:ce:e2:a9:95:55:83:43:e7:02:f7:ff:d5:39:d2: c8:49:9c:36:c0:5e:1a:8f:86:74:26:b8:bf:f6:c8: 82:89:23:48:8b:db:cf:a6:96:38:aa:43:7d:3c:4f: 30:b7:52:b7:82:ca:6c:ef:78:90:80:b3:fc:58:70: 69:27:02:9f:cb:a7:56:65:87:b2:1f:1e:c3:f8:e2: fb:8c:4b:1b:e4:05:a0:c8:58:bf:a3:c6:41:28:c5: e6:87:80:4d:57:b1:b0:db:4d:6c:a9:85:aa:59:40: 5b:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:CD:A7:85:2C:9C:BF:A3:51:60:CE:A3:5B:2B:A8:20:CB:FF:BE:2B X509v3 Authority Key Identifier: keyid:2E:C2:CC:B8:3D:DF:BF:43:33:22:66:B7:6A:62:21:36:21:43:E3:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3331/LsLMuD3fv0MzIma3amIhNiFD42U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LsLMuD3fv0MzIma3amIhNiFD42U.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3331/Ys2nhSycv6NRYM6jWyuoIMv_vis.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.109.20.0/22 Signature Algorithm: sha256WithRSAEncryption 0f:d7:1e:96:62:d6:2e:5f:f0:b4:f9:91:74:ac:be:36:23:21: e8:c8:57:82:90:60:42:83:41:a0:25:bd:37:e7:64:9b:85:a7: 17:52:0c:f1:85:7a:e7:ee:e7:9a:38:59:60:f2:df:fe:a8:f5: bf:aa:83:7b:7b:d5:4a:c1:06:6b:56:f1:a8:ab:02:63:f7:9a: 8a:23:81:8a:de:fa:2a:bd:4d:75:92:12:21:38:13:e5:ac:82: e1:20:04:19:50:3a:76:7b:60:98:5c:bd:39:37:b6:4f:dd:58: e0:74:f1:42:15:12:87:87:68:5c:9f:78:33:c1:a8:ec:66:1b: a8:3a:b9:45:55:33:05:0a:84:17:c1:ae:4c:20:02:aa:d7:8c: d6:1a:bd:27:19:22:1d:65:6b:89:15:19:f6:dd:7f:72:96:50: 93:8e:9b:66:bd:0b:c0:cb:f5:7a:d2:d9:d3:21:aa:09:a5:91: 91:62:1c:12:74:6d:aa:f5:31:57:ef:1d:53:c6:5c:96:36:40: f8:0a:c5:24:64:32:de:6e:31:3f:f6:7c:bd:60:5d:b1:b4:74: 2a:a0:80:3b:13:2e:16:f9:3a:2c:53:f7:cf:ce:85:43:ff:37: e4:8b:35:36:4c:c8:12:0b:7a:9a:06:5e:8d:7e:94:f1:0c:bd: 41:65:7b:0f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBVEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkVD MkNDQjgzRERGQkY0MzMzMjI2NkI3NkE2MjIxMzYyMTQzRTM2NTAeFw0yNTA4MjQx NDE1NDRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDYyQ0RBNzg1MkM5Q0JG QTM1MTYwQ0VBMzVCMkJBODIwQ0JGRkJFMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEFwgVWWrsroViRQpaYxtwQUTpift6A3QZMUgftRSp46zjcBF9 k4HAzOONwlOL5FfO+vzQG1ZUdB1HGnS02rEIlE9AaIojCS9xaPyo0s5pRAdBYnr0 75hvO16uo0NaGm69ewbjniaahQcK+xU4pmCicVl6WtbnIwmY12TJ5+O5n5jiTgoL jImbwYUctX20hcqxTrFuSjjO4qmVVYND5wL3/9U50shJnDbAXhqPhnQmuL/2yIKJ I0iL28+mljiqQ308TzC3UreCymzveJCAs/xYcGknAp/Lp1Zlh7IfHsP44vuMSxvk BaDIWL+jxkEoxeaHgE1XsbDbTWyphapZQFv9AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUYs2nhSycv6NRYM6jWyuoIMv/viswHwYDVR0jBBgwFoAULsLMuD3fv0MzIma3 amIhNiFD42UwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMz MS9Mc0xNdUQzZnYwTXpJbWEzYW1JaE5pRkQ0MlUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0xzTE11RDNmdjBNekltYTNhbUloTmlGRDQyVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMzEvWXMybmhTeWN2Nk5S WU02ald5dW9JTXZfdmlzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdtFDANBgkqhkiG9w0BAQsFAAOCAQEAD9celmLWLl/wtPmRdKy+NiMh6MhX gpBgQoNBoCW9N+dkm4WnF1IM8YV65+7nmjhZYPLf/qj1v6qDe3vVSsEGa1bxqKsC Y/eaiiOBit76Kr1NdZISITgT5ayC4SAEGVA6dntgmFy9OTe2T91Y4HTxQhUSh4do XJ94M8Go7GYbqDq5RVUzBQqEF8GuTCACqteM1hq9JxkiHWVriRUZ9t1/cpZQk46b Zr0LwMv1etLZ0yGqCaWRkWIcEnRtqvUxV+8dU8ZcljZA+ArFJGQy3m4xP/Z8vWBd sbR0KqCAOxMuFvk6LFP3z86FQ/835Is1NkzIEgt6mgZejX6U8Qy9QWV7Dw== -----END CERTIFICATE-----Generated at Mon Sep 8 22:29:20 2025 by rpki-client