$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/y3WlS33-CdPsqQqO6-vEHE80578.roa File: y3WlS33-CdPsqQqO6-vEHE80578.roa (raw, json) Hash identifier: msBz6aTs9QhQj+Pvoo1qGkz0AIsNAfXgZ/vrSL70HM8= Subject key identifier: CB:75:A5:4B:7D:FE:09:D3:EC:A9:0A:8E:EB:EB:C4:1C:4F:34:E7:BF Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 21A3 Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/y3WlS33-CdPsqQqO6-vEHE80578.roa Signing time: Fri 29 Aug 2025 09:05:32 +0000 ROA not before: Fri 29 Aug 2025 09:05:32 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 17621 IP address blocks: 113.31.112.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 06:34:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8611 (0x21a3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Aug 29 09:05:32 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CB75A54B7DFE09D3ECA90A8EEBEBC41C4F34E7BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:6f:3c:95:9b:a8:29:0b:af:85:bb:b8:b4:c7: 1e:7f:77:07:f0:22:44:db:db:e3:1f:c6:f5:1a:bd: fe:12:2f:79:6d:6b:19:cb:78:c4:49:be:11:b2:62: 63:f4:41:74:36:03:36:55:de:16:42:3d:22:2f:59: 19:de:8e:ca:02:be:b4:b7:b6:79:8d:25:f6:bb:98: 03:51:9d:cd:5b:03:ac:d5:ad:72:cb:34:d6:11:d2: 54:c9:06:cb:7c:a3:fe:4e:ad:71:62:2a:b9:af:a3: ad:d0:95:a9:4d:34:51:0f:97:73:81:8c:07:00:1c: 2a:1f:81:57:f4:76:fb:36:41:b2:1b:68:89:e0:92: 51:80:e6:91:bd:be:bf:f3:a0:47:73:bf:a4:41:36: f8:4e:d3:a7:63:ca:c1:e5:48:a4:93:e2:99:d3:29: 86:11:d4:22:41:d6:b6:21:18:ee:21:07:25:79:9c: 9a:2c:e0:cb:f8:77:37:56:d0:d3:59:d9:6e:d5:3c: 88:63:44:87:52:b8:7a:3c:43:67:5d:db:fe:04:d7: 7e:bf:41:b9:db:bc:84:1e:8e:b2:6e:46:d0:06:60: f8:f8:5f:7c:9d:b9:73:bd:58:1f:ca:0e:cc:45:1b: ee:a8:3b:57:d6:0e:88:ab:a0:9f:0b:03:d5:e9:f2: 0e:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:75:A5:4B:7D:FE:09:D3:EC:A9:0A:8E:EB:EB:C4:1C:4F:34:E7:BF X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/y3WlS33-CdPsqQqO6-vEHE80578.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.31.112.0/20 Signature Algorithm: sha256WithRSAEncryption ad:cc:e1:52:22:b6:d2:4a:74:9b:7f:8d:74:97:db:26:dc:80: e6:a2:6a:e0:ea:30:00:de:02:3c:62:ca:05:50:28:c8:dd:87: 58:11:37:6c:07:5f:05:8a:c2:73:6c:84:eb:b0:d1:53:aa:37: c8:65:1d:0c:3b:07:43:d1:4d:f9:1b:69:56:c9:03:43:3f:06: 01:ee:73:e2:f8:49:98:d0:ee:17:a4:76:1e:c2:de:e0:62:1e: 8c:4c:a6:df:d2:2a:f7:d2:e9:95:01:8a:81:38:60:4e:43:d3: 8e:37:52:01:98:c5:51:c4:da:c4:79:54:3c:b9:4e:b2:c3:b0: 6e:c7:8a:3c:40:9a:f0:a3:34:28:b3:91:de:c4:6d:84:88:80: 2e:c2:d5:7c:e6:5f:5e:c0:37:77:b0:d5:ae:15:03:aa:45:17: b3:20:fd:18:26:94:11:08:39:81:4c:08:16:e2:33:42:30:5b: 88:64:ea:58:9e:fe:8c:1b:ca:5d:0b:1a:b3:1c:0e:bd:ad:b6: 7f:b0:d2:48:88:93:34:40:9d:a4:02:3e:49:e0:d3:72:cb:91: ec:cb:d9:62:e2:fe:2d:59:18:bb:35:e1:04:ed:48:69:e6:27: 7f:fc:6e:f8:a6:ce:a0:cc:87:72:98:73:bf:7e:b1:1b:46:1b: 4b:9b:04:63 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICIaMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTA4Mjkw OTA1MzJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENCNzVBNTRCN0RGRTA5 RDNFQ0E5MEE4RUVCRUJDNDFDNEYzNEU3QkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDabzyVm6gpC6+Fu7i0xx5/dwfwIkTb2+MfxvUavf4SL3ltaxnL eMRJvhGyYmP0QXQ2AzZV3hZCPSIvWRnejsoCvrS3tnmNJfa7mANRnc1bA6zVrXLL NNYR0lTJBst8o/5OrXFiKrmvo63QlalNNFEPl3OBjAcAHCofgVf0dvs2QbIbaIng klGA5pG9vr/zoEdzv6RBNvhO06djysHlSKST4pnTKYYR1CJB1rYhGO4hByV5nJos 4Mv4dzdW0NNZ2W7VPIhjRIdSuHo8Q2dd2/4E136/QbnbvIQejrJuRtAGYPj4X3yd uXO9WB/KDsxFG+6oO1fWDoiroJ8LA9Xp8g45AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUy3WlS33+CdPsqQqO6+vEHE80578wHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3kzV2xTMzMtQ2RQc3FR cU82LXZFSEU4MDU3OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARxH3AwDQYJKoZIhvcNAQELBQADggEBAK3M4VIittJKdJt/jXSX2ybcgOaiauDq MADeAjxiygVQKMjdh1gRN2wHXwWKwnNshOuw0VOqN8hlHQw7B0PRTfkbaVbJA0M/ BgHuc+L4SZjQ7hekdh7C3uBiHoxMpt/SKvfS6ZUBioE4YE5D0443UgGYxVHE2sR5 VDy5TrLDsG7HijxAmvCjNCizkd7EbYSIgC7C1XzmX17AN3ew1a4VA6pFF7Mg/Rgm lBEIOYFMCBbiM0IwW4hk6lie/owbyl0LGrMcDr2ttn+w0kiIkzRAnaQCPkng03LL kezL2WLi/i1ZGLs14QTtSGnmJ3/8bvimzqDMh3KYc79+sRtGG0ubBGM= -----END CERTIFICATE-----Generated at Tue Sep 9 04:05:06 2025 by rpki-client