$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2741/miGjVDXbOzQQTZP9E5umEPnWCAw.roa File: miGjVDXbOzQQTZP9E5umEPnWCAw.roa (raw, json) Hash identifier: bFWWTZfSgak8dwI4OZSJZy4GLdjg6INc4Sl9XfE3d4k= Subject key identifier: 9A:21:A3:54:35:DB:3B:34:10:4D:93:FD:13:9B:A6:10:F9:D6:08:0C Certificate issuer: /CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F Certificate serial: 105E Authority key identifier: FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/miGjVDXbOzQQTZP9E5umEPnWCAw.roa Signing time: Mon 04 Aug 2025 13:04:28 +0000 ROA not before: Mon 04 Aug 2025 13:04:28 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 21859 IP address blocks: 103.116.148.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 14:02:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4190 (0x105e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F Validity Not Before: Aug 4 13:04:28 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=9A21A35435DB3B34104D93FD139BA610F9D6080C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:c2:7d:8c:0a:9c:e9:18:ca:bb:91:87:f3:73: f6:71:d6:a4:a6:6d:30:57:33:27:75:7f:cd:21:c9: d5:81:75:96:6b:e2:84:25:33:47:99:fc:a2:2f:ab: 3b:8d:c1:04:06:dc:71:4e:d0:7f:06:e5:9f:b6:c4: 70:75:63:68:1c:7c:45:cd:39:3e:44:3f:ce:df:41: d3:5f:d7:9c:f4:68:cf:4b:11:b1:91:91:b3:e8:92: 40:01:ba:c9:8f:0e:49:6f:ea:d5:89:e7:dc:dd:ed: a9:6d:3f:a9:c1:12:65:cd:b2:93:4f:57:18:6d:c2: ce:9a:96:a3:22:17:9c:85:3b:b8:76:f9:ad:09:45: 62:9c:20:ac:a7:6e:71:ae:b8:f0:42:75:d5:eb:65: 56:19:ef:18:6f:da:3c:dd:f4:10:9f:c4:31:fe:e2: af:92:d7:4e:5f:5c:43:68:90:13:60:88:f8:f3:70: dd:f8:a1:c3:0e:3f:04:61:68:21:04:24:99:31:f6: b9:44:52:7c:1b:01:89:26:5d:d3:6c:16:81:68:39: ba:d0:0e:f2:d1:d0:29:d4:87:d9:7e:c9:9e:d7:25: f9:93:34:af:9c:83:66:a6:28:a9:77:9a:dd:22:b6: b0:b6:5e:07:10:2f:54:25:f5:7d:0c:f2:c2:07:cb: 0d:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:21:A3:54:35:DB:3B:34:10:4D:93:FD:13:9B:A6:10:F9:D6:08:0C X509v3 Authority Key Identifier: keyid:FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/miGjVDXbOzQQTZP9E5umEPnWCAw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.116.148.0/22 Signature Algorithm: sha256WithRSAEncryption 7d:10:cb:26:c9:be:e2:3d:86:53:2c:fb:fa:48:1f:df:5b:d1: f5:58:f2:5d:46:64:5c:11:1a:c2:a5:80:92:22:8b:21:a7:e9: 73:ed:5c:72:75:bb:9b:d5:bf:03:f1:d7:3d:c1:75:77:04:79: dc:2e:d1:60:8a:5d:b1:e7:51:00:42:ec:6a:61:c0:6a:33:5f: 2b:12:c2:26:38:c8:76:34:40:0a:99:bc:97:a5:39:c0:70:9e: 17:e7:f5:17:79:36:71:4e:ce:9a:b8:9e:93:0f:17:6f:ef:25: 19:ca:24:7d:0d:51:e0:ee:02:97:04:da:c8:ac:12:6d:cf:9f: 22:a2:6e:66:ec:eb:f5:52:a1:94:e3:75:32:5c:7a:7e:d9:a7: 0d:63:6f:18:bf:01:e0:e2:54:62:da:ba:ca:e0:e3:c6:f6:6c: e1:ab:80:78:30:e4:1b:6d:bc:f8:28:b8:8c:05:76:9f:cb:b3: d3:02:70:91:29:17:f7:7b:be:bf:f6:4c:73:0a:aa:a2:73:9d: 34:cd:4d:97:60:a7:d6:63:b1:13:91:09:3d:da:d2:7d:64:0e: 85:de:7f:fc:39:8d:6e:e7:a0:e0:56:62:6c:53:6c:15:1e:ba: 40:cd:0d:e3:71:05:0d:af:eb:aa:34:a5:d7:78:76:07:6b:bf: cd:15:ff:10 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkFE NkI0M0MwOUQwNDkwQTBERjdGODkxREY5RjYzQjUyMENGMjEwRjAeFw0yNTA4MDQx MzA0MjhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDlBMjFBMzU0MzVEQjNC MzQxMDREOTNGRDEzOUJBNjEwRjlENjA4MEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDXwn2MCpzpGMq7kYfzc/Zx1qSmbTBXMyd1f80hydWBdZZr4oQl M0eZ/KIvqzuNwQQG3HFO0H8G5Z+2xHB1Y2gcfEXNOT5EP87fQdNf15z0aM9LEbGR kbPokkABusmPDklv6tWJ59zd7altP6nBEmXNspNPVxhtws6alqMiF5yFO7h2+a0J RWKcIKynbnGuuPBCddXrZVYZ7xhv2jzd9BCfxDH+4q+S105fXENokBNgiPjzcN34 ocMOPwRhaCEEJJkx9rlEUnwbAYkmXdNsFoFoObrQDvLR0CnUh9l+yZ7XJfmTNK+c g2amKKl3mt0itrC2XgcQL1Ql9X0M8sIHyw1FAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUmiGjVDXbOzQQTZP9E5umEPnWCAwwHwYDVR0jBBgwFoAU+ta0PAnQSQoN9/iR 359jtSDPIQ8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0 MS8tdGEwUEFuUVNRb045X2lSMzU5anRTRFBJUTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLy10YTBQQW5RU1FvTjlfaVIzNTlqdFNEUElROC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDEvbWlHalZEWGJPelFR VFpQOUU1dW1FUG5XQ0F3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmd0lDANBgkqhkiG9w0BAQsFAAOCAQEAfRDLJsm+4j2GUyz7+kgf31vR9Vjy XUZkXBEawqWAkiKLIafpc+1ccnW7m9W/A/HXPcF1dwR53C7RYIpdsedRAELsamHA ajNfKxLCJjjIdjRACpm8l6U5wHCeF+f1F3k2cU7Omriekw8Xb+8lGcokfQ1R4O4C lwTayKwSbc+fIqJuZuzr9VKhlON1Mlx6ftmnDWNvGL8B4OJUYtq6yuDjxvZs4auA eDDkG228+Ci4jAV2n8uz0wJwkSkX93u+v/ZMcwqqonOdNM1Nl2Cn1mOxE5EJPdrS fWQOhd5//DmNbueg4FZibFNsFR66QM0N43EFDa/rqjSl13h2B2u/zRX/EA== -----END CERTIFICATE-----Generated at Mon Aug 11 10:58:06 2025 by rpki-client