$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3317/k2fsIbftQRjCuaw8vM9IdWoUcpg.roa File: k2fsIbftQRjCuaw8vM9IdWoUcpg.roa (raw, json) Hash identifier: QUuqwryAn7tNC/7s8b5C6mc0fqcFuWn03lmSuHGpGJ8= Subject key identifier: 93:67:EC:21:B7:ED:41:18:C2:B9:AC:3C:BC:CF:48:75:6A:14:72:98 Certificate issuer: /CN=ABCC2EEAFAEAAF0D44E3CD20040999ED3E8B6E56 Certificate serial: 0133 Authority key identifier: AB:CC:2E:EA:FA:EA:AF:0D:44:E3:CD:20:04:09:99:ED:3E:8B:6E:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/q8wu6vrqrw1E480gBAmZ7T6LblY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3317/k2fsIbftQRjCuaw8vM9IdWoUcpg.roa Signing time: Sun 27 Jul 2025 11:31:27 +0000 ROA not before: Sun 27 Jul 2025 11:31:27 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 134765 IP address blocks: 103.20.160.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3317/q8wu6vrqrw1E480gBAmZ7T6LblY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3317/q8wu6vrqrw1E480gBAmZ7T6LblY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/q8wu6vrqrw1E480gBAmZ7T6LblY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 13:03:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 307 (0x133) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ABCC2EEAFAEAAF0D44E3CD20040999ED3E8B6E56 Validity Not Before: Jul 27 11:31:27 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=9367EC21B7ED4118C2B9AC3CBCCF48756A147298 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:9c:96:c9:b5:7e:1c:37:91:da:e3:93:94:e7: f1:11:c1:db:2a:18:00:1e:45:8c:7a:0f:c3:37:04: e0:9c:f6:15:e1:b5:d9:7f:36:e3:d0:80:5c:44:07: 0b:4d:96:ee:9a:44:d3:68:ac:3e:1e:9e:9a:96:78: 3b:85:34:da:63:1e:22:19:1d:73:ee:5f:fb:99:f0: b5:06:f0:a2:59:10:ed:b0:a4:e0:fe:e2:29:e0:f8: aa:08:cf:9e:eb:7d:ee:28:43:13:8a:46:df:fb:54: 28:7a:a3:aa:39:97:c7:86:7d:5f:3f:c1:f1:2b:e8: 44:23:3a:20:60:64:ae:b7:b7:43:1a:71:75:51:30: c2:82:b5:cb:5d:4a:5a:f1:65:e5:8c:85:20:ba:31: 52:5c:2e:9a:6c:ed:92:71:08:51:c1:88:4c:cd:67: 6c:91:74:c9:18:2b:a2:af:e6:81:8d:38:cb:be:8f: e0:4c:39:e4:d6:af:ed:2a:1e:7b:ce:f0:6b:6c:7e: 17:dd:3e:b4:7c:21:73:dd:15:57:47:b5:af:eb:84: f6:9b:b4:53:e6:73:98:29:c5:77:fb:4d:cd:df:98: 5e:e0:bc:0f:b3:29:c7:d3:f6:b6:cf:f1:af:e8:de: ea:67:bf:4f:b7:a1:0f:e3:4e:54:31:e6:4b:1b:91: 79:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:67:EC:21:B7:ED:41:18:C2:B9:AC:3C:BC:CF:48:75:6A:14:72:98 X509v3 Authority Key Identifier: keyid:AB:CC:2E:EA:FA:EA:AF:0D:44:E3:CD:20:04:09:99:ED:3E:8B:6E:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3317/q8wu6vrqrw1E480gBAmZ7T6LblY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/q8wu6vrqrw1E480gBAmZ7T6LblY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3317/k2fsIbftQRjCuaw8vM9IdWoUcpg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.20.160.0/22 Signature Algorithm: sha256WithRSAEncryption 24:dc:9a:6a:54:57:88:74:4e:be:db:f3:64:3d:5c:a5:a4:15: 8a:67:f5:c2:59:b9:82:76:a6:60:12:3c:ae:36:21:b4:18:7c: 72:61:64:af:b4:44:2e:cf:c4:37:8c:c6:09:64:9c:93:f9:2f: 1f:e9:b0:f4:9f:4c:4a:21:48:8d:87:31:86:d6:46:2c:b9:ea: 69:18:e4:6a:7d:fa:40:41:91:3c:1d:9b:28:d8:cc:a5:d2:38: f1:f6:e9:a5:13:0e:fd:11:e7:61:b5:bf:75:c8:d2:4d:ff:ee: 24:ec:26:38:e7:06:84:e4:42:2b:5a:4f:1d:51:b3:3a:70:7e: 97:bf:8d:c5:17:ff:a7:9f:a8:1b:75:53:e7:d1:eb:75:71:5b: 34:2d:86:03:91:16:d9:c7:7d:ea:5c:2b:f6:57:5f:03:bb:f8: 6e:93:94:11:d7:e2:64:1b:e7:0a:8c:0d:f3:63:2a:25:1d:1a: 5c:ec:44:53:b0:95:ee:7e:58:d1:82:42:58:ef:07:a0:c0:0e: 01:20:1f:60:28:e0:b0:e7:91:ce:7f:0c:5c:88:d4:ce:3d:f1: 4a:17:78:b5:71:2e:86:df:7e:7a:8a:6b:3a:bd:44:e9:41:2a: 47:d0:21:3b:65:e2:fc:0f:43:67:1a:57:2d:ca:06:7a:17:2c: 4e:01:03:95 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICATMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJD QzJFRUFGQUVBQUYwRDQ0RTNDRDIwMDQwOTk5RUQzRThCNkU1NjAeFw0yNTA3Mjcx MTMxMjdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDkzNjdFQzIxQjdFRDQx MThDMkI5QUMzQ0JDQ0Y0ODc1NkExNDcyOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDYnJbJtX4cN5Ha45OU5/ERwdsqGAAeRYx6D8M3BOCc9hXhtdl/ NuPQgFxEBwtNlu6aRNNorD4enpqWeDuFNNpjHiIZHXPuX/uZ8LUG8KJZEO2wpOD+ 4ing+KoIz57rfe4oQxOKRt/7VCh6o6o5l8eGfV8/wfEr6EQjOiBgZK63t0MacXVR MMKCtctdSlrxZeWMhSC6MVJcLpps7ZJxCFHBiEzNZ2yRdMkYK6Kv5oGNOMu+j+BM OeTWr+0qHnvO8GtsfhfdPrR8IXPdFVdHta/rhPabtFPmc5gpxXf7Tc3fmF7gvA+z KcfT9rbP8a/o3upnv0+3oQ/jTlQx5ksbkXnrAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUk2fsIbftQRjCuaw8vM9IdWoUcpgwHwYDVR0jBBgwFoAUq8wu6vrqrw1E480g BAmZ7T6LblYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMx Ny9xOHd1NnZycXJ3MUU0ODBnQkFtWjdUNkxibFkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3E4d3U2dnJxcncxRTQ4MGdCQW1aN1Q2TGJsWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMTcvazJmc0liZnRRUmpD dWF3OHZNOUlkV29VY3BnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmcUoDANBgkqhkiG9w0BAQsFAAOCAQEAJNyaalRXiHROvtvzZD1cpaQVimf1 wlm5gnamYBI8rjYhtBh8cmFkr7RELs/EN4zGCWSck/kvH+mw9J9MSiFIjYcxhtZG LLnqaRjkan36QEGRPB2bKNjMpdI48fbppRMO/RHnYbW/dcjSTf/uJOwmOOcGhORC K1pPHVGzOnB+l7+NxRf/p5+oG3VT59HrdXFbNC2GA5EW2cd96lwr9ldfA7v4bpOU EdfiZBvnCowN82MqJR0aXOxEU7CV7n5Y0YJCWO8HoMAOASAfYCjgsOeRzn8MXIjU zj3xShd4tXEuht9+eoprOr1E6UEqR9AhO2Xi/A9DZxpXLcoGehcsTgEDlQ== -----END CERTIFICATE-----Generated at Thu Aug 14 11:45:04 2025 by rpki-client