$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3379/FyybFiuEViG5XFYVlJCL72bEuR0.roa File: FyybFiuEViG5XFYVlJCL72bEuR0.roa (raw, json) Hash identifier: KEY+/EsJuZ5bAgnI9aKK1bCipVEiV8K+I8VHY3pGYsI= Subject key identifier: 17:2C:9B:16:2B:84:56:21:B9:5C:56:15:94:90:8B:EF:66:C4:B9:1D Certificate issuer: /CN=2CB237ABE1A66A755DA9545795F1DD229F0E0311 Certificate serial: 025F Authority key identifier: 2C:B2:37:AB:E1:A6:6A:75:5D:A9:54:57:95:F1:DD:22:9F:0E:03:11 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLI3q-GmanVdqVRXlfHdIp8OAxE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3379/FyybFiuEViG5XFYVlJCL72bEuR0.roa Signing time: Fri 24 Oct 2025 05:37:02 +0000 ROA not before: Fri 24 Oct 2025 05:37:02 +0000 ROA not after: Fri 23 Oct 2026 03:01:03 +0000 asID: 16509 IP address blocks: 165.101.71.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3379/LLI3q-GmanVdqVRXlfHdIp8OAxE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3379/LLI3q-GmanVdqVRXlfHdIp8OAxE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLI3q-GmanVdqVRXlfHdIp8OAxE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 08:44:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 607 (0x25f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2CB237ABE1A66A755DA9545795F1DD229F0E0311 Validity Not Before: Oct 24 05:37:02 2025 GMT Not After : Oct 23 03:01:03 2026 GMT Subject: CN=172C9B162B845621B95C561594908BEF66C4B91D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:df:51:b2:32:2d:e6:a2:47:bc:5d:14:89:43: 27:73:35:78:ee:b6:87:24:f6:74:29:c7:97:6b:e1: bf:14:9a:6d:59:e0:fc:1a:6c:17:97:d5:fd:e3:37: 70:f9:16:a6:2f:87:33:34:55:02:12:06:18:73:08: 75:62:8b:b3:b9:21:d1:fb:93:b4:ef:0f:0c:6b:b7: ac:e8:d9:d0:72:ac:aa:e4:eb:db:a5:f2:eb:9c:b1: 22:bc:7e:52:bf:78:9e:a6:49:29:c4:a1:50:24:ad: cb:b4:b8:ee:76:f0:a8:6e:a1:06:0d:67:90:11:1b: 7a:53:d3:7d:a3:57:f6:55:85:27:01:6c:c5:7b:f9: ab:2b:da:31:39:b9:6e:22:01:33:82:2f:3c:5a:a9: d0:5d:d1:1a:1f:8e:36:26:fd:0f:f9:86:07:b7:9e: a6:01:b9:57:2c:74:71:23:87:b0:7c:08:e9:7e:e2: e5:f3:00:82:44:ca:88:54:21:87:28:44:59:97:da: 81:69:5f:4a:a2:84:03:02:ce:0a:de:12:6c:a4:8b: 84:3b:05:12:4a:da:05:63:cf:18:d4:65:ee:92:33: 8e:fc:c6:be:4f:ac:a5:d5:52:41:f9:34:f5:57:81: 62:a5:ff:c7:40:28:93:86:47:76:1b:8e:ff:97:a9: c1:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:2C:9B:16:2B:84:56:21:B9:5C:56:15:94:90:8B:EF:66:C4:B9:1D X509v3 Authority Key Identifier: keyid:2C:B2:37:AB:E1:A6:6A:75:5D:A9:54:57:95:F1:DD:22:9F:0E:03:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3379/LLI3q-GmanVdqVRXlfHdIp8OAxE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLI3q-GmanVdqVRXlfHdIp8OAxE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3379/FyybFiuEViG5XFYVlJCL72bEuR0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 165.101.71.0/24 Signature Algorithm: sha256WithRSAEncryption 47:a6:d7:b7:9a:69:84:29:da:94:0d:d7:fd:39:a7:36:a8:f8: 08:73:45:ff:a3:25:61:ce:a6:c1:70:86:b7:6a:bb:ed:ca:9b: 89:3c:91:a4:79:9f:f1:fc:1d:78:72:0a:a1:7b:06:04:38:27: a1:34:ad:55:7e:a4:b9:2b:21:48:fb:65:4e:01:c6:9d:f0:87: b6:b7:a0:f8:20:3f:ef:11:9f:dd:c9:a2:ec:35:eb:8e:04:53: 7e:36:a5:9f:52:59:2f:df:e6:8c:1f:cc:54:8a:08:35:6b:8e: 7c:b8:c7:38:ca:37:8c:cb:e8:83:96:27:53:3f:af:1f:e8:e8: d3:09:29:7d:19:dc:a0:9b:44:2c:a9:3c:3d:e4:32:a7:c5:fd: 25:cb:f7:4d:d7:dd:b1:13:14:8b:d2:4e:7c:50:89:f8:dd:50: ce:3d:a2:71:d5:46:09:a0:de:6d:92:c8:bb:7e:70:8a:ca:5f: ad:b8:14:52:40:78:3a:c3:03:04:3e:26:b7:e0:f9:52:3e:32: 1a:e5:76:ed:bb:06:a6:54:d2:2d:08:75:33:52:0d:e9:c6:05: f0:6c:c4:f7:26:e4:66:5c:86:37:1e:f9:15:a4:6e:ba:f4:fb: a8:8d:27:a8:49:3a:05:8d:cc:66:f6:ae:e0:a7:38:3e:73:fd: f1:ea:56:55 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAl8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkNC MjM3QUJFMUE2NkE3NTVEQTk1NDU3OTVGMUREMjI5RjBFMDMxMTAeFw0yNTEwMjQw NTM3MDJaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDE3MkM5QjE2MkI4NDU2 MjFCOTVDNTYxNTk0OTA4QkVGNjZDNEI5MUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDX31GyMi3moke8XRSJQydzNXjutock9nQpx5dr4b8Umm1Z4Pwa bBeX1f3jN3D5FqYvhzM0VQISBhhzCHVii7O5IdH7k7TvDwxrt6zo2dByrKrk69ul 8uucsSK8flK/eJ6mSSnEoVAkrcu0uO528KhuoQYNZ5ARG3pT032jV/ZVhScBbMV7 +asr2jE5uW4iATOCLzxaqdBd0RofjjYm/Q/5hge3nqYBuVcsdHEjh7B8COl+4uXz AIJEyohUIYcoRFmX2oFpX0qihAMCzgreEmyki4Q7BRJK2gVjzxjUZe6SM478xr5P rKXVUkH5NPVXgWKl/8dAKJOGR3Ybjv+XqcG7AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUFyybFiuEViG5XFYVlJCL72bEuR0wHwYDVR0jBBgwFoAULLI3q+GmanVdqVRX lfHdIp8OAxEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM3 OS9MTEkzcS1HbWFuVmRxVlJYbGZIZElwOE9BeEUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0xMSTNxLUdtYW5WZHFWUlhsZkhkSXA4T0F4RS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNzkvRnl5YkZpdUVWaUc1 WEZZVmxKQ0w3MmJFdVIwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAKVlRzANBgkqhkiG9w0BAQsFAAOCAQEAR6bXt5pphCnalA3X/TmnNqj4CHNF /6MlYc6mwXCGt2q77cqbiTyRpHmf8fwdeHIKoXsGBDgnoTStVX6kuSshSPtlTgHG nfCHtreg+CA/7xGf3cmi7DXrjgRTfjaln1JZL9/mjB/MVIoINWuOfLjHOMo3jMvo g5YnUz+vH+jo0wkpfRncoJtELKk8PeQyp8X9Jcv3TdfdsRMUi9JOfFCJ+N1Qzj2i cdVGCaDebZLIu35wispfrbgUUkB4OsMDBD4mt+D5Uj4yGuV27bsGplTSLQh1M1IN 6cYF8GzE9ybkZlyGNx75FaRuuvT7qI0nqEk6BY3MZvau4Kc4PnP98epWVQ== -----END CERTIFICATE-----Generated at Wed Nov 5 05:37:22 2025 by rpki-client