$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3379/w7SIswm54yr5I1yAEfk9WiNQoO4.roa File: w7SIswm54yr5I1yAEfk9WiNQoO4.roa (raw, json) Hash identifier: xGKjdzo5tRsYGzfgTCksTTn0dgC6BOOFZ8hSCAswRjg= Subject key identifier: C3:B4:88:B3:09:B9:E3:2A:F9:23:5C:80:11:F9:3D:5A:23:50:A0:EE Certificate issuer: /CN=2CB237ABE1A66A755DA9545795F1DD229F0E0311 Certificate serial: CB Authority key identifier: 2C:B2:37:AB:E1:A6:6A:75:5D:A9:54:57:95:F1:DD:22:9F:0E:03:11 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLI3q-GmanVdqVRXlfHdIp8OAxE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3379/w7SIswm54yr5I1yAEfk9WiNQoO4.roa Signing time: Mon 04 Aug 2025 03:40:30 +0000 ROA not before: Mon 04 Aug 2025 03:40:30 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 4837 IP address blocks: 165.101.70.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3379/LLI3q-GmanVdqVRXlfHdIp8OAxE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3379/LLI3q-GmanVdqVRXlfHdIp8OAxE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLI3q-GmanVdqVRXlfHdIp8OAxE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 11:02:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 203 (0xcb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2CB237ABE1A66A755DA9545795F1DD229F0E0311 Validity Not Before: Aug 4 03:40:30 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C3B488B309B9E32AF9235C8011F93D5A2350A0EE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:67:b3:ed:20:ee:7b:75:6b:4a:4f:84:da:ba: 62:c0:35:28:cd:40:77:fd:4e:df:d3:77:f7:2a:5f: d3:ff:54:b4:8f:92:d3:6d:c8:88:71:9e:f3:fe:e2: 69:01:25:d4:51:b5:fd:8e:eb:1e:e3:ed:95:b1:45: 3f:d6:1c:72:e7:11:e0:c4:4a:15:a1:08:c7:29:24: 08:22:6d:ea:4c:77:79:8c:b6:26:98:96:04:59:d3: db:22:f6:6a:86:ad:9c:d0:ec:6f:f5:3b:e1:7e:19: 6c:b3:4b:93:ce:9b:e2:bb:a5:f2:ba:90:49:87:3c: e5:0b:9c:ec:d9:76:3e:82:fe:b2:fa:44:77:67:51: d7:0e:06:4e:eb:55:a0:82:8b:ac:b8:76:33:c0:0f: 23:18:cb:3b:3a:8d:7f:e3:6f:e6:ef:d6:e2:68:a6: 6e:37:6d:f6:a8:ae:69:09:38:7c:1c:7a:47:56:04: 77:b3:6a:be:88:bc:31:f1:d3:fd:e3:a7:f6:ee:57: e4:68:2c:cc:78:b7:69:71:50:23:9e:e3:02:91:63: 65:13:c7:80:6a:ce:16:18:82:0b:59:70:6b:f7:a5: e7:74:32:97:21:2a:b4:58:91:84:dd:cc:63:88:a0: 32:2a:39:8c:d8:2e:25:a7:45:d5:8f:c5:62:8f:c9: f8:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:B4:88:B3:09:B9:E3:2A:F9:23:5C:80:11:F9:3D:5A:23:50:A0:EE X509v3 Authority Key Identifier: keyid:2C:B2:37:AB:E1:A6:6A:75:5D:A9:54:57:95:F1:DD:22:9F:0E:03:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3379/LLI3q-GmanVdqVRXlfHdIp8OAxE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLI3q-GmanVdqVRXlfHdIp8OAxE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3379/w7SIswm54yr5I1yAEfk9WiNQoO4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 165.101.70.0/24 Signature Algorithm: sha256WithRSAEncryption 98:40:fe:ee:65:20:9a:69:8c:4a:3b:03:e2:eb:ee:d6:cd:a5: 4e:a3:73:65:d5:85:24:a5:7b:07:08:1b:0d:86:b3:cb:b2:7a: 63:a3:e4:65:c3:15:0e:0d:4c:5b:1e:bf:23:e8:5b:b5:b2:f2: d1:d7:fa:2d:51:a2:e2:a5:3d:b5:32:a5:63:18:88:c1:a7:ea: 64:50:b9:06:1c:76:99:8b:b7:5b:10:7d:4b:b3:07:aa:9a:71: 04:fb:f8:69:1c:11:2a:a2:34:b7:53:b7:04:d8:19:c2:ad:db: e5:cf:ca:15:07:51:19:55:b1:7f:bf:0f:a7:7a:71:3f:b4:e4: a2:6a:3e:3a:7a:f0:91:28:f9:c8:a1:8c:c1:b8:29:03:ac:05: 4e:15:20:a1:4c:a0:56:b3:c7:c4:30:51:3e:7e:4d:f0:74:d1: 6e:f3:ca:ae:79:97:72:78:83:11:94:83:0a:91:dd:52:68:7a: b2:6f:ed:66:01:88:37:68:bc:36:4f:e8:af:58:38:5a:da:4d: 64:63:54:1c:ac:2e:e3:35:9a:69:8e:ad:42:2f:19:72:38:ea: f6:e9:e7:3f:09:ef:b2:0a:04:bb:a4:2a:48:6b:32:49:55:73: 5b:b3:2a:be:64:5a:ed:8b:98:6b:9f:4f:f7:a0:6a:6a:c6:ea: 73:1c:bf:36 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAMswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkNC MjM3QUJFMUE2NkE3NTVEQTk1NDU3OTVGMUREMjI5RjBFMDMxMTAeFw0yNTA4MDQw MzQwMzBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEMzQjQ4OEIzMDlCOUUz MkFGOTIzNUM4MDExRjkzRDVBMjM1MEEwRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUZ7PtIO57dWtKT4TaumLANSjNQHf9Tt/Td/cqX9P/VLSPktNt yIhxnvP+4mkBJdRRtf2O6x7j7ZWxRT/WHHLnEeDEShWhCMcpJAgibepMd3mMtiaY lgRZ09si9mqGrZzQ7G/1O+F+GWyzS5POm+K7pfK6kEmHPOULnOzZdj6C/rL6RHdn UdcOBk7rVaCCi6y4djPADyMYyzs6jX/jb+bv1uJopm43bfaormkJOHwcekdWBHez ar6IvDHx0/3jp/buV+RoLMx4t2lxUCOe4wKRY2UTx4BqzhYYggtZcGv3ped0Mpch KrRYkYTdzGOIoDIqOYzYLiWnRdWPxWKPyfhnAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUw7SIswm54yr5I1yAEfk9WiNQoO4wHwYDVR0jBBgwFoAULLI3q+GmanVdqVRX lfHdIp8OAxEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM3 OS9MTEkzcS1HbWFuVmRxVlJYbGZIZElwOE9BeEUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0xMSTNxLUdtYW5WZHFWUlhsZkhkSXA4T0F4RS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNzkvdzdTSXN3bTU0eXI1 STF5QUVmazlXaU5Rb080LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAKVlRjANBgkqhkiG9w0BAQsFAAOCAQEAmED+7mUgmmmMSjsD4uvu1s2lTqNz ZdWFJKV7BwgbDYazy7J6Y6PkZcMVDg1MWx6/I+hbtbLy0df6LVGi4qU9tTKlYxiI wafqZFC5Bhx2mYu3WxB9S7MHqppxBPv4aRwRKqI0t1O3BNgZwq3b5c/KFQdRGVWx f78Pp3pxP7Tkomo+OnrwkSj5yKGMwbgpA6wFThUgoUygVrPHxDBRPn5N8HTRbvPK rnmXcniDEZSDCpHdUmh6sm/tZgGIN2i8Nk/or1g4WtpNZGNUHKwu4zWaaY6tQi8Z cjjq9unnPwnvsgoEu6QqSGsySVVzW7MqvmRa7YuYa59P96Bqasbqcxy/Ng== -----END CERTIFICATE-----Generated at Mon Aug 11 10:58:30 2025 by rpki-client