$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/3y2qUkEoruGyVdcMe0lrpYwYbD8.roa File: 3y2qUkEoruGyVdcMe0lrpYwYbD8.roa (raw, json) Hash identifier: g4jGhipNfyt9HkQs1QZ7cFl2ODIAxDgMPoAj4duHmXQ= Subject key identifier: DF:2D:AA:52:41:28:AE:E1:B2:55:D7:0C:7B:49:6B:A5:8C:18:6C:3F Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 13DA Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/3y2qUkEoruGyVdcMe0lrpYwYbD8.roa Signing time: Mon 21 Jul 2025 11:55:02 +0000 ROA not before: Mon 21 Jul 2025 11:55:02 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 62387 IP address blocks: 101.232.132.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 06:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5082 (0x13da) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Jul 21 11:55:02 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=DF2DAA524128AEE1B255D70C7B496BA58C186C3F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:28:76:f2:4f:8b:da:34:e2:e6:93:7d:22:b9: 79:5f:59:09:48:83:c8:18:11:33:16:81:3e:21:1c: 88:5f:ac:0a:36:29:ab:0c:bc:20:43:ec:1c:da:78: e2:b2:10:ef:3b:ea:4b:04:7b:58:8e:18:90:45:1e: ab:2d:bc:43:b1:f5:eb:4c:99:f5:c1:85:53:49:82: 65:b8:28:d6:0b:4a:5e:8d:8a:7e:87:33:c5:56:cf: c0:e7:ad:af:50:e8:14:c9:24:14:51:e4:47:cf:74: cf:a9:60:cf:0b:33:ec:4d:c3:c4:7c:0f:62:d7:11: 7c:c3:ac:d1:1b:b0:74:b9:38:2d:7b:4a:bb:ab:fc: fe:70:a7:ec:df:be:a6:89:51:b2:8a:0a:91:0f:14: 23:93:35:17:7a:14:73:cd:f9:d9:10:7a:ae:17:e3: 16:b4:49:95:91:73:4c:15:75:06:83:29:0f:48:2f: 77:1f:4a:86:fd:e2:74:2d:b8:96:22:16:8b:b9:37: d2:7f:84:31:ab:c4:f7:6a:8b:47:25:61:f5:f9:1d: 72:3b:59:6e:c9:80:e0:89:aa:bc:2a:7b:36:d7:55: 88:53:9b:99:3e:b3:a1:e4:8f:fa:ad:d4:d6:ea:89: 6d:91:c4:81:48:48:f7:ef:81:3b:69:a5:85:91:50: 1e:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:2D:AA:52:41:28:AE:E1:B2:55:D7:0C:7B:49:6B:A5:8C:18:6C:3F X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/3y2qUkEoruGyVdcMe0lrpYwYbD8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.132.0/22 Signature Algorithm: sha256WithRSAEncryption 77:d0:72:5c:31:fa:19:f2:0c:05:bc:84:86:10:10:00:a7:a5: 65:06:76:0d:3c:7e:68:2c:86:7e:64:dc:63:a4:8f:0e:f1:d1: 05:24:a6:a6:f5:a3:d3:3c:1a:75:9c:56:ac:0a:ea:dc:42:0b: e3:b5:08:df:b5:d2:46:af:6f:72:8a:31:ec:da:58:8d:63:fb: 0b:34:2a:0e:22:f4:32:ef:33:f8:bc:33:63:7c:a6:4d:94:8b: 7b:ee:1c:c5:d0:c3:50:46:85:64:17:9e:b5:42:d0:30:2f:56: de:60:8e:ee:db:e5:1a:d4:38:cc:13:ad:6a:4e:fe:58:cd:46: e6:51:f2:9a:2a:a6:cf:98:84:16:d8:24:53:4f:3d:fc:2a:81: 1e:66:b1:d3:76:20:94:82:ab:64:c8:8d:c3:12:58:f2:d5:7e: cf:50:0f:ff:f5:0b:ef:e3:04:a5:f0:72:63:c2:a2:bd:5c:b1: fc:f5:72:af:46:ba:bf:af:37:1c:38:e6:d8:4d:38:15:7d:b9: e7:18:40:db:34:30:e9:e5:07:cc:e3:b2:e4:ac:10:1c:de:94: 3d:a5:4a:1d:95:a9:e8:94:f9:9b:d4:6b:85:1d:e3:6e:9a:0d: 60:77:80:27:9a:82:4e:bf:88:0a:b4:96:91:4f:37:55:20:c8: 57:e1:ff:f0 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICE9owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA3MjEx MTU1MDJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKERGMkRBQTUyNDEyOEFF RTFCMjU1RDcwQzdCNDk2QkE1OEMxODZDM0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEKHbyT4vaNOLmk30iuXlfWQlIg8gYETMWgT4hHIhfrAo2KasM vCBD7BzaeOKyEO876ksEe1iOGJBFHqstvEOx9etMmfXBhVNJgmW4KNYLSl6Nin6H M8VWz8Dnra9Q6BTJJBRR5EfPdM+pYM8LM+xNw8R8D2LXEXzDrNEbsHS5OC17Srur /P5wp+zfvqaJUbKKCpEPFCOTNRd6FHPN+dkQeq4X4xa0SZWRc0wVdQaDKQ9IL3cf Sob94nQtuJYiFou5N9J/hDGrxPdqi0clYfX5HXI7WW7JgOCJqrwqezbXVYhTm5k+ s6Hkj/qt1NbqiW2RxIFISPfvgTtppYWRUB4NAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU3y2qUkEoruGyVdcMe0lrpYwYbD8wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzN5MnFVa0VvcnVHeVZk Y01lMGxycFl3WWJEOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6IQwDQYJKoZIhvcNAQELBQADggEBAHfQclwx+hnyDAW8hIYQEACnpWUGdg08 fmgshn5k3GOkjw7x0QUkpqb1o9M8GnWcVqwK6txCC+O1CN+10kavb3KKMezaWI1j +ws0Kg4i9DLvM/i8M2N8pk2Ui3vuHMXQw1BGhWQXnrVC0DAvVt5gju7b5RrUOMwT rWpO/ljNRuZR8poqps+YhBbYJFNPPfwqgR5msdN2IJSCq2TIjcMSWPLVfs9QD//1 C+/jBKXwcmPCor1csfz1cq9Gur+vNxw45thNOBV9uecYQNs0MOnlB8zjsuSsEBze lD2lSh2VqeiU+ZvUa4Ud426aDWB3gCeagk6/iAq0lpFPN1UgyFfh//A= -----END CERTIFICATE-----Generated at Mon Aug 11 04:43:45 2025 by rpki-client