$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/ZfMXZscIroL0IJRInT2L6oZ2Qj4.roa File: ZfMXZscIroL0IJRInT2L6oZ2Qj4.roa (raw, json) Hash identifier: wG20f/Bcos/SaUhFOyl7rlHjrCLz7NWVNqXxvWN3p0Q= Subject key identifier: 65:F3:17:66:C7:08:AE:82:F4:20:94:48:9D:3D:8B:EA:86:76:42:3E Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 3214 Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/ZfMXZscIroL0IJRInT2L6oZ2Qj4.roa Signing time: Wed 25 Jun 2025 00:12:48 +0000 ROA not before: Wed 25 Jun 2025 00:12:48 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 63612 IP address blocks: 103.45.128.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 22:43:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12820 (0x3214) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Jun 25 00:12:48 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=65F31766C708AE82F42094489D3D8BEA8676423E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:fd:b5:bd:48:f7:73:20:82:3d:33:47:3a:2a: ad:6b:7b:b5:da:8e:56:3f:0e:63:8c:17:5a:c9:be: a5:56:de:35:ff:c6:8e:e7:b0:e3:1b:be:91:45:10: 0f:37:4f:c3:72:84:96:ce:a1:23:62:37:56:09:6e: f2:8e:ee:26:f4:6d:15:fd:32:4f:01:c7:37:5c:49: b6:12:f8:e6:79:31:5d:97:e8:99:f1:0a:93:20:6b: 94:d8:c1:3c:03:e0:74:7d:1a:9f:87:52:c1:0f:8e: c1:f4:88:f1:15:ea:90:e0:c3:54:b4:43:8c:f5:07: c7:ce:ea:09:36:f0:3f:03:b5:ff:59:32:96:94:24: 88:ec:4f:ba:41:9b:40:c2:a0:9a:8a:32:ce:ab:5c: 33:2c:be:bf:96:e8:ad:09:f8:6c:ae:d1:2c:c8:04: cc:34:cb:6c:4c:d6:38:c2:e3:81:9c:bd:2b:68:72: 1b:6b:68:8c:a4:93:8a:81:27:81:f0:93:72:a3:16: 9f:64:f4:b1:53:c8:e0:f5:c9:16:c1:a7:92:58:b8: 0a:a0:e4:93:f9:43:42:6e:20:e9:79:65:b7:f9:93: 81:12:51:da:10:06:57:a3:bf:ff:a9:7f:c6:7c:68: d2:8b:96:2d:74:c3:7e:cf:6d:2d:76:14:7c:e2:0c: e1:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:F3:17:66:C7:08:AE:82:F4:20:94:48:9D:3D:8B:EA:86:76:42:3E X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/ZfMXZscIroL0IJRInT2L6oZ2Qj4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.45.128.0/19 Signature Algorithm: sha256WithRSAEncryption 85:3c:d1:ce:20:a9:cf:26:14:06:3e:9e:8f:3e:f5:72:89:6e: 01:6a:16:69:a5:71:0b:54:a9:46:d3:87:9b:d9:ba:94:8e:56: 69:d1:07:a1:a6:71:c7:fd:d8:19:dd:cc:0e:8e:17:3d:4d:5d: 93:92:89:14:6b:de:92:a0:36:55:27:79:dd:cc:cd:22:4c:d3: fe:03:29:53:cf:3f:f5:61:88:da:28:e8:90:bf:fe:a5:1f:a8: be:ee:aa:8f:ac:f5:ff:b3:a1:b2:4a:9f:19:e6:ca:07:f3:bd: b5:3e:1e:6d:46:38:9e:ad:0e:20:2d:12:0c:fe:26:29:37:cb: f9:44:0a:c3:47:9a:ad:3b:09:c6:e5:d6:7b:f0:31:c0:5f:9b: da:b7:ae:cc:7e:64:aa:42:7a:29:63:22:72:07:a3:49:8e:bf: 49:92:97:64:07:9e:16:67:87:78:ae:a6:5c:35:15:10:6a:dc: 5e:93:24:3a:45:69:d8:62:96:70:22:f9:80:64:69:f9:0d:94: 46:71:c9:16:5a:07:87:b5:2f:80:9a:d1:0d:5e:f1:65:52:78: 2f:d0:26:86:d9:ce:3f:77:d0:41:8a:72:f4:8a:7b:31:83:89: 8c:cf:81:f1:e8:d6:b2:50:ca:28:e5:1b:32:b3:5f:f6:b6:95: fb:34:47:2c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICMhQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTA2MjUw MDEyNDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDY1RjMxNzY2QzcwOEFF ODJGNDIwOTQ0ODlEM0Q4QkVBODY3NjQyM0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC//bW9SPdzIII9M0c6Kq1re7XajlY/DmOMF1rJvqVW3jX/xo7n sOMbvpFFEA83T8NyhJbOoSNiN1YJbvKO7ib0bRX9Mk8BxzdcSbYS+OZ5MV2X6Jnx CpMga5TYwTwD4HR9Gp+HUsEPjsH0iPEV6pDgw1S0Q4z1B8fO6gk28D8Dtf9ZMpaU JIjsT7pBm0DCoJqKMs6rXDMsvr+W6K0J+Gyu0SzIBMw0y2xM1jjC44GcvStochtr aIykk4qBJ4Hwk3KjFp9k9LFTyOD1yRbBp5JYuAqg5JP5Q0JuIOl5Zbf5k4ESUdoQ Blejv/+pf8Z8aNKLli10w37PbS12FHziDOFRAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUZfMXZscIroL0IJRInT2L6oZ2Qj4wHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvWmZNWFpzY0lyb0ww SUpSSW5UMkw2b1oyUWo0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBWctgDANBgkqhkiG9w0BAQsFAAOCAQEAhTzRziCpzyYUBj6ejz71coluAWoW aaVxC1SpRtOHm9m6lI5WadEHoaZxx/3YGd3MDo4XPU1dk5KJFGvekqA2VSd53czN IkzT/gMpU88/9WGI2ijokL/+pR+ovu6qj6z1/7OhskqfGebKB/O9tT4ebUY4nq0O IC0SDP4mKTfL+UQKw0earTsJxuXWe/AxwF+b2reuzH5kqkJ6KWMicgejSY6/SZKX ZAeeFmeHeK6mXDUVEGrcXpMkOkVp2GKWcCL5gGRp+Q2URnHJFloHh7UvgJrRDV7x ZVJ4L9AmhtnOP3fQQYpy9Ip7MYOJjM+B8ejWslDKKOUbMrNf9raV+zRHLA== -----END CERTIFICATE-----Generated at Fri Jul 4 19:30:10 2025 by rpki-client