$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2537/3yimESiLtQka2lMiwqoyFKOTxMk.roa File: 3yimESiLtQka2lMiwqoyFKOTxMk.roa (raw, json) Hash identifier: b5MumePz6dpZV/wDo4ougHaQ9UB/PgwFbcHPXE73tqs= Subject key identifier: DF:28:A6:11:28:8B:B5:09:1A:DA:53:22:C2:AA:32:14:A3:93:C4:C9 Certificate issuer: /CN=FB653B26775041687D362D4CEF768E58F99EC075 Certificate serial: 0C43 Authority key identifier: FB:65:3B:26:77:50:41:68:7D:36:2D:4C:EF:76:8E:58:F9:9E:C0:75 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-2U7JndQQWh9Ni1M73aOWPmewHU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/3yimESiLtQka2lMiwqoyFKOTxMk.roa Signing time: Sat 13 Sep 2025 03:09:35 +0000 ROA not before: Sat 13 Sep 2025 03:09:35 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 152092 IP address blocks: 103.97.56.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/-2U7JndQQWh9Ni1M73aOWPmewHU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/-2U7JndQQWh9Ni1M73aOWPmewHU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-2U7JndQQWh9Ni1M73aOWPmewHU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 18:07:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3139 (0xc43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FB653B26775041687D362D4CEF768E58F99EC075 Validity Not Before: Sep 13 03:09:35 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=DF28A611288BB5091ADA5322C2AA3214A393C4C9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:5f:79:c3:70:f4:6c:aa:9c:39:78:78:8c:a3: 99:cf:bb:a4:db:9c:d4:01:9a:3e:d2:9c:07:ca:f4: 4d:b9:f4:f1:0b:68:0d:4b:60:01:2c:b2:16:3c:05: 45:5c:d7:4c:22:b7:1b:9c:38:91:56:cd:46:d0:f1: d2:4c:2e:0a:c9:b5:a7:58:bb:3f:14:4e:18:83:a0: cb:bf:dd:7c:4b:0b:9d:86:d2:69:9c:51:69:62:8f: 08:e3:0c:5e:18:e9:0b:43:e0:29:80:e0:cb:de:6b: ea:15:cf:eb:87:c2:b2:4f:92:6d:a3:bc:34:e9:e9: 44:dd:af:c6:69:88:7d:ef:9e:3b:2c:04:a9:86:30: fc:01:ad:d5:73:27:30:cb:11:15:f4:7e:8b:55:cb: bd:43:a4:58:ab:72:50:bb:da:00:69:d3:9a:d5:7f: 96:d8:97:b5:65:ff:61:5a:96:0c:06:18:b7:23:7d: c3:df:b9:a3:b9:c6:1e:48:4f:3e:5c:61:b8:84:b7: 8c:fe:22:82:2c:b6:6d:63:90:d3:5f:c5:f1:f8:33: 1d:b7:54:fb:85:64:cf:1f:59:b9:bc:65:50:e3:c9: 35:76:ec:b9:3c:82:4d:e6:7e:da:c2:69:2a:05:c6: 83:33:75:3d:60:9a:4f:c9:e1:5c:ac:5d:35:ee:29: bc:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:28:A6:11:28:8B:B5:09:1A:DA:53:22:C2:AA:32:14:A3:93:C4:C9 X509v3 Authority Key Identifier: keyid:FB:65:3B:26:77:50:41:68:7D:36:2D:4C:EF:76:8E:58:F9:9E:C0:75 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/-2U7JndQQWh9Ni1M73aOWPmewHU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-2U7JndQQWh9Ni1M73aOWPmewHU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/3yimESiLtQka2lMiwqoyFKOTxMk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.97.56.0/22 Signature Algorithm: sha256WithRSAEncryption 16:d9:7c:f1:94:87:15:19:a2:bc:37:ac:ba:5d:8c:13:02:a7: bf:3c:24:a8:6f:55:b9:3e:57:b3:4b:b9:03:9e:e1:a2:ed:a2: d1:04:6c:1d:22:6f:a3:c5:d9:52:48:df:03:6c:fe:ee:31:d6: 66:1c:03:e0:5d:bd:8d:d1:9a:39:9d:f7:fa:6f:66:04:2c:a8: 79:18:0c:74:98:59:bf:94:cb:92:03:b0:8b:00:d3:ce:88:a0: ac:ed:61:16:e3:8d:89:3a:20:7a:bb:36:60:63:02:68:12:dc: f2:bc:5c:6c:a3:96:37:b1:7d:c1:ba:2a:b3:cd:08:a7:98:e0: d1:af:6c:6f:c6:0d:77:17:04:8a:5e:f3:a6:65:24:12:a9:78: 32:e9:03:77:b7:2d:b3:f4:1a:ad:cd:25:99:ce:c5:51:6a:b5: a2:d0:c0:b5:82:6f:20:71:d3:80:02:b8:62:00:f6:fe:e8:38: 58:94:1e:01:20:b0:fc:85:ef:de:3f:12:77:be:bb:75:09:4c: f5:1f:f9:a2:de:c2:f9:b6:00:91:7e:89:be:37:bb:6d:32:09: 0c:44:14:0d:5e:b6:4c:bc:f2:c6:a0:85:ee:3f:ca:38:78:fc: 15:8e:a3:f3:7f:ea:1e:fa:48:57:70:4b:64:f2:33:00:1c:90: f7:65:6c:13 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDEMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkI2 NTNCMjY3NzUwNDE2ODdEMzYyRDRDRUY3NjhFNThGOTlFQzA3NTAeFw0yNTA5MTMw MzA5MzVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKERGMjhBNjExMjg4QkI1 MDkxQURBNTMyMkMyQUEzMjE0QTM5M0M0QzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6X3nDcPRsqpw5eHiMo5nPu6TbnNQBmj7SnAfK9E259PELaA1L YAEsshY8BUVc10witxucOJFWzUbQ8dJMLgrJtadYuz8UThiDoMu/3XxLC52G0mmc UWlijwjjDF4Y6QtD4CmA4Mvea+oVz+uHwrJPkm2jvDTp6UTdr8ZpiH3vnjssBKmG MPwBrdVzJzDLERX0fotVy71DpFirclC72gBp05rVf5bYl7Vl/2FalgwGGLcjfcPf uaO5xh5ITz5cYbiEt4z+IoIstm1jkNNfxfH4Mx23VPuFZM8fWbm8ZVDjyTV27Lk8 gk3mftrCaSoFxoMzdT1gmk/J4VysXTXuKbwLAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU3yimESiLtQka2lMiwqoyFKOTxMkwHwYDVR0jBBgwFoAU+2U7JndQQWh9Ni1M 73aOWPmewHUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUz Ny8tMlU3Sm5kUVFXaDlOaTFNNzNhT1dQbWV3SFUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLy0yVTdKbmRRUVdoOU5pMU03M2FPV1BtZXdIVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MzcvM3lpbUVTaUx0UWth MmxNaXdxb3lGS09UeE1rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdhODANBgkqhkiG9w0BAQsFAAOCAQEAFtl88ZSHFRmivDesul2MEwKnvzwk qG9VuT5Xs0u5A57hou2i0QRsHSJvo8XZUkjfA2z+7jHWZhwD4F29jdGaOZ33+m9m BCyoeRgMdJhZv5TLkgOwiwDTzoigrO1hFuONiTogers2YGMCaBLc8rxcbKOWN7F9 wboqs80Ip5jg0a9sb8YNdxcEil7zpmUkEql4MukDd7cts/Qarc0lmc7FUWq1otDA tYJvIHHTgAK4YgD2/ug4WJQeASCw/IXv3j8Sd767dQlM9R/5ot7C+bYAkX6Jvje7 bTIJDEQUDV62TLzyxqCF7j/KOHj8FY6j83/qHvpIV3BLZPIzAByQ92VsEw== -----END CERTIFICATE-----Generated at Mon Oct 20 17:43:07 2025 by rpki-client