$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2927/YM-3CpnHniKHloIYaw4EhJh26JQ.roa File: YM-3CpnHniKHloIYaw4EhJh26JQ.roa (raw, json) Hash identifier: zLTJKj3i9QyPCjkxaEyJvq9y6L9d8J+Gq7CWrgrwhPE= Subject key identifier: 60:CF:B7:0A:99:C7:9E:22:87:96:82:18:6B:0E:04:84:98:76:E8:94 Certificate issuer: /CN=73D211D5B210E3B196054DB71892D8E38A4E09EF Certificate serial: 0C Authority key identifier: 73:D2:11:D5:B2:10:E3:B1:96:05:4D:B7:18:92:D8:E3:8A:4E:09:EF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/YM-3CpnHniKHloIYaw4EhJh26JQ.roa Signing time: Wed 25 Jun 2025 02:40:32 +0000 ROA not before: Wed 25 Jun 2025 02:40:32 +0000 ROA not after: Thu 25 Jun 2026 02:35:12 +0000 asID: 134760 IP address blocks: 103.41.0.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 13:18:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12 (0xc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=73D211D5B210E3B196054DB71892D8E38A4E09EF Validity Not Before: Jun 25 02:40:32 2025 GMT Not After : Jun 25 02:35:12 2026 GMT Subject: CN=60CFB70A99C79E22879682186B0E04849876E894 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:05:89:94:4d:fd:f6:f2:74:e5:6d:6b:33:3e: 2b:74:bb:21:1f:39:a7:4b:81:bf:b6:be:64:8a:03: 75:d9:6e:f6:4b:24:a6:54:dd:87:20:81:4f:1c:2e: b6:2c:64:94:79:e7:ae:11:46:ec:20:25:86:01:f8: 1d:70:74:f0:b2:08:56:c6:f6:dd:7c:75:17:24:73: ec:b0:ee:54:4e:47:bd:2c:67:11:54:6f:1f:9a:d0: aa:80:e2:52:80:2d:b2:89:c4:bf:85:66:be:87:8e: 0e:cf:00:fa:5a:3b:14:c7:bf:c4:73:c7:a1:f8:34: 1d:0c:2f:f4:d7:41:90:35:eb:cf:1e:ec:c5:55:ae: 03:f4:54:02:3a:20:ff:34:5c:26:52:5a:f5:9a:b2: 86:5b:54:3a:87:35:b0:6d:81:0a:40:82:e0:20:4f: 91:17:ff:22:32:98:1d:a4:d5:92:c9:bf:29:73:28: 34:45:54:a9:a7:09:1a:86:87:8c:86:48:28:a6:69: 06:ad:f0:e6:fe:dc:60:cd:2f:25:d9:31:0c:45:e8: ad:04:74:f4:24:ac:da:84:40:81:be:6b:23:82:2b: 3c:85:24:b8:88:86:87:0f:69:e5:80:4c:71:04:a2: 30:61:b1:a0:61:f8:a9:3d:04:32:eb:ec:af:36:63: 9d:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:CF:B7:0A:99:C7:9E:22:87:96:82:18:6B:0E:04:84:98:76:E8:94 X509v3 Authority Key Identifier: keyid:73:D2:11:D5:B2:10:E3:B1:96:05:4D:B7:18:92:D8:E3:8A:4E:09:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/c9IR1bIQ47GWBU23GJLY44pOCe8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/c9IR1bIQ47GWBU23GJLY44pOCe8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2927/YM-3CpnHniKHloIYaw4EhJh26JQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.41.0.0/23 Signature Algorithm: sha256WithRSAEncryption 12:c0:c0:63:7d:11:cd:2d:9d:b0:26:80:97:0e:01:bf:2a:ef: 2d:d3:49:25:6d:3b:13:d4:06:ad:ee:88:a1:7f:ca:28:43:c9: cf:c5:8c:07:02:63:b1:24:c8:6d:ad:84:07:a5:71:c6:fe:06: 58:ec:03:db:82:7b:68:e1:07:87:c1:82:6a:ed:a0:9d:ef:f5: 22:98:4c:f6:c1:ac:09:14:6c:7a:31:35:63:9f:a9:6b:a7:d0: 2b:b8:a4:e1:4f:a3:ad:73:46:1f:44:66:e0:b7:4d:69:5a:5a: bf:b9:9e:ce:a6:00:7c:39:b6:62:57:fe:85:5f:45:0b:3a:15: 60:e8:f1:ae:a6:41:7b:50:57:dc:b1:43:13:8a:59:08:5c:69: 8e:dc:ad:8e:86:65:7d:0f:02:d7:42:46:1e:24:6d:66:ca:a6: 30:d3:d5:5c:14:16:43:28:f5:b1:9c:93:74:b2:5b:84:fa:ef: 32:65:7c:ed:bc:fb:6b:d5:bf:d4:87:3e:5c:80:78:8a:9b:97: 38:08:72:b4:34:60:86:b6:9d:14:c8:da:c8:f8:c9:d7:be:37: 6f:b0:21:19:2f:13:83:7c:d7:75:d4:a1:41:a9:a4:fb:d0:9d: 62:88:3d:f2:0b:06:7a:9a:cc:25:cb:78:45:2f:ac:66:c6:f2: 7b:0c:50:08 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3M0Qy MTFENUIyMTBFM0IxOTYwNTREQjcxODkyRDhFMzhBNEUwOUVGMB4XDTI1MDYyNTAy NDAzMloXDTI2MDYyNTAyMzUxMlowMzExMC8GA1UEAxMoNjBDRkI3MEE5OUM3OUUy Mjg3OTY4MjE4NkIwRTA0ODQ5ODc2RTg5NDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMEFiZRN/fbydOVtazM+K3S7IR85p0uBv7a+ZIoDddlu9kskplTd hyCBTxwutixklHnnrhFG7CAlhgH4HXB08LIIVsb23Xx1FyRz7LDuVE5HvSxnEVRv H5rQqoDiUoAtsonEv4VmvoeODs8A+lo7FMe/xHPHofg0HQwv9NdBkDXrzx7sxVWu A/RUAjog/zRcJlJa9ZqyhltUOoc1sG2BCkCC4CBPkRf/IjKYHaTVksm/KXMoNEVU qacJGoaHjIZIKKZpBq3w5v7cYM0vJdkxDEXorQR09CSs2oRAgb5rI4IrPIUkuIiG hw9p5YBMcQSiMGGxoGH4qT0EMuvsrzZjnUsCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBRgz7cKmceeIoeWghhrDgSEmHbolDAfBgNVHSMEGDAWgBRz0hHVshDjsZYFTbcY ktjjik4J7zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yOTI3 L2M5SVIxYklRNDdHV0JVMjNHSkxZNDRwT0NlOC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvYzlJUjFiSVE0N0dXQlUyM0dKTFk0NHBPQ2U4LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjkyNy9ZTS0zQ3BuSG5pS0hs b0lZYXc0RWhKaDI2SlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZykAMA0GCSqGSIb3DQEBCwUAA4IBAQASwMBjfRHNLZ2wJoCXDgG/Ku8t00kl bTsT1Aat7oihf8ooQ8nPxYwHAmOxJMhtrYQHpXHG/gZY7APbgnto4QeHwYJq7aCd 7/UimEz2wawJFGx6MTVjn6lrp9AruKThT6Otc0YfRGbgt01pWlq/uZ7OpgB8ObZi V/6FX0ULOhVg6PGupkF7UFfcsUMTilkIXGmO3K2OhmV9DwLXQkYeJG1myqYw09Vc FBZDKPWxnJN0sluE+u8yZXztvPtr1b/Uhz5cgHiKm5c4CHK0NGCGtp0UyNrI+MnX vjdvsCEZLxODfNd11KFBqaT70J1iiD3yCwZ6mswly3hFL6xmxvJ7DFAI -----END CERTIFICATE-----Generated at Fri Jul 4 12:16:15 2025 by rpki-client