$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/ymBkMBkvEZC__vixuO4VkYyBka4.roa File: ymBkMBkvEZC__vixuO4VkYyBka4.roa (raw, json) Hash identifier: tgy5Q1GdGETdIxaUpFQuKf+ITvifg8cw2jXv4bhzOnE= Subject key identifier: CA:60:64:30:19:2F:11:90:BF:FE:F8:B1:B8:EE:15:91:8C:81:91:AE Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 14A7 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ymBkMBkvEZC__vixuO4VkYyBka4.roa Signing time: Wed 30 Jul 2025 02:47:57 +0000 ROA not before: Wed 30 Jul 2025 02:47:57 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 55990 IP address blocks: 115.120.148.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 11:04:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5287 (0x14a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Jul 30 02:47:57 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=CA606430192F1190BFFEF8B1B8EE15918C8191AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:bc:f6:e7:89:35:b2:33:67:24:44:a0:71:45: 73:98:2c:66:3f:c3:06:0b:7d:35:e2:81:67:d4:06: d6:29:ab:80:46:66:87:f0:e1:af:07:e6:9a:3f:94: d3:dc:ce:51:8d:5c:ea:e3:64:03:31:5c:71:51:34: b0:86:ab:4a:84:4a:f6:04:af:b8:ba:31:e8:00:4a: ee:6c:78:d7:45:35:2f:6c:2e:41:89:f2:42:61:0b: 6e:4e:e3:50:7f:d4:00:dd:43:ef:a1:b0:37:c9:a9: b7:83:fd:11:ee:1d:7f:40:e5:57:be:96:9b:0c:85: a5:b5:92:a9:53:78:35:6a:ec:3a:59:5e:7c:b1:52: 33:8f:7c:52:9c:d1:02:f9:09:83:44:9a:ea:bb:f2: f1:91:b4:54:8c:68:33:81:c9:4d:65:b7:29:d7:5f: 65:a7:be:97:f8:97:cf:15:06:94:6a:53:90:e0:28: 26:c8:e7:b3:57:4c:13:63:cd:57:8c:96:06:f9:14: c9:f3:b7:31:9a:64:8a:06:ee:e0:47:c7:21:74:a1: 59:40:65:d4:7f:d6:ac:76:9d:19:0f:13:62:0a:e5: 5a:62:19:55:c4:ec:1d:b1:e4:f8:39:68:ba:60:9f: 0d:5b:13:c4:25:c1:31:f7:83:42:80:96:55:e3:21: fd:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:60:64:30:19:2F:11:90:BF:FE:F8:B1:B8:EE:15:91:8C:81:91:AE X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ymBkMBkvEZC__vixuO4VkYyBka4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.120.148.0/22 Signature Algorithm: sha256WithRSAEncryption 36:36:3e:bd:86:d4:cd:cc:13:10:2d:41:c5:0c:82:af:2e:83: ce:dd:44:82:ad:a3:4a:42:7d:c4:f2:27:91:5c:07:01:8e:10: 91:c7:e9:07:77:56:c4:e4:44:b6:28:63:91:b9:1b:10:96:8f: f1:13:d2:8d:47:bf:82:aa:1c:a0:6c:b5:ce:44:3e:5c:77:be: 7e:7f:b1:3c:59:0f:e1:76:0f:27:53:23:66:c5:8e:54:3b:02: 83:52:d0:74:6c:8f:ab:39:54:a3:fd:6a:aa:39:d6:2c:f8:88: 08:71:a3:72:19:f8:58:a5:c8:41:90:35:ca:0b:53:a7:40:90: db:06:0e:68:14:65:5f:13:3e:7e:a3:0c:58:50:87:a4:06:09: 42:ea:ea:a1:ab:17:71:87:05:87:09:5c:26:a9:07:06:66:b8: 99:d0:79:dd:fe:e6:a2:f7:e2:59:d9:e6:3f:2b:d3:e7:cb:f6: a3:b1:dc:60:e2:3e:ac:aa:e2:49:f3:3f:77:c3:87:ea:6e:06: ea:ad:1b:9e:ee:4d:68:3a:df:30:86:74:e1:1e:3d:ec:f7:43: 48:c2:69:6e:20:e6:dd:89:63:f3:71:7e:16:92:de:44:51:20: 5e:54:0f:c6:8a:33:c1:77:d3:9f:3c:92:ce:a0:fd:e7:f4:6c: 88:e8:7a:89 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFKcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA3MzAw MjQ3NTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKENBNjA2NDMwMTkyRjEx OTBCRkZFRjhCMUI4RUUxNTkxOEM4MTkxQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyvPbniTWyM2ckRKBxRXOYLGY/wwYLfTXigWfUBtYpq4BGZofw 4a8H5po/lNPczlGNXOrjZAMxXHFRNLCGq0qESvYEr7i6MegASu5seNdFNS9sLkGJ 8kJhC25O41B/1ADdQ++hsDfJqbeD/RHuHX9A5Ve+lpsMhaW1kqlTeDVq7DpZXnyx UjOPfFKc0QL5CYNEmuq78vGRtFSMaDOByU1ltynXX2Wnvpf4l88VBpRqU5DgKCbI 57NXTBNjzVeMlgb5FMnztzGaZIoG7uBHxyF0oVlAZdR/1qx2nRkPE2IK5VpiGVXE 7B2x5Pg5aLpgnw1bE8QlwTH3g0KAllXjIf39AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUymBkMBkvEZC//vixuO4VkYyBka4wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQveW1Ca01Ca3ZFWkNf X3ZpeHVPNFZrWXlCa2E0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAnN4lDANBgkqhkiG9w0BAQsFAAOCAQEANjY+vYbUzcwTEC1BxQyCry6Dzt1E gq2jSkJ9xPInkVwHAY4QkcfpB3dWxOREtihjkbkbEJaP8RPSjUe/gqocoGy1zkQ+ XHe+fn+xPFkP4XYPJ1MjZsWOVDsCg1LQdGyPqzlUo/1qqjnWLPiICHGjchn4WKXI QZA1ygtTp0CQ2wYOaBRlXxM+fqMMWFCHpAYJQurqoasXcYcFhwlcJqkHBma4mdB5 3f7movfiWdnmPyvT58v2o7HcYOI+rKriSfM/d8OH6m4G6q0bnu5NaDrfMIZ04R49 7PdDSMJpbiDm3Ylj83F+FpLeRFEgXlQPxoozwXfTnzySzqD95/RsiOh6iQ== -----END CERTIFICATE-----Generated at Sun Aug 24 09:05:33 2025 by rpki-client