$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/DfOM2s-N7JxO0x90eKPITUNfgo8.roa File: DfOM2s-N7JxO0x90eKPITUNfgo8.roa (raw, json) Hash identifier: 3peMwvBiVSgFn5hZMWiD6cFdO1fmCvYp7pKNTzRWoP4= Subject key identifier: 0D:F3:8C:DA:CF:8D:EC:9C:4E:D3:1F:74:78:A3:C8:4D:43:5F:82:8F Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Certificate serial: 07D4 Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/DfOM2s-N7JxO0x90eKPITUNfgo8.roa Signing time: Thu 24 Jul 2025 01:53:55 +0000 ROA not before: Thu 24 Jul 2025 01:53:55 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146762 IP address blocks: 103.2.156.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 03:04:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2004 (0x7d4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Validity Not Before: Jul 24 01:53:55 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=0DF38CDACF8DEC9C4ED31F7478A3C84D435F828F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:ca:e3:89:48:3e:dc:5c:b7:29:19:ff:7e:85: e9:c1:9f:2c:8e:62:47:9b:66:fa:78:83:e2:21:5c: 51:00:22:9d:fb:e6:a8:96:78:ea:78:62:28:53:09: a1:1d:4a:ce:b2:30:d1:e2:59:8f:59:ab:40:08:dd: cc:9b:e1:d4:eb:85:cc:c6:f2:b7:1f:43:ac:78:01: 99:3f:5b:43:41:97:ee:79:93:c9:0f:24:a1:f4:cc: 40:ce:2b:cf:c2:50:7a:f5:b1:02:30:a8:07:ea:96: 95:85:d5:b4:0e:0f:07:18:c2:64:2b:f9:54:b4:fe: 57:16:03:ea:8b:c0:eb:13:44:ac:ac:88:af:67:59: aa:a6:4c:27:40:cf:dc:67:c7:f2:9b:6f:96:ab:75: d9:97:f3:ff:d1:5f:af:c7:f9:d2:38:50:5a:fb:56: 36:e9:f9:23:07:7e:a1:fa:76:53:95:5a:06:db:df: 96:40:6f:2d:4c:de:37:f5:66:f0:b2:c0:51:68:e7: 11:fd:be:18:3d:ed:20:50:1a:7d:a1:fe:60:fb:77: 1b:33:32:f1:b8:18:79:70:71:1d:14:67:2e:14:1a: d9:6f:c8:18:cc:46:9e:f9:a3:8a:6f:0f:49:6a:b5: 4f:23:a0:a0:44:f2:8d:41:08:5f:44:c7:6b:0e:1c: 0a:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:F3:8C:DA:CF:8D:EC:9C:4E:D3:1F:74:78:A3:C8:4D:43:5F:82:8F X509v3 Authority Key Identifier: keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/DfOM2s-N7JxO0x90eKPITUNfgo8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.2.156.0/24 Signature Algorithm: sha256WithRSAEncryption a6:bc:a4:61:fb:3f:9e:0b:3a:07:2f:39:f2:bb:86:37:56:23: 2f:e4:e1:ab:db:0c:96:9d:ae:50:9b:86:86:a7:89:7e:49:ee: 88:ed:94:f1:ce:31:9c:68:11:f5:1d:11:ff:30:f2:d6:40:ef: e6:7a:15:91:07:6d:8c:1f:a1:24:d7:c3:2b:09:02:ee:66:34: f4:58:b4:87:4a:d4:4c:83:9c:a4:d3:b1:b4:a9:b7:e8:6f:2b: f6:35:79:52:35:94:91:f3:64:42:44:09:32:19:44:bc:6c:32: 63:6c:7d:ae:cb:56:1c:08:3d:64:83:05:22:6b:a3:a8:7a:01: 27:19:00:38:c4:df:35:20:b4:9f:2b:7a:e8:03:5d:c2:3e:f8: fc:98:9e:68:7b:d0:74:55:bd:ab:b0:d4:56:bf:1e:c1:d6:50: de:86:7b:07:7c:cb:b4:b5:10:f3:a5:da:11:ec:9c:6d:9c:cb: 33:f4:5d:d2:35:ff:26:fa:fb:36:34:68:24:3e:06:d5:49:49: 91:60:cb:8a:4e:c6:49:24:d5:bb:e0:86:cc:d1:49:dc:83:23: ba:7b:0f:90:69:5b:2c:fd:9f:bc:fb:20:4b:c8:e4:0a:6f:b2: aa:e2:4a:67:74:f1:43:27:92:c9:96:5a:a0:9d:38:92:e2:ed: 85:aa:33:3c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICB9QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNTA3MjQw MTUzNTVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBERjM4Q0RBQ0Y4REVD OUM0RUQzMUY3NDc4QTNDODRENDM1RjgyOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOyuOJSD7cXLcpGf9+henBnyyOYkebZvp4g+IhXFEAIp375qiW eOp4YihTCaEdSs6yMNHiWY9Zq0AI3cyb4dTrhczG8rcfQ6x4AZk/W0NBl+55k8kP JKH0zEDOK8/CUHr1sQIwqAfqlpWF1bQODwcYwmQr+VS0/lcWA+qLwOsTRKysiK9n WaqmTCdAz9xnx/Kbb5arddmX8//RX6/H+dI4UFr7Vjbp+SMHfqH6dlOVWgbb35ZA by1M3jf1ZvCywFFo5xH9vhg97SBQGn2h/mD7dxszMvG4GHlwcR0UZy4UGtlvyBjM Rp75o4pvD0lqtU8joKBE8o1BCF9Ex2sOHArVAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUDfOM2s+N7JxO0x90eKPITUNfgo8wHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvRGZPTTJzLU43SnhP MHg5MGVLUElUVU5mZ284LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGcCnDANBgkqhkiG9w0BAQsFAAOCAQEAprykYfs/ngs6By858ruGN1YjL+Th q9sMlp2uUJuGhqeJfknuiO2U8c4xnGgR9R0R/zDy1kDv5noVkQdtjB+hJNfDKwkC 7mY09Fi0h0rUTIOcpNOxtKm36G8r9jV5UjWUkfNkQkQJMhlEvGwyY2x9rstWHAg9 ZIMFImujqHoBJxkAOMTfNSC0nyt66ANdwj74/JieaHvQdFW9q7DUVr8ewdZQ3oZ7 B3zLtLUQ86XaEeycbZzLM/Rd0jX/Jvr7NjRoJD4G1UlJkWDLik7GSSTVu+CGzNFJ 3IMjunsPkGlbLP2fvPsgS8jkCm+yquJKZ3TxQyeSyZZaoJ04kuLthaozPA== -----END CERTIFICATE-----Generated at Sun Aug 24 02:39:03 2025 by rpki-client