$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/HAB3qrzke3hwLOzuIbAVbftkZrk.roa File: HAB3qrzke3hwLOzuIbAVbftkZrk.roa (raw, json) Hash identifier: 1KFZm3phURVjPNdXhqsy4NKFRt028oJTtHy67Un4v14= Subject key identifier: 1C:00:77:AA:BC:E4:7B:78:70:2C:EC:EE:21:B0:15:6D:FB:64:66:B9 Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Certificate serial: 07D7 Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/HAB3qrzke3hwLOzuIbAVbftkZrk.roa Signing time: Thu 24 Jul 2025 01:53:57 +0000 ROA not before: Thu 24 Jul 2025 01:53:57 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146762 IP address blocks: 103.2.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 03:04:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2007 (0x7d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Validity Not Before: Jul 24 01:53:57 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=1C0077AABCE47B78702CECEE21B0156DFB6466B9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:1f:92:26:f5:19:07:be:cb:dc:c5:35:0b:ea: b5:5e:7f:fb:68:8d:11:45:c5:a2:9c:a2:45:bb:61: aa:cf:64:92:f6:0c:95:62:51:b9:29:8e:3e:6f:9a: 3d:55:9a:7b:9f:88:b0:28:a7:df:9e:d6:16:49:ca: 1c:20:9d:78:c9:56:15:31:ef:ef:ca:11:67:58:bb: 9a:f9:61:bd:6f:16:48:9a:a3:7d:71:5a:82:94:06: 94:1d:f6:6a:4c:90:1e:6b:63:c4:2f:0d:31:a0:59: 6c:f6:f1:66:86:ec:9b:30:f3:5f:2f:d8:30:b1:c0: 9d:2d:d4:b3:58:44:1d:29:06:f5:e2:f8:2f:f2:a9: 19:ca:9b:b9:d9:55:85:55:18:cc:94:bb:6b:21:22: f8:25:da:6e:a5:00:79:f8:af:8a:47:9c:25:aa:ee: fb:6d:5d:d4:be:00:c6:bb:e8:fa:31:cc:86:18:bd: 74:14:6a:3c:69:d6:dc:a0:75:da:93:1d:9c:b2:7d: fb:77:12:01:21:69:4f:31:0f:6b:18:93:59:49:cb: c9:fc:0a:65:a7:64:f9:3f:1f:58:71:98:4b:0c:f7: 35:b9:74:bd:4b:52:a1:cc:48:08:27:6e:18:3d:ac: 27:5e:42:36:7e:64:e1:31:91:b7:3d:f6:b4:ed:c1: a1:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:00:77:AA:BC:E4:7B:78:70:2C:EC:EE:21:B0:15:6D:FB:64:66:B9 X509v3 Authority Key Identifier: keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/HAB3qrzke3hwLOzuIbAVbftkZrk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.2.159.0/24 Signature Algorithm: sha256WithRSAEncryption a2:86:a2:7c:41:fb:78:45:6d:c6:7d:41:6d:57:f1:ed:96:c7: d6:5b:6b:dd:e8:0c:38:f4:53:9c:a1:7a:90:52:df:e3:9c:c7: 20:ef:64:9c:c5:b6:91:77:ff:ae:86:4a:c0:99:c0:38:43:d1: 5d:79:f0:74:ee:b9:72:3a:1a:b8:37:42:4f:13:47:54:bb:90: 8b:cb:d3:64:8b:a8:40:47:14:41:9b:91:f8:6f:f3:57:5d:71: e2:9c:c0:12:73:38:2a:7b:51:3d:48:50:8b:9e:67:eb:72:6c: ee:42:20:b2:ef:b4:4a:53:57:a4:6f:dd:7a:3b:31:ec:b5:a8: 3a:8d:d7:98:f3:ff:06:33:d9:1a:b5:c2:12:a7:85:1a:4a:cd: 24:da:0e:91:e7:3a:d6:d9:7c:c1:f7:35:23:0a:b7:02:b8:2d: bc:0b:4e:25:1f:32:19:ce:5b:49:f6:b9:47:6c:c3:d8:b2:66: 45:77:ff:5a:a6:db:ec:ee:cf:d8:46:97:41:a0:05:da:a3:15: 59:60:3f:59:f8:ad:6a:20:28:2a:f0:a4:99:35:d1:00:b0:0f: c0:24:17:99:12:41:3a:11:dd:d0:9a:32:fa:44:e6:0d:bd:63: d6:d0:35:7f:4c:7b:6a:6c:48:4e:5b:1a:c7:8e:79:19:ee:e9: bb:0a:6b:de -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICB9cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNTA3MjQw MTUzNTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDFDMDA3N0FBQkNFNDdC Nzg3MDJDRUNFRTIxQjAxNTZERkI2NDY2QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTH5Im9RkHvsvcxTUL6rVef/tojRFFxaKcokW7YarPZJL2DJVi Ubkpjj5vmj1VmnufiLAop9+e1hZJyhwgnXjJVhUx7+/KEWdYu5r5Yb1vFkiao31x WoKUBpQd9mpMkB5rY8QvDTGgWWz28WaG7Jsw818v2DCxwJ0t1LNYRB0pBvXi+C/y qRnKm7nZVYVVGMyUu2shIvgl2m6lAHn4r4pHnCWq7vttXdS+AMa76PoxzIYYvXQU ajxp1tygddqTHZyyfft3EgEhaU8xD2sYk1lJy8n8CmWnZPk/H1hxmEsM9zW5dL1L UqHMSAgnbhg9rCdeQjZ+ZOExkbc99rTtwaFfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUHAB3qrzke3hwLOzuIbAVbftkZrkwHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvSEFCM3FyemtlM2h3 TE96dUliQVZiZnRrWnJrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGcCnzANBgkqhkiG9w0BAQsFAAOCAQEAooaifEH7eEVtxn1BbVfx7ZbH1ltr 3egMOPRTnKF6kFLf45zHIO9knMW2kXf/roZKwJnAOEPRXXnwdO65cjoauDdCTxNH VLuQi8vTZIuoQEcUQZuR+G/zV11x4pzAEnM4KntRPUhQi55n63Js7kIgsu+0SlNX pG/dejsx7LWoOo3XmPP/BjPZGrXCEqeFGkrNJNoOkec61tl8wfc1Iwq3ArgtvAtO JR8yGc5bSfa5R2zD2LJmRXf/Wqbb7O7P2EaXQaAF2qMVWWA/WfitaiAoKvCkmTXR ALAPwCQXmRJBOhHd0Joy+kTmDb1j1tA1f0x7amxITlsax455Ge7puwpr3g== -----END CERTIFICATE-----Generated at Sun Aug 24 02:39:03 2025 by rpki-client