$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/ieGtJYxfMkpjaTVHoDKB_MN3RzY.roa File: ieGtJYxfMkpjaTVHoDKB_MN3RzY.roa (raw, json) Hash identifier: /Bmmm7crcze+c7BPrZxo6jJftYmQTM3NjlSZ7Udluu4= Subject key identifier: 89:E1:AD:25:8C:5F:32:4A:63:69:35:47:A0:32:81:FC:C3:77:47:36 Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Certificate serial: 07D6 Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/ieGtJYxfMkpjaTVHoDKB_MN3RzY.roa Signing time: Thu 24 Jul 2025 01:53:56 +0000 ROA not before: Thu 24 Jul 2025 01:53:56 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146762 IP address blocks: 103.2.158.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 03:04:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2006 (0x7d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Validity Not Before: Jul 24 01:53:56 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=89E1AD258C5F324A63693547A03281FCC3774736 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:a5:5f:d7:94:ea:0e:31:a5:cb:cf:7f:d8:18: 8f:58:70:ba:e4:ff:f9:35:84:f9:8c:bb:56:d9:ea: b2:5e:77:10:fd:e0:e9:dd:a9:e5:e2:79:f7:bb:9a: d3:c4:14:4f:ab:7c:11:e8:b9:37:45:2f:23:ba:3d: 72:d8:7a:97:e1:66:c0:5d:b4:92:ef:48:2d:73:ee: 21:69:bb:b3:52:13:6b:9a:4e:5d:9f:12:63:e8:05: 18:67:f1:8c:b9:25:c5:a8:03:17:56:c1:65:70:01: f8:7c:b2:8a:82:81:97:bb:51:fd:a7:39:be:bf:1d: b2:b2:4a:5a:96:a5:c8:c9:bc:d5:ad:d1:fd:f5:3e: de:d5:f9:d2:72:ea:6d:90:17:d4:94:ae:09:ee:4a: 07:7f:42:85:87:21:42:9d:09:63:1b:cb:9f:fc:5d: d6:f7:9b:07:8d:08:b0:3e:bc:d3:a0:da:2d:e6:80: 0f:51:ff:e6:2c:a2:33:19:fa:be:78:4b:f0:14:a3: a8:0a:4d:1c:9f:86:4d:5a:6b:28:1f:50:48:12:11: 36:4b:59:26:24:2d:f2:63:9a:47:9d:0a:01:c0:98: 27:cf:df:8e:ec:e4:11:16:a2:f1:c6:bd:5a:80:a3: 61:41:89:89:a3:9d:e8:57:fc:7b:16:84:3a:cc:bf: ee:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:E1:AD:25:8C:5F:32:4A:63:69:35:47:A0:32:81:FC:C3:77:47:36 X509v3 Authority Key Identifier: keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/ieGtJYxfMkpjaTVHoDKB_MN3RzY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.2.158.0/24 Signature Algorithm: sha256WithRSAEncryption 5e:48:d9:ed:4e:d2:ab:65:1c:04:12:11:94:b5:cf:70:26:d4: 9e:77:63:79:e7:c5:b7:47:9b:bf:42:61:72:b1:c9:2e:cf:5c: be:03:ef:ec:6d:82:c2:cd:ad:35:60:95:02:f2:34:04:ba:bd: ce:a1:b9:8a:5c:f3:19:0f:9b:1c:d2:e7:c3:bd:15:f5:8c:29: 90:fc:c3:b2:9c:cd:1e:d1:71:bc:4d:ea:85:71:4c:ff:a2:b6: ed:93:97:77:a1:cb:e9:7e:01:70:01:64:b3:cb:90:23:3f:71: a9:b8:cc:94:8f:e1:b1:f0:43:d4:b5:0c:3f:78:6c:86:42:ef: af:f4:23:2f:c8:c1:20:49:9e:16:26:4d:8e:fa:02:6f:e8:16: 81:bc:3a:84:1c:06:25:23:13:21:39:3d:4b:e9:6f:69:15:9a: 30:b7:3e:cc:e6:91:f7:fe:40:87:0d:ca:fd:db:c2:b7:d3:f1: 3a:c1:cd:e0:b2:b0:e3:5e:66:4b:fa:0b:8f:f8:46:e4:2f:53: a1:15:43:7b:81:6a:aa:22:b2:5d:5c:16:6f:99:38:67:05:55: 32:3f:0c:3c:4b:e2:3e:58:d7:e7:b8:54:4b:74:ac:6b:03:8a: d7:c6:9c:1f:be:91:71:d6:7c:52:9d:17:22:23:c3:b4:2f:aa: fa:50:f4:a8 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICB9YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNTA3MjQw MTUzNTZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg5RTFBRDI1OEM1RjMy NEE2MzY5MzU0N0EwMzI4MUZDQzM3NzQ3MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFpV/XlOoOMaXLz3/YGI9YcLrk//k1hPmMu1bZ6rJedxD94Ond qeXiefe7mtPEFE+rfBHouTdFLyO6PXLYepfhZsBdtJLvSC1z7iFpu7NSE2uaTl2f EmPoBRhn8Yy5JcWoAxdWwWVwAfh8soqCgZe7Uf2nOb6/HbKySlqWpcjJvNWt0f31 Pt7V+dJy6m2QF9SUrgnuSgd/QoWHIUKdCWMby5/8Xdb3mweNCLA+vNOg2i3mgA9R /+YsojMZ+r54S/AUo6gKTRyfhk1aaygfUEgSETZLWSYkLfJjmkedCgHAmCfP347s 5BEWovHGvVqAo2FBiYmjnehX/HsWhDrMv+71AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUieGtJYxfMkpjaTVHoDKB/MN3RzYwHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvaWVHdEpZeGZNa3Bq YVRWSG9ES0JfTU4zUnpZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGcCnjANBgkqhkiG9w0BAQsFAAOCAQEAXkjZ7U7Sq2UcBBIRlLXPcCbUnndj eefFt0ebv0JhcrHJLs9cvgPv7G2Cws2tNWCVAvI0BLq9zqG5ilzzGQ+bHNLnw70V 9YwpkPzDspzNHtFxvE3qhXFM/6K27ZOXd6HL6X4BcAFks8uQIz9xqbjMlI/hsfBD 1LUMP3hshkLvr/QjL8jBIEmeFiZNjvoCb+gWgbw6hBwGJSMTITk9S+lvaRWaMLc+ zOaR9/5Ahw3K/dvCt9PxOsHN4LKw415mS/oLj/hG5C9ToRVDe4FqqiKyXVwWb5k4 ZwVVMj8MPEviPljX57hUS3SsawOK18acH76RcdZ8Up0XIiPDtC+q+lD0qA== -----END CERTIFICATE-----Generated at Sun Aug 24 02:37:53 2025 by rpki-client