$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3214/MoP4veIQty3_inOzFxCFTk7JLeE.roa File: MoP4veIQty3_inOzFxCFTk7JLeE.roa (raw, json) Hash identifier: M+GdKVy49/tnFnNNA0712vGEzZpVPyOBAdGyfVeaaP0= Subject key identifier: 32:83:F8:BD:E2:10:B7:2D:FF:8A:73:B3:17:10:85:4E:4E:C9:2D:E1 Certificate issuer: /CN=4A3495FD0B5353975677490665F031C4692CADBA Certificate serial: 0E76 Authority key identifier: 4A:34:95:FD:0B:53:53:97:56:77:49:06:65:F0:31:C4:69:2C:AD:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SjSV_QtTU5dWd0kGZfAxxGksrbo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3214/MoP4veIQty3_inOzFxCFTk7JLeE.roa Signing time: Tue 13 May 2025 08:38:20 +0000 ROA not before: Tue 13 May 2025 08:38:20 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146788 IP address blocks: 103.2.188.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3214/SjSV_QtTU5dWd0kGZfAxxGksrbo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3214/SjSV_QtTU5dWd0kGZfAxxGksrbo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SjSV_QtTU5dWd0kGZfAxxGksrbo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 15:39:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3702 (0xe76) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4A3495FD0B5353975677490665F031C4692CADBA Validity Not Before: May 13 08:38:20 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=3283F8BDE210B72DFF8A73B31710854E4EC92DE1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:02:d2:3b:f5:cb:0b:eb:36:66:18:06:6f:ae: f7:83:e6:07:6a:ff:c6:0a:3f:0b:2a:79:c0:8b:6d: 28:00:b6:d2:b5:c4:12:36:3f:a2:79:9b:a2:9d:f6: c2:29:e0:7e:ae:51:4a:4b:66:80:86:19:4a:42:4b: f7:b6:59:19:1b:06:ca:95:e5:19:87:6a:f7:55:24: 72:75:72:d1:80:f9:7a:41:0e:71:4c:e9:d4:ac:54: 01:32:b6:d4:99:b5:41:03:fe:2e:88:a2:dd:fa:f9: 44:72:ed:52:90:b8:0c:37:21:d7:5c:a6:b8:f8:9a: f1:ab:19:37:30:72:ce:e9:3e:f4:4e:68:c7:5b:5f: 31:49:60:6f:b2:3d:23:7e:b6:c5:c6:7a:26:be:b5: 29:d0:1e:de:a7:f0:eb:b3:10:8c:41:33:b5:e0:f6: 9c:d0:14:6a:e2:cc:51:c1:9a:5b:ad:ce:b6:f5:09: 1f:14:33:91:9d:f2:01:61:0a:de:81:6f:e2:09:e1: e5:01:2f:66:a6:c2:e6:5b:46:36:26:c7:e1:98:f4: ee:0d:fa:90:3e:09:19:19:ce:a3:ed:a7:07:b0:75: 6e:f9:ed:19:c8:c9:16:b3:54:5f:56:c3:a5:dd:05: f9:8a:d3:83:de:4a:d9:77:08:ff:6f:39:ad:cb:ad: b9:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:83:F8:BD:E2:10:B7:2D:FF:8A:73:B3:17:10:85:4E:4E:C9:2D:E1 X509v3 Authority Key Identifier: keyid:4A:34:95:FD:0B:53:53:97:56:77:49:06:65:F0:31:C4:69:2C:AD:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3214/SjSV_QtTU5dWd0kGZfAxxGksrbo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SjSV_QtTU5dWd0kGZfAxxGksrbo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3214/MoP4veIQty3_inOzFxCFTk7JLeE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.2.188.0/23 Signature Algorithm: sha256WithRSAEncryption b7:17:59:1f:22:58:47:eb:a7:99:8f:1b:e9:80:2e:e2:ab:8d: 8a:14:de:98:94:a5:12:67:ae:1d:86:d8:f9:e5:16:36:99:09: ee:84:e5:d3:73:98:8c:88:f0:a4:bd:d3:96:5e:38:d6:1d:53: 16:67:bd:e1:97:50:e5:f4:42:62:98:83:48:ab:ec:28:29:f9: 74:ac:28:ff:99:85:6e:79:8c:fa:2d:46:43:19:e4:0c:f7:c6: 52:13:3c:c3:db:23:36:3d:e1:86:bd:aa:ed:45:a9:a8:0c:74: d8:a6:8f:4e:aa:74:74:52:02:6a:c7:60:52:91:eb:d4:f7:16: 31:94:cd:b3:28:51:e1:0b:9e:7f:ad:b1:99:0a:27:e0:68:4d: 63:36:c5:29:2f:28:8d:c2:b7:e2:78:d5:9a:90:9d:4a:93:67: 87:f1:8a:d2:b1:0d:0e:0c:9d:7e:b7:9d:e2:12:d0:10:2f:d1: 03:c0:1e:c8:e9:7c:63:14:58:39:d3:b8:16:ee:b2:79:34:fb: bb:af:cd:d2:aa:ca:25:ce:35:5c:da:2d:a0:ff:8c:3a:17:9a: f7:02:91:f0:db:79:6f:23:8e:da:3d:90:62:88:8b:d5:d9:76: e8:e7:f4:a0:2c:81:86:a5:77:69:83:0f:3e:00:92:83:83:5a: 7e:04:24:b7 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDnYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEEz NDk1RkQwQjUzNTM5NzU2Nzc0OTA2NjVGMDMxQzQ2OTJDQURCQTAeFw0yNTA1MTMw ODM4MjBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDMyODNGOEJERTIxMEI3 MkRGRjhBNzNCMzE3MTA4NTRFNEVDOTJERTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5AtI79csL6zZmGAZvrveD5gdq/8YKPwsqecCLbSgAttK1xBI2 P6J5m6Kd9sIp4H6uUUpLZoCGGUpCS/e2WRkbBsqV5RmHavdVJHJ1ctGA+XpBDnFM 6dSsVAEyttSZtUED/i6Iot36+URy7VKQuAw3Iddcprj4mvGrGTcwcs7pPvROaMdb XzFJYG+yPSN+tsXGeia+tSnQHt6n8OuzEIxBM7Xg9pzQFGrizFHBmlutzrb1CR8U M5Gd8gFhCt6Bb+IJ4eUBL2amwuZbRjYmx+GY9O4N+pA+CRkZzqPtpwewdW757RnI yRazVF9Ww6XdBfmK04PeStl3CP9vOa3Lrbm5AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUMoP4veIQty3/inOzFxCFTk7JLeEwHwYDVR0jBBgwFoAUSjSV/QtTU5dWd0kG ZfAxxGksrbowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzIx NC9TalNWX1F0VFU1ZFdkMGtHWmZBeHhHa3NyYm8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NqU1ZfUXRUVTVkV2Qwa0daZkF4eEdrc3Jiby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyMTQvTW9QNHZlSVF0eTNf aW5PekZ4Q0ZUazdKTGVFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWcCvDANBgkqhkiG9w0BAQsFAAOCAQEAtxdZHyJYR+unmY8b6YAu4quNihTe mJSlEmeuHYbY+eUWNpkJ7oTl03OYjIjwpL3Tll441h1TFme94ZdQ5fRCYpiDSKvs KCn5dKwo/5mFbnmM+i1GQxnkDPfGUhM8w9sjNj3hhr2q7UWpqAx02KaPTqp0dFIC asdgUpHr1PcWMZTNsyhR4Quef62xmQon4GhNYzbFKS8ojcK34njVmpCdSpNnh/GK 0rENDgydfred4hLQEC/RA8AeyOl8YxRYOdO4Fu6yeTT7u6/N0qrKJc41XNotoP+M Ohea9wKR8Nt5byOO2j2QYoiL1dl26Of0oCyBhqV3aYMPPgCSg4NafgQktw== -----END CERTIFICATE-----Generated at Sat May 17 14:06:14 2025 by rpki-client