$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3255/3kY-W2DzzQgIYqWj02E7erQNW4c.roa File: 3kY-W2DzzQgIYqWj02E7erQNW4c.roa (raw, json) Hash identifier: nRO2jqx2JO4q4Ht0LRbD0tkIA6beoFq/ALxWOLJtGCE= Subject key identifier: DE:46:3E:5B:60:F3:CD:08:08:62:A5:A3:D3:61:3B:7A:B4:0D:5B:87 Certificate issuer: /CN=7F918CF26503D1F9BCFA77DC0AA592A57DDF8245 Certificate serial: 0B4B Authority key identifier: 7F:91:8C:F2:65:03:D1:F9:BC:FA:77:DC:0A:A5:92:A5:7D:DF:82:45 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/f5GM8mUD0fm8-nfcCqWSpX3fgkU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3255/3kY-W2DzzQgIYqWj02E7erQNW4c.roa Signing time: Wed 20 Aug 2025 06:37:04 +0000 ROA not before: Wed 20 Aug 2025 06:37:04 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 151295 IP address blocks: 103.216.136.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3255/f5GM8mUD0fm8-nfcCqWSpX3fgkU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3255/f5GM8mUD0fm8-nfcCqWSpX3fgkU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/f5GM8mUD0fm8-nfcCqWSpX3fgkU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 02:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2891 (0xb4b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7F918CF26503D1F9BCFA77DC0AA592A57DDF8245 Validity Not Before: Aug 20 06:37:04 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=DE463E5B60F3CD080862A5A3D3613B7AB40D5B87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:20:60:91:a5:ab:11:5f:17:09:69:37:a2:61: 02:4f:15:ab:98:66:d1:8f:89:0e:bb:07:85:33:b0: 80:34:e5:6c:8d:49:8f:c0:b1:fd:45:90:0e:de:ad: 26:a6:03:52:94:fe:64:23:04:a6:cc:e2:c9:44:1d: b5:df:5f:27:6e:77:4d:0a:f6:66:d8:9e:87:62:86: b9:1e:9c:75:d6:88:4d:fe:0d:5f:55:ba:48:c3:6c: a2:6e:3c:b9:22:d7:d0:5c:d0:6f:6b:6f:79:29:db: a7:52:a3:f3:b3:23:3f:e2:29:55:7c:48:35:8c:27: a2:aa:3d:77:45:0e:77:2f:80:62:a1:38:03:f5:94: c8:70:a7:1d:da:0c:9e:36:76:b0:69:53:8f:34:53: 20:20:be:2c:fb:be:61:4e:95:4c:b6:71:52:96:e5: ac:d4:bb:ba:88:a1:1a:0f:ee:6b:f8:b1:93:7c:82: b2:06:82:05:f2:48:41:17:62:22:b3:b7:6e:38:b2: 06:94:56:4c:b4:06:49:64:5c:61:72:3e:1e:a2:eb: 08:94:77:ea:17:49:2a:0d:12:0d:46:7b:21:2a:54: 63:0e:64:20:c2:e7:89:aa:1b:82:cf:cd:b6:6c:98: ab:9b:c0:68:3b:21:28:c4:dd:95:f1:99:e6:39:d9: b5:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:46:3E:5B:60:F3:CD:08:08:62:A5:A3:D3:61:3B:7A:B4:0D:5B:87 X509v3 Authority Key Identifier: keyid:7F:91:8C:F2:65:03:D1:F9:BC:FA:77:DC:0A:A5:92:A5:7D:DF:82:45 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3255/f5GM8mUD0fm8-nfcCqWSpX3fgkU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/f5GM8mUD0fm8-nfcCqWSpX3fgkU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3255/3kY-W2DzzQgIYqWj02E7erQNW4c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.216.136.0/22 Signature Algorithm: sha256WithRSAEncryption c3:52:3c:88:73:1a:76:e8:7a:ba:ca:4b:b6:c9:5c:55:86:eb: 7d:e7:86:c5:56:40:12:48:a1:28:d2:e7:20:ec:40:3a:8d:84: 28:e4:95:8b:11:5f:47:b2:8b:84:73:4b:77:c8:ab:13:45:f9: 51:05:5e:1e:a6:61:cb:87:7e:73:d3:87:41:06:2b:45:f8:1d: e6:98:df:d1:8b:5b:9b:85:aa:8f:92:b9:0d:74:e0:23:4d:40: ec:de:0d:3f:4d:c7:5f:91:80:1f:bc:cc:a1:5b:db:96:0c:be: fb:90:98:44:9a:7b:41:75:51:45:5c:a6:8c:a7:b7:42:20:3f: 91:e3:89:62:c0:5b:9d:1a:f7:fb:3f:fb:60:99:e4:24:0a:76: ba:45:63:77:5c:b3:47:6e:bb:83:6e:8a:10:1d:2a:00:84:ba: 6d:25:45:ca:7a:bb:49:a9:48:cb:ba:18:81:78:af:54:05:40: 9c:df:fc:dc:5a:77:e9:78:16:23:42:74:aa:82:fa:52:b2:97: 3f:3a:ce:a3:7d:8c:33:28:40:a7:62:5b:19:ab:cc:aa:43:f2: 61:4a:5c:62:f0:42:44:76:14:22:eb:ee:1e:23:2b:a5:55:fe: d7:14:90:9a:03:50:43:0d:7e:a8:ed:3e:64:1b:39:bb:b5:2c: 7d:a7:11:63 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICC0swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0Y5 MThDRjI2NTAzRDFGOUJDRkE3N0RDMEFBNTkyQTU3RERGODI0NTAeFw0yNTA4MjAw NjM3MDRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKERFNDYzRTVCNjBGM0NE MDgwODYyQTVBM0QzNjEzQjdBQjQwRDVCODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTIGCRpasRXxcJaTeiYQJPFauYZtGPiQ67B4UzsIA05WyNSY/A sf1FkA7erSamA1KU/mQjBKbM4slEHbXfXydud00K9mbYnodihrkenHXWiE3+DV9V ukjDbKJuPLki19Bc0G9rb3kp26dSo/OzIz/iKVV8SDWMJ6KqPXdFDncvgGKhOAP1 lMhwpx3aDJ42drBpU480UyAgviz7vmFOlUy2cVKW5azUu7qIoRoP7mv4sZN8grIG ggXySEEXYiKzt244sgaUVky0BklkXGFyPh6i6wiUd+oXSSoNEg1GeyEqVGMOZCDC 54mqG4LPzbZsmKubwGg7ISjE3ZXxmeY52bUnAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU3kY+W2DzzQgIYqWj02E7erQNW4cwHwYDVR0jBBgwFoAUf5GM8mUD0fm8+nfc CqWSpX3fgkUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 NS9mNUdNOG1VRDBmbTgtbmZjQ3FXU3BYM2Zna1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2Y1R004bVVEMGZtOC1uZmNDcVdTcFgzZmdrVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTUvM2tZLVcyRHp6UWdJ WXFXajAyRTdlclFOVzRjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmfYiDANBgkqhkiG9w0BAQsFAAOCAQEAw1I8iHMaduh6uspLtslcVYbrfeeG xVZAEkihKNLnIOxAOo2EKOSVixFfR7KLhHNLd8irE0X5UQVeHqZhy4d+c9OHQQYr Rfgd5pjf0Ytbm4Wqj5K5DXTgI01A7N4NP03HX5GAH7zMoVvblgy++5CYRJp7QXVR RVymjKe3QiA/keOJYsBbnRr3+z/7YJnkJAp2ukVjd1yzR267g26KEB0qAIS6bSVF ynq7SalIy7oYgXivVAVAnN/83Fp36XgWI0J0qoL6UrKXPzrOo32MMyhAp2JbGavM qkPyYUpcYvBCRHYUIuvuHiMrpVX+1xSQmgNQQw1+qO0+ZBs5u7UsfacRYw== -----END CERTIFICATE-----Generated at Sun Aug 24 01:28:29 2025 by rpki-client