$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3261/P7uWjXjonyWWDUrUE1VsBjgamkk.roa File: P7uWjXjonyWWDUrUE1VsBjgamkk.roa (raw, json) Hash identifier: jhYkTgyRVhWCnlzsLbr8rLzp25f785WwAe+V21SuVA0= Subject key identifier: 3F:BB:96:8D:78:E8:9F:25:96:0D:4A:D4:13:55:6C:06:38:1A:9A:49 Certificate issuer: /CN=DCC4D5F25F3EA2CA67C3D8BEB66BF30933E5916A Certificate serial: 0B6F Authority key identifier: DC:C4:D5:F2:5F:3E:A2:CA:67:C3:D8:BE:B6:6B:F3:09:33:E5:91:6A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3MTV8l8-ospnw9i-tmvzCTPlkWo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3261/P7uWjXjonyWWDUrUE1VsBjgamkk.roa Signing time: Sat 13 Sep 2025 03:04:31 +0000 ROA not before: Sat 13 Sep 2025 03:04:31 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 146787 IP address blocks: 157.15.74.0/23 maxlen: 26 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3261/3MTV8l8-ospnw9i-tmvzCTPlkWo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3261/3MTV8l8-ospnw9i-tmvzCTPlkWo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3MTV8l8-ospnw9i-tmvzCTPlkWo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 18:05:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2927 (0xb6f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DCC4D5F25F3EA2CA67C3D8BEB66BF30933E5916A Validity Not Before: Sep 13 03:04:31 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=3FBB968D78E89F25960D4AD413556C06381A9A49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:a7:f7:07:fd:e0:5e:2d:fa:8b:98:a3:79:8c: f0:60:28:1d:46:da:97:df:4a:0e:fe:1a:df:5b:a1: 47:6f:bf:6d:e5:16:c0:df:43:90:2c:22:76:29:95: 21:cd:bb:05:a3:f7:e1:34:03:08:e2:13:95:fc:98: 28:b0:f6:f8:13:c2:a2:db:7a:ae:6a:b6:51:bb:90: 57:28:ef:e5:ce:24:8a:e3:dd:29:43:83:40:84:7f: 64:4e:86:a5:3a:2a:3d:48:e4:5c:78:08:e7:79:d9: 86:11:6b:26:2a:93:b4:0f:59:87:54:3e:e3:04:b1: e6:d3:10:de:98:97:12:dd:54:6f:24:81:72:28:93: f5:c2:ba:f5:4d:9a:9f:3a:e9:4c:bb:69:bf:57:de: 2c:74:0d:63:75:3f:70:27:5a:01:be:99:07:d9:f9: b1:c0:33:4d:7c:a7:18:50:72:a2:46:5c:c6:0e:14: c4:48:95:e4:93:8d:1d:15:17:88:0e:29:81:49:bf: 17:80:a9:27:43:e2:d3:00:de:36:2b:03:8c:fd:20: 1e:5b:de:e0:f1:b2:d5:95:5b:56:15:5a:f5:25:e6: 4a:6f:18:fd:81:43:0d:af:bc:f0:48:f2:0d:68:38: a1:38:76:1b:09:40:69:b5:a1:13:87:5c:1e:f1:42: 56:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:BB:96:8D:78:E8:9F:25:96:0D:4A:D4:13:55:6C:06:38:1A:9A:49 X509v3 Authority Key Identifier: keyid:DC:C4:D5:F2:5F:3E:A2:CA:67:C3:D8:BE:B6:6B:F3:09:33:E5:91:6A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3261/3MTV8l8-ospnw9i-tmvzCTPlkWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3MTV8l8-ospnw9i-tmvzCTPlkWo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3261/P7uWjXjonyWWDUrUE1VsBjgamkk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.15.74.0/23 Signature Algorithm: sha256WithRSAEncryption 47:3c:1f:72:6e:1b:95:94:8f:dc:55:d2:de:f5:bb:de:ca:d6: e7:27:e5:a5:09:62:18:3a:77:33:3f:5c:d5:41:15:f3:f5:5f: 40:68:1d:18:44:63:71:27:32:af:91:73:da:f2:62:29:1a:57: 9f:77:13:85:5b:78:fd:96:2d:a4:7d:af:4c:5e:68:45:d2:b6: 1a:af:a2:59:d2:11:1f:f6:77:88:08:a4:b2:f3:73:e4:5f:49: bb:9f:09:59:82:c0:39:3f:b8:dd:e4:dc:98:32:db:f0:be:08: 18:0e:f8:e5:db:97:53:bf:aa:5d:d2:a1:f8:96:67:ef:70:8c: 48:a8:7c:92:fc:e8:e6:26:a3:5b:de:d5:af:d7:5f:06:19:81: f0:7c:2f:b9:9a:b7:ee:a1:33:54:cb:f0:db:73:bb:46:e0:27: 6f:65:ad:9f:85:b5:22:0a:70:6e:b9:8d:cd:d1:98:77:71:64: fa:a8:61:a8:c7:16:42:04:82:d9:81:f0:58:44:8f:1a:88:da: b8:f1:23:6a:8c:8f:86:89:e0:87:fd:e4:ef:f3:86:b3:d8:d3: d4:cd:d8:f0:6b:08:8b:02:24:15:01:b4:56:a2:24:60:99:45: 3e:1a:c6:e1:fb:f8:6b:ab:a2:48:d8:35:2c:c5:91:0a:38:34: 5a:b9:91:ba -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICC28wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREND NEQ1RjI1RjNFQTJDQTY3QzNEOEJFQjY2QkYzMDkzM0U1OTE2QTAeFw0yNTA5MTMw MzA0MzFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDNGQkI5NjhENzhFODlG MjU5NjBENEFENDEzNTU2QzA2MzgxQTlBNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2p/cH/eBeLfqLmKN5jPBgKB1G2pffSg7+Gt9boUdvv23lFsDf Q5AsInYplSHNuwWj9+E0AwjiE5X8mCiw9vgTwqLbeq5qtlG7kFco7+XOJIrj3SlD g0CEf2ROhqU6Kj1I5Fx4COd52YYRayYqk7QPWYdUPuMEsebTEN6YlxLdVG8kgXIo k/XCuvVNmp866Uy7ab9X3ix0DWN1P3AnWgG+mQfZ+bHAM018pxhQcqJGXMYOFMRI leSTjR0VF4gOKYFJvxeAqSdD4tMA3jYrA4z9IB5b3uDxstWVW1YVWvUl5kpvGP2B Qw2vvPBI8g1oOKE4dhsJQGm1oROHXB7xQla5AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUP7uWjXjonyWWDUrUE1VsBjgamkkwHwYDVR0jBBgwFoAU3MTV8l8+ospnw9i+ tmvzCTPlkWowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 MS8zTVRWOGw4LW9zcG53OWktdG12ekNUUGxrV28uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzNNVFY4bDgtb3Nwbnc5aS10bXZ6Q1RQbGtXby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjEvUDd1V2pYam9ueVdX RFVyVUUxVnNCamdhbWtrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAZ0PSjANBgkqhkiG9w0BAQsFAAOCAQEARzwfcm4blZSP3FXS3vW73srW5yfl pQliGDp3Mz9c1UEV8/VfQGgdGERjcScyr5Fz2vJiKRpXn3cThVt4/ZYtpH2vTF5o RdK2Gq+iWdIRH/Z3iAiksvNz5F9Ju58JWYLAOT+43eTcmDLb8L4IGA745duXU7+q XdKh+JZn73CMSKh8kvzo5iajW97Vr9dfBhmB8HwvuZq37qEzVMvw23O7RuAnb2Wt n4W1IgpwbrmNzdGYd3Fk+qhhqMcWQgSC2YHwWESPGojauPEjaoyPhongh/3k7/OG s9jT1M3Y8GsIiwIkFQG0VqIkYJlFPhrG4fv4a6uiSNg1LMWRCjg0WrmRug== -----END CERTIFICATE-----Generated at Tue Oct 21 17:16:43 2025 by rpki-client