$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3262/oypn2FK5Aj8mFS1T59a_W2iG-P0.roa File: oypn2FK5Aj8mFS1T59a_W2iG-P0.roa (raw, json) Hash identifier: uAEdfspY2AkaGp1DKMTPN3eihlmw7A3Zj3qpHUQYRgE= Subject key identifier: A3:2A:67:D8:52:B9:02:3F:26:15:2D:53:E7:D6:BF:5B:68:86:F8:FD Certificate issuer: /CN=E5C6CEFC8782F89731A2C72966EDC181DAB5AE22 Certificate serial: 0AFE Authority key identifier: E5:C6:CE:FC:87:82:F8:97:31:A2:C7:29:66:ED:C1:81:DA:B5:AE:22 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5cbO_IeC-JcxoscpZu3Bgdq1riI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/oypn2FK5Aj8mFS1T59a_W2iG-P0.roa Signing time: Sun 17 Aug 2025 01:39:50 +0000 ROA not before: Sun 17 Aug 2025 01:39:50 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 37969 IP address blocks: 103.98.94.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/5cbO_IeC-JcxoscpZu3Bgdq1riI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/5cbO_IeC-JcxoscpZu3Bgdq1riI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5cbO_IeC-JcxoscpZu3Bgdq1riI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:02:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2814 (0xafe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E5C6CEFC8782F89731A2C72966EDC181DAB5AE22 Validity Not Before: Aug 17 01:39:50 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=A32A67D852B9023F26152D53E7D6BF5B6886F8FD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:3b:27:da:11:b3:b9:b1:27:9b:91:30:cb:4f: e2:d7:c9:f3:fd:1f:26:e8:c2:f5:02:c8:10:f0:51: c7:28:9f:d4:b1:52:f2:f4:36:1b:e7:f1:8e:6e:81: af:db:5c:cd:70:f3:00:8b:8a:ea:a8:c5:0b:af:72: d3:a9:2b:0d:1d:45:9e:ba:da:c5:74:7c:35:34:f2: 33:7f:fb:36:66:c3:77:d0:7c:a7:e8:35:9b:83:26: a3:e3:16:80:6f:a0:73:28:f7:68:d8:dc:4f:62:ed: 80:fb:0c:88:1d:f4:40:fd:59:54:3d:f6:a3:a6:0f: 21:f5:04:80:93:d7:93:29:56:a4:13:86:43:29:c7: 92:e6:53:7a:7c:c6:31:f0:64:de:50:c8:46:51:df: 54:c5:97:29:1f:52:71:6a:08:22:d9:ff:1c:75:a6: 5a:0d:ef:0a:0c:fc:ad:65:8f:5f:72:6f:a7:c4:8b: a6:0f:fc:08:35:10:3d:01:8b:43:2a:e0:b4:73:29: e1:28:d9:d1:ac:04:43:b5:82:87:4f:90:24:d4:bc: d8:77:d0:08:a1:91:b9:55:62:ab:2e:aa:8d:94:44: 52:b7:fe:94:82:59:26:a1:06:ba:02:d9:bd:4a:a1: eb:dd:7d:4b:f4:f8:56:13:15:08:7b:f6:ce:2b:81: 6a:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:2A:67:D8:52:B9:02:3F:26:15:2D:53:E7:D6:BF:5B:68:86:F8:FD X509v3 Authority Key Identifier: keyid:E5:C6:CE:FC:87:82:F8:97:31:A2:C7:29:66:ED:C1:81:DA:B5:AE:22 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/5cbO_IeC-JcxoscpZu3Bgdq1riI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5cbO_IeC-JcxoscpZu3Bgdq1riI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/oypn2FK5Aj8mFS1T59a_W2iG-P0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.98.94.0/23 Signature Algorithm: sha256WithRSAEncryption 8c:2e:9b:2c:45:f8:6f:d1:72:6f:96:7a:79:65:1b:ad:e9:c7: c6:56:17:2a:23:67:4c:dc:75:6d:00:f1:f9:2a:30:9f:b3:62: d4:b1:67:af:26:49:14:8b:cd:2c:c1:e9:f8:6e:c0:12:7e:91: 14:27:8d:71:eb:13:de:98:8e:be:33:58:23:1c:80:0b:00:12: 4d:62:7a:b8:27:e1:68:8b:d5:53:73:d9:c9:66:ad:87:46:ef: 58:92:3b:83:26:28:c3:6f:9e:36:e6:a6:b6:8f:70:ba:43:34: 94:ab:19:a7:0a:ae:bc:0d:23:7d:cc:f9:0a:9e:0f:f3:94:26: df:3e:f6:6c:c3:ee:03:43:49:2f:7e:40:32:fd:66:17:68:37: 11:9a:df:64:c7:56:3b:54:13:b5:4f:0a:2f:5b:8b:5f:c3:ce: 16:b4:c8:70:cf:30:12:94:6c:9a:84:45:c3:4c:38:a7:44:c5: 56:02:05:0c:84:8a:24:22:4b:3a:4a:11:12:68:2c:69:30:bf: 7b:8f:3e:77:68:22:8a:26:d4:56:1d:9b:97:d1:9a:79:f0:e0: 34:d5:2c:ed:f5:d7:ea:4b:b6:ad:88:09:7a:05:4a:51:03:99: 98:d4:f1:8f:86:6e:15:7a:0c:98:6d:7e:21:8c:68:57:c3:15: ae:f2:37:97 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICCv4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTVD NkNFRkM4NzgyRjg5NzMxQTJDNzI5NjZFREMxODFEQUI1QUUyMjAeFw0yNTA4MTcw MTM5NTBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEEzMkE2N0Q4NTJCOTAy M0YyNjE1MkQ1M0U3RDZCRjVCNjg4NkY4RkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD0OyfaEbO5sSebkTDLT+LXyfP9HybowvUCyBDwUccon9SxUvL0 Nhvn8Y5uga/bXM1w8wCLiuqoxQuvctOpKw0dRZ662sV0fDU08jN/+zZmw3fQfKfo NZuDJqPjFoBvoHMo92jY3E9i7YD7DIgd9ED9WVQ99qOmDyH1BICT15MpVqQThkMp x5LmU3p8xjHwZN5QyEZR31TFlykfUnFqCCLZ/xx1ploN7woM/K1lj19yb6fEi6YP /Ag1ED0Bi0Mq4LRzKeEo2dGsBEO1godPkCTUvNh30AihkblVYqsuqo2URFK3/pSC WSahBroC2b1KoevdfUv0+FYTFQh79s4rgWr7AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUoypn2FK5Aj8mFS1T59a/W2iG+P0wHwYDVR0jBBgwFoAU5cbO/IeC+Jcxoscp Zu3Bgdq1riIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 Mi81Y2JPX0llQy1KY3hvc2NwWnUzQmdkcTFyaUkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzVjYk9fSWVDLUpjeG9zY3BadTNCZ2RxMXJpSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjIvb3lwbjJGSzVBajht RlMxVDU5YV9XMmlHLVAwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWdiXjANBgkqhkiG9w0BAQsFAAOCAQEAjC6bLEX4b9Fyb5Z6eWUbrenHxlYX KiNnTNx1bQDx+Sown7Ni1LFnryZJFIvNLMHp+G7AEn6RFCeNcesT3piOvjNYIxyA CwASTWJ6uCfhaIvVU3PZyWath0bvWJI7gyYow2+eNuamto9wukM0lKsZpwquvA0j fcz5Cp4P85Qm3z72bMPuA0NJL35AMv1mF2g3EZrfZMdWO1QTtU8KL1uLX8POFrTI cM8wEpRsmoRFw0w4p0TFVgIFDISKJCJLOkoREmgsaTC/e48+d2giiibUVh2bl9Ga efDgNNUs7fXX6ku2rYgJegVKUQOZmNTxj4ZuFXoMmG1+IYxoV8MVrvI3lw== -----END CERTIFICATE-----Generated at Sun Aug 24 11:37:33 2025 by rpki-client