$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3262/yzmsTVIEzuNJXDuuckpjuTivMY0.roa File: yzmsTVIEzuNJXDuuckpjuTivMY0.roa (raw, json) Hash identifier: c+Ug3K1swi7tJthWONqiTNXk1HvvzSjF1RQ7HktXzZM= Subject key identifier: CB:39:AC:4D:52:04:CE:E3:49:5C:3B:AE:72:4A:63:B9:38:AF:31:8D Certificate issuer: /CN=E5C6CEFC8782F89731A2C72966EDC181DAB5AE22 Certificate serial: 0AFF Authority key identifier: E5:C6:CE:FC:87:82:F8:97:31:A2:C7:29:66:ED:C1:81:DA:B5:AE:22 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5cbO_IeC-JcxoscpZu3Bgdq1riI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/yzmsTVIEzuNJXDuuckpjuTivMY0.roa Signing time: Sun 17 Aug 2025 01:39:50 +0000 ROA not before: Sun 17 Aug 2025 01:39:50 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 37969 IP address blocks: 103.98.96.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/5cbO_IeC-JcxoscpZu3Bgdq1riI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/5cbO_IeC-JcxoscpZu3Bgdq1riI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5cbO_IeC-JcxoscpZu3Bgdq1riI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:02:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2815 (0xaff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E5C6CEFC8782F89731A2C72966EDC181DAB5AE22 Validity Not Before: Aug 17 01:39:50 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=CB39AC4D5204CEE3495C3BAE724A63B938AF318D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:a3:99:8b:10:5d:28:e1:ae:bd:91:ac:39:39: bf:ff:e8:ca:85:2f:d1:c0:3d:97:44:1c:19:ac:c2: 06:c8:d6:73:a3:a2:14:e8:82:b8:85:c0:0a:d6:fc: 94:e9:26:0c:0a:ac:99:26:96:24:2d:31:21:c9:c9: 10:08:07:86:ae:25:ac:70:48:58:56:6c:0c:f5:cf: fd:46:96:43:7b:d0:e4:ca:41:99:dd:58:3d:5d:42: 44:0a:84:c2:49:36:6b:0f:78:63:c3:71:69:11:cd: 58:8e:51:3c:60:26:1e:b6:39:fe:57:d0:68:e2:0a: d5:1b:d8:bf:14:e6:cd:66:17:18:95:a9:5a:28:2c: 2e:91:7d:5b:7d:c2:1a:e8:d8:5f:c7:31:90:6d:f8: 19:32:75:c4:31:02:37:cc:44:25:c0:da:59:b1:22: e6:15:80:bd:48:07:02:c1:67:3c:b6:6b:6f:6a:35: 26:4e:14:62:a7:57:d9:d2:aa:8a:ae:72:6b:17:4b: 32:92:b1:89:8b:77:e6:41:5e:39:85:28:6c:51:4f: bf:3c:a8:19:a5:3d:83:63:6f:38:9f:ac:b7:08:ac: 37:d0:6a:66:f9:08:27:c6:df:ae:d3:05:13:1b:b1: 6f:94:86:b0:d7:da:a6:aa:b8:2b:20:b0:17:66:61: 5e:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:39:AC:4D:52:04:CE:E3:49:5C:3B:AE:72:4A:63:B9:38:AF:31:8D X509v3 Authority Key Identifier: keyid:E5:C6:CE:FC:87:82:F8:97:31:A2:C7:29:66:ED:C1:81:DA:B5:AE:22 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/5cbO_IeC-JcxoscpZu3Bgdq1riI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5cbO_IeC-JcxoscpZu3Bgdq1riI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/yzmsTVIEzuNJXDuuckpjuTivMY0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.98.96.0/23 Signature Algorithm: sha256WithRSAEncryption 78:43:ed:0d:c2:f3:08:04:3e:6d:0a:73:04:6e:a0:a3:11:a0: 0e:ca:1a:67:0a:17:e0:b6:52:54:8f:30:07:7b:66:9c:f3:f7: 1a:d2:db:4a:91:e3:66:df:7a:70:b1:74:ee:aa:d0:ee:17:ed: 51:c5:d2:ba:dc:c0:e5:75:24:6d:b0:4c:f0:17:fb:7f:ec:e8: c9:41:1c:e4:dd:e9:2f:d2:fa:b0:86:07:25:8a:f9:da:3c:2e: 44:dd:1c:6f:04:8e:3e:54:bf:bd:2b:81:29:61:6d:e5:88:35: 28:13:8c:3c:0f:0b:6b:29:c6:3a:74:4b:2e:20:7c:e7:b6:13: b3:28:9f:c4:a8:8b:96:80:02:b8:f7:31:f7:64:68:8b:02:fe: b2:e7:2b:a2:42:88:50:15:bd:0a:07:15:e0:0c:b0:50:18:82: d1:9b:d1:9d:fb:99:46:30:c2:9b:f2:45:a3:a8:6b:d4:dd:1a: 0e:89:2a:eb:64:8b:a9:6e:20:cf:3c:78:d2:be:05:8c:23:14: dd:ec:2c:66:ee:b4:6c:0f:a7:32:c3:6c:ef:3c:e8:d7:f6:b7: 6d:3e:94:c1:b7:85:3b:2b:46:f9:0c:4f:90:79:98:e3:b0:93: e5:85:af:a3:df:06:ec:26:88:03:2c:ff:b7:ef:13:b0:ed:4c: be:60:64:a7 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICCv8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTVD NkNFRkM4NzgyRjg5NzMxQTJDNzI5NjZFREMxODFEQUI1QUUyMjAeFw0yNTA4MTcw MTM5NTBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENCMzlBQzRENTIwNENF RTM0OTVDM0JBRTcyNEE2M0I5MzhBRjMxOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDho5mLEF0o4a69kaw5Ob//6MqFL9HAPZdEHBmswgbI1nOjohTo griFwArW/JTpJgwKrJkmliQtMSHJyRAIB4auJaxwSFhWbAz1z/1GlkN70OTKQZnd WD1dQkQKhMJJNmsPeGPDcWkRzViOUTxgJh62Of5X0GjiCtUb2L8U5s1mFxiVqVoo LC6RfVt9whro2F/HMZBt+BkydcQxAjfMRCXA2lmxIuYVgL1IBwLBZzy2a29qNSZO FGKnV9nSqoqucmsXSzKSsYmLd+ZBXjmFKGxRT788qBmlPYNjbzifrLcIrDfQamb5 CCfG367TBRMbsW+UhrDX2qaquCsgsBdmYV5/AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUyzmsTVIEzuNJXDuuckpjuTivMY0wHwYDVR0jBBgwFoAU5cbO/IeC+Jcxoscp Zu3Bgdq1riIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 Mi81Y2JPX0llQy1KY3hvc2NwWnUzQmdkcTFyaUkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzVjYk9fSWVDLUpjeG9zY3BadTNCZ2RxMXJpSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjIveXptc1RWSUV6dU5K WER1dWNrcGp1VGl2TVkwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWdiYDANBgkqhkiG9w0BAQsFAAOCAQEAeEPtDcLzCAQ+bQpzBG6goxGgDsoa ZwoX4LZSVI8wB3tmnPP3GtLbSpHjZt96cLF07qrQ7hftUcXSutzA5XUkbbBM8Bf7 f+zoyUEc5N3pL9L6sIYHJYr52jwuRN0cbwSOPlS/vSuBKWFt5Yg1KBOMPA8LaynG OnRLLiB857YTsyifxKiLloACuPcx92RoiwL+sucrokKIUBW9CgcV4AywUBiC0ZvR nfuZRjDCm/JFo6hr1N0aDokq62SLqW4gzzx40r4FjCMU3ewsZu60bA+nMsNs7zzo 1/a3bT6UwbeFOytG+QxPkHmY47CT5YWvo98G7CaIAyz/t+8TsO1MvmBkpw== -----END CERTIFICATE-----Generated at Sun Aug 24 11:40:33 2025 by rpki-client