$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3379/Yt1rWitTpI1LYpgB3rMqGL-AkFQ.roa File: Yt1rWitTpI1LYpgB3rMqGL-AkFQ.roa (raw, json) Hash identifier: TYveaS8iwd4jOZnVvcqKG063tVMkxAa8NQEz4EASG0Q= Subject key identifier: 62:DD:6B:5A:2B:53:A4:8D:4B:62:98:01:DE:B3:2A:18:BF:80:90:54 Certificate issuer: /CN=2CB237ABE1A66A755DA9545795F1DD229F0E0311 Certificate serial: 0E Authority key identifier: 2C:B2:37:AB:E1:A6:6A:75:5D:A9:54:57:95:F1:DD:22:9F:0E:03:11 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLI3q-GmanVdqVRXlfHdIp8OAxE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3379/Yt1rWitTpI1LYpgB3rMqGL-AkFQ.roa Signing time: Fri 27 Jun 2025 08:41:04 +0000 ROA not before: Fri 27 Jun 2025 08:41:04 +0000 ROA not after: Thu 25 Jun 2026 05:55:52 +0000 asID: 139187 IP address blocks: 165.101.70.0/23 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3379/LLI3q-GmanVdqVRXlfHdIp8OAxE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3379/LLI3q-GmanVdqVRXlfHdIp8OAxE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLI3q-GmanVdqVRXlfHdIp8OAxE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 10:14:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14 (0xe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2CB237ABE1A66A755DA9545795F1DD229F0E0311 Validity Not Before: Jun 27 08:41:04 2025 GMT Not After : Jun 25 05:55:52 2026 GMT Subject: CN=62DD6B5A2B53A48D4B629801DEB32A18BF809054 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:d5:30:0f:df:78:08:49:10:98:5a:ef:67:76: 20:3c:e8:a2:eb:5b:27:30:3d:72:58:db:a6:64:a1: 2e:74:66:b2:7d:f2:a9:78:5d:d8:36:76:f1:9c:4f: d2:0e:2d:81:38:bf:a7:ba:03:78:70:fc:9b:e0:e7: 5e:4f:a0:22:0e:f0:f6:83:85:77:2a:83:9a:7b:b1: 9c:6b:3d:23:8e:78:bb:06:df:0d:92:5d:33:de:d6: 58:17:1b:7a:87:c3:52:cd:5e:60:90:59:20:ce:e5: fc:2c:b4:17:76:55:a3:a9:28:35:70:bd:16:73:de: d2:69:3f:59:07:61:e2:28:1a:43:a4:e6:e4:f2:21: 2a:44:a7:3d:c9:3a:81:7c:ab:94:3c:29:61:a5:70: 0a:52:a3:24:48:f5:cd:ba:d7:3a:3a:45:7a:e2:b8: 47:d4:b3:49:fd:92:7c:d7:ce:06:8c:17:ad:c9:d3: 59:d5:a8:c2:ae:c4:7e:de:35:b0:57:cd:3e:c7:c1: b1:cb:c9:73:60:cc:cc:09:c2:bf:01:a1:45:b2:0b: b9:43:ad:d9:b4:35:b9:b2:7f:c7:d1:83:75:d0:65: a2:e0:6e:fc:00:29:bd:05:25:31:a7:be:a1:33:b7: 6f:a1:a0:be:ec:5e:aa:0d:1a:0e:9d:cb:97:b7:3b: db:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:DD:6B:5A:2B:53:A4:8D:4B:62:98:01:DE:B3:2A:18:BF:80:90:54 X509v3 Authority Key Identifier: keyid:2C:B2:37:AB:E1:A6:6A:75:5D:A9:54:57:95:F1:DD:22:9F:0E:03:11 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3379/LLI3q-GmanVdqVRXlfHdIp8OAxE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLI3q-GmanVdqVRXlfHdIp8OAxE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3379/Yt1rWitTpI1LYpgB3rMqGL-AkFQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 165.101.70.0/23 Signature Algorithm: sha256WithRSAEncryption 7e:11:9d:b2:fc:21:ad:92:c1:5a:be:ff:c4:bb:8c:06:65:73: e7:26:aa:4a:b4:b3:88:78:12:3e:d2:f3:4a:3e:74:3e:c6:92: 68:8a:93:99:9b:1f:90:61:cd:83:f0:4a:b0:5d:6c:8a:72:16: 95:77:3d:b6:63:57:41:ee:da:d1:b9:c9:91:4d:b3:87:d6:e7: d8:1d:a8:2b:23:2e:49:a1:d3:6b:ab:f1:52:06:ba:61:70:c6: 22:16:1a:d4:95:fb:40:4d:6d:fe:a6:fc:03:c2:ac:a7:9f:fc: 97:b4:b9:09:98:98:6a:c6:33:e5:df:8d:e1:00:77:02:07:ab: 79:99:56:ce:c8:48:d4:08:83:b7:e1:43:e1:61:c7:88:59:25: a2:b1:14:9f:0f:63:9d:df:a9:1f:1a:0b:e3:2b:18:86:84:61: 04:6f:b0:c7:e4:62:4b:39:f2:eb:f1:90:b7:1a:a2:2b:c2:72: e4:8c:4d:74:40:19:1b:c3:ff:bb:3b:c1:e4:1e:71:c9:02:d3: c3:d0:70:8f:c3:be:8f:2c:1d:e7:da:0a:f8:08:dc:13:a5:f4: fc:08:d5:15:7d:6a:67:a2:9c:26:65:fa:51:63:1c:00:c9:c7: 1b:74:e1:f8:f8:3f:45:01:e1:7f:e4:9d:04:10:26:31:1e:2e: c5:be:0e:2c -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyQ0Iy MzdBQkUxQTY2QTc1NURBOTU0NTc5NUYxREQyMjlGMEUwMzExMB4XDTI1MDYyNzA4 NDEwNFoXDTI2MDYyNTA1NTU1MlowMzExMC8GA1UEAxMoNjJERDZCNUEyQjUzQTQ4 RDRCNjI5ODAxREVCMzJBMThCRjgwOTA1NDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAJjVMA/feAhJEJha72d2IDzooutbJzA9cljbpmShLnRmsn3yqXhd 2DZ28ZxP0g4tgTi/p7oDeHD8m+DnXk+gIg7w9oOFdyqDmnuxnGs9I454uwbfDZJd M97WWBcbeofDUs1eYJBZIM7l/Cy0F3ZVo6koNXC9FnPe0mk/WQdh4igaQ6Tm5PIh KkSnPck6gXyrlDwpYaVwClKjJEj1zbrXOjpFeuK4R9SzSf2SfNfOBowXrcnTWdWo wq7Eft41sFfNPsfBscvJc2DMzAnCvwGhRbILuUOt2bQ1ubJ/x9GDddBlouBu/AAp vQUlMae+oTO3b6Ggvuxeqg0aDp3Ll7c72xMCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBRi3WtaK1OkjUtimAHesyoYv4CQVDAfBgNVHSMEGDAWgBQssjer4aZqdV2pVFeV 8d0inw4DETAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMzc5 L0xMSTNxLUdtYW5WZHFWUlhsZkhkSXA4T0F4RS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTExJM3EtR21hblZkcVZSWGxmSGRJcDhPQXhFLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM3OS9ZdDFyV2l0VHBJMUxZ cGdCM3JNcUdMLUFrRlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBpWVGMA0GCSqGSIb3DQEBCwUAA4IBAQB+EZ2y/CGtksFavv/Eu4wGZXPnJqpK tLOIeBI+0vNKPnQ+xpJoipOZmx+QYc2D8EqwXWyKchaVdz22Y1dB7trRucmRTbOH 1ufYHagrIy5JodNrq/FSBrphcMYiFhrUlftATW3+pvwDwqynn/yXtLkJmJhqxjPl 343hAHcCB6t5mVbOyEjUCIO34UPhYceIWSWisRSfD2Od36kfGgvjKxiGhGEEb7DH 5GJLOfLr8ZC3GqIrwnLkjE10QBkbw/+7O8HkHnHJAtPD0HCPw76PLB3n2gr4CNwT pfT8CNUVfWpnopwmZfpRYxwAyccbdOH4+D9FAeF/5J0EECYxHi7Fvg4s -----END CERTIFICATE-----Generated at Sat Jul 5 09:45:56 2025 by rpki-client