$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/3VY_snFQYoyffJTPYu_jfhNgTsc.roa File: 3VY_snFQYoyffJTPYu_jfhNgTsc.roa (raw, json) Hash identifier: MtbKmG2Hm5HGihMAtz5Fj7zJIraND0paao3yZaqKwnE= Subject key identifier: DD:56:3F:B2:71:50:62:8C:9F:7C:94:CF:62:EF:E3:7E:13:60:4E:C7 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1F23 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/3VY_snFQYoyffJTPYu_jfhNgTsc.roa Signing time: Tue 16 Sep 2025 05:50:55 +0000 ROA not before: Tue 16 Sep 2025 05:50:55 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 25743 IP address blocks: 103.221.28.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7971 (0x1f23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 16 05:50:55 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=DD563FB27150628C9F7C94CF62EFE37E13604EC7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:4f:8d:c9:69:30:f3:c3:5b:4e:d4:27:50:4e: c5:c7:68:8d:dc:97:96:e4:51:eb:e9:2b:46:e9:b3: 54:f5:1e:0b:db:fc:b1:46:ca:7f:c9:4d:7a:c1:b0: fd:fc:a9:1d:1d:f3:09:22:76:24:9a:08:8f:36:eb: e0:1e:cf:bf:05:6e:82:8e:c1:d2:9c:86:ad:71:86: 23:80:88:db:14:ad:9e:a7:70:83:ae:55:08:70:24: f8:ba:5c:33:20:b4:a2:4b:b7:bc:da:9b:e5:52:f9: 5b:f2:3e:6c:7b:b8:c7:6a:82:71:91:2b:19:93:45: f5:fa:02:df:cf:b7:20:63:df:ca:7b:67:ef:38:23: 13:2a:a5:5e:68:25:57:b0:61:40:a9:f2:8d:b8:44: e4:d5:07:be:9d:6b:32:20:63:b1:69:63:ee:65:36: 95:26:06:26:6e:f0:9f:7a:24:72:49:ee:f5:5d:f3: b0:3e:43:70:56:19:98:cd:e4:be:7e:f4:bf:e0:5d: 80:d2:91:66:c4:15:e9:37:63:4b:e9:0f:bb:fd:4a: 14:e5:a3:b7:0f:c5:91:d9:20:6e:e0:17:2a:c7:6b: 09:f4:9f:d5:64:75:c1:56:d6:74:aa:a0:e6:e0:c8: 34:e7:1e:66:8c:dc:f4:92:b1:25:7a:d2:eb:c4:13: 46:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:56:3F:B2:71:50:62:8C:9F:7C:94:CF:62:EF:E3:7E:13:60:4E:C7 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/3VY_snFQYoyffJTPYu_jfhNgTsc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.28.0/22 Signature Algorithm: sha256WithRSAEncryption 78:eb:e0:d7:45:f3:c5:bf:99:2b:f4:26:bb:aa:bd:ce:57:af: c6:72:25:9a:41:a6:11:3e:98:ec:42:f3:fa:d5:2b:b5:c0:fb: f0:e3:bc:b3:d2:ae:08:d4:2e:c4:cd:2f:45:0f:b5:16:ba:ff: 7f:4d:30:61:cd:bf:4e:11:15:e6:63:92:d0:03:fc:b8:5f:f9: fd:8e:93:47:6e:e4:43:80:31:a8:a1:49:48:78:42:c2:38:7c: 92:b1:af:3f:97:64:5d:b1:e7:17:e0:07:ab:25:16:1d:7d:85: 0b:d9:45:12:79:d8:eb:31:de:51:c5:0b:22:67:85:93:90:46: 0e:36:60:f0:35:c6:a6:80:57:d7:c9:7e:5a:62:03:58:43:c8: 26:a5:d2:91:7b:d2:77:0c:df:26:2a:d8:a3:f1:39:69:2f:47: 53:cf:bd:81:00:c8:75:ea:1c:67:bb:05:24:66:fb:d8:7b:49: 2c:c9:68:15:73:06:f1:25:d6:85:3f:d4:a4:01:c5:c5:b8:0d: 66:f5:18:62:4f:dc:c5:08:da:55:f3:b3:4d:06:9e:83:60:a8: 0e:a1:ba:97:7b:57:6f:e1:f9:26:17:a4:1f:14:63:e1:93:fc: bc:e0:3e:09:47:f3:8f:a2:ef:7b:b9:1d:f4:a9:c4:26:98:62: 2e:14:a4:1a -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHyMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA5MTYw NTUwNTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKERENTYzRkIyNzE1MDYy OEM5RjdDOTRDRjYyRUZFMzdFMTM2MDRFQzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzT43JaTDzw1tO1CdQTsXHaI3cl5bkUevpK0bps1T1Hgvb/LFG yn/JTXrBsP38qR0d8wkidiSaCI826+Aez78FboKOwdKchq1xhiOAiNsUrZ6ncIOu VQhwJPi6XDMgtKJLt7zam+VS+VvyPmx7uMdqgnGRKxmTRfX6At/PtyBj38p7Z+84 IxMqpV5oJVewYUCp8o24ROTVB76dazIgY7FpY+5lNpUmBiZu8J96JHJJ7vVd87A+ Q3BWGZjN5L5+9L/gXYDSkWbEFek3Y0vpD7v9ShTlo7cPxZHZIG7gFyrHawn0n9Vk dcFW1nSqoObgyDTnHmaM3PSSsSV60uvEE0YxAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU3VY/snFQYoyffJTPYu/jfhNgTscwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzNWWV9zbkZRWW95ZmZK VFBZdV9qZmhOZ1RzYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3RwwDQYJKoZIhvcNAQELBQADggEBAHjr4NdF88W/mSv0Jruqvc5Xr8ZyJZpB phE+mOxC8/rVK7XA+/DjvLPSrgjULsTNL0UPtRa6/39NMGHNv04RFeZjktAD/Lhf +f2Ok0du5EOAMaihSUh4QsI4fJKxrz+XZF2x5xfgB6slFh19hQvZRRJ52Osx3lHF CyJnhZOQRg42YPA1xqaAV9fJflpiA1hDyCal0pF70ncM3yYq2KPxOWkvR1PPvYEA yHXqHGe7BSRm+9h7SSzJaBVzBvEl1oU/1KQBxcW4DWb1GGJP3MUI2lXzs00GnoNg qA6hupd7V2/h+SYXpB8UY+GT/LzgPglH84+i73u5HfSpxCaYYi4UpBo= -----END CERTIFICATE-----Generated at Mon Oct 20 13:13:42 2025 by rpki-client