$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/654/l_MfvNTnzBZLPKSnaEcPlRuQYkE.roa File: l_MfvNTnzBZLPKSnaEcPlRuQYkE.roa (raw, json) Hash identifier: g1JlaWRQx7eY93533lfTF3SPZVWvPqSI3xpvRqNIF7o= Subject key identifier: 97:F3:1F:BC:D4:E7:CC:16:4B:3C:A4:A7:68:47:0F:95:1B:90:62:41 Certificate issuer: /CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Certificate serial: 1747 Authority key identifier: DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/l_MfvNTnzBZLPKSnaEcPlRuQYkE.roa Signing time: Sat 13 Sep 2025 03:06:20 +0000 ROA not before: Sat 13 Sep 2025 03:06:20 +0000 ROA not after: Mon 03 Aug 2026 08:44:40 +0000 asID: 63199 IP address blocks: 106.3.139.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 04:06:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5959 (0x1747) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Validity Not Before: Sep 13 03:06:20 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=97F31FBCD4E7CC164B3CA4A768470F951B906241 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:87:4e:9e:4a:dd:61:86:07:8e:a6:d1:79:cb: 51:00:d4:e7:f7:e2:a3:30:85:c1:11:9a:5b:23:00: 5c:a5:7a:75:ba:38:78:28:cf:72:58:f1:5f:3d:ec: 80:7b:99:a4:65:29:a5:76:34:4a:70:40:10:00:a0: 59:85:e9:cb:9f:98:0d:7e:4b:1f:b1:a8:19:e6:8c: fb:b0:70:42:6e:c6:a3:4a:2f:f2:b2:ee:04:91:5f: f3:c6:54:36:c7:10:b6:e0:34:cf:8a:0d:e4:6e:39: f6:1c:24:59:18:6e:6e:ca:ce:4f:c5:93:c8:13:76: e8:52:26:ef:3c:67:57:09:2c:de:04:25:ab:d5:f1: 46:06:92:a7:b7:25:34:d8:d6:df:26:ae:21:ac:4a: 1d:80:51:5e:f3:85:c0:45:5d:4a:d7:81:a7:f1:e8: 05:08:ca:2a:38:5e:4c:f8:e9:bb:b6:fc:bc:fc:ab: 29:76:b4:0b:30:f2:bc:a9:5c:72:1c:15:25:d5:74: c3:a9:61:9a:98:ba:2c:c2:6d:be:2d:61:29:6c:14: 40:06:79:2b:52:7b:79:fb:74:62:59:db:d5:5d:fb: 4f:53:b2:f6:8b:db:62:b3:3b:16:dd:62:8a:c7:61: a6:c8:4a:ca:14:4b:de:82:42:15:20:07:6e:e8:45: 7c:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:F3:1F:BC:D4:E7:CC:16:4B:3C:A4:A7:68:47:0F:95:1B:90:62:41 X509v3 Authority Key Identifier: keyid:DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/l_MfvNTnzBZLPKSnaEcPlRuQYkE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.3.139.0/24 Signature Algorithm: sha256WithRSAEncryption 38:0d:f6:2c:ad:e6:93:36:87:f8:fc:0a:dd:32:cb:92:e5:87: 63:f4:b7:e5:e0:f1:65:da:ea:3d:a8:6e:41:99:b8:18:2b:44: 2f:07:63:16:de:6b:4b:3d:73:7f:99:01:83:71:74:9d:2f:eb: 94:61:99:49:34:54:b3:a1:50:c4:f4:da:2a:46:2f:fe:34:75: 26:da:b0:54:fc:73:f1:e0:14:47:4e:55:c4:cd:8d:ff:ac:f8: 4c:59:5e:20:a1:6c:80:43:3d:a5:95:a2:0a:26:37:14:14:52: be:59:b5:5b:b9:9a:6b:45:f1:e4:7e:0a:8c:12:37:7c:92:ad: ed:f9:07:48:04:2c:07:b7:8e:0c:07:3a:ca:83:eb:1c:c8:7f: 86:16:92:75:88:33:d0:57:95:8a:0f:0e:a6:a9:18:e8:4f:1f: 49:38:9d:ec:c9:0d:cc:f4:36:2e:db:8e:ec:bf:b8:d8:07:d6: 0e:96:8a:8a:84:31:f6:8d:44:81:1b:24:79:32:4a:fe:4f:63: 24:19:ae:b2:f2:e2:d0:92:5b:18:36:c8:be:e1:f6:65:cd:d0: 1b:ef:dd:3a:56:b0:a2:9a:9e:a5:cc:3b:21:6c:dd:dd:33:06: e0:3d:68:bd:c3:76:09:ba:94:01:96:ff:6f:7e:90:18:2f:f3: 47:1d:ea:e6 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICF0cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREE5 OTNGRTVDMDRGRjlGMjJDNTI2MjYzMEJFQzM3RjVCM0E3ODI4NTAeFw0yNTA5MTMw MzA2MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDk3RjMxRkJDRDRFN0ND MTY0QjNDQTRBNzY4NDcwRjk1MUI5MDYyNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVh06eSt1hhgeOptF5y1EA1Of34qMwhcERmlsjAFylenW6OHgo z3JY8V897IB7maRlKaV2NEpwQBAAoFmF6cufmA1+Sx+xqBnmjPuwcEJuxqNKL/Ky 7gSRX/PGVDbHELbgNM+KDeRuOfYcJFkYbm7Kzk/Fk8gTduhSJu88Z1cJLN4EJavV 8UYGkqe3JTTY1t8mriGsSh2AUV7zhcBFXUrXgafx6AUIyio4Xkz46bu2/Lz8qyl2 tAsw8rypXHIcFSXVdMOpYZqYuizCbb4tYSlsFEAGeStSe3n7dGJZ29Vd+09TsvaL 22KzOxbdYorHYabISsoUS96CQhUgB27oRXx7AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUl/MfvNTnzBZLPKSnaEcPlRuQYkEwHwYDVR0jBBgwFoAU2pk/5cBP+fIsUmJj C+w39bOngoUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0 LzJwa181Y0JQLWZJc1VtSmpDLXczOWJPbmdvVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMnBrXzVjQlAtZklzVW1KakMtdzM5Yk9uZ29VLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0L2xfTWZ2TlRuekJaTFBL U25hRWNQbFJ1UVlrRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABqA4swDQYJKoZIhvcNAQELBQADggEBADgN9iyt5pM2h/j8Ct0yy5Llh2P0t+Xg 8WXa6j2obkGZuBgrRC8HYxbea0s9c3+ZAYNxdJ0v65RhmUk0VLOhUMT02ipGL/40 dSbasFT8c/HgFEdOVcTNjf+s+ExZXiChbIBDPaWVogomNxQUUr5ZtVu5mmtF8eR+ CowSN3ySre35B0gELAe3jgwHOsqD6xzIf4YWknWIM9BXlYoPDqapGOhPH0k4nezJ Dcz0Ni7bjuy/uNgH1g6WioqEMfaNRIEbJHkySv5PYyQZrrLy4tCSWxg2yL7h9mXN 0Bvv3TpWsKKanqXMOyFs3d0zBuA9aL3Ddgm6lAGW/29+kBgv80cd6uY= -----END CERTIFICATE-----Generated at Mon Oct 20 00:04:28 2025 by rpki-client